urlscan.io logo urlscan.io
SecurityTrails logo

tuihoctaichinh.com Open in urlscan Pro
198.20.70.139  Public Scan

Go To Rescan Add Verdict Report
URL: http://tuihoctaichinh.com/
Submission: On March 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 6 countries across 26 domains to perform 84 HTTP transactions. The main IP is 198.20.70.139, located in United States and belongs to SINGLEHOP-LLC, US. The main domain is tuihoctaichinh.com.
This is the only time tuihoctaichinh.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
23 198.20.70.139 32475 (SINGLEHOP...)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42::485 54113 (FASTLY)
2 192.0.76.3 2635 (AUTOMATTIC)
1 136.243.63.184 24940 (HETZNER-AS)
9 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 4 2a03:2880:f17... 32934 (FACEBOOK)
3 185.29.134.245 30419 (MEDIAMATH...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 138.201.84.245 24940 (HETZNER-AS)
1 2.18.233.201 16625 (AKAMAI-AS)
4 138.201.135.164 24940 (HETZNER-AS)
2 2 145.239.193.130 16276 (OVH)
1 88.198.250.30 24940 (HETZNER-AS)
1 2a0b:4d07:2::3 44239 (PROINITY ...)
1 2 2a01:4f8:d0a:... 24940 (HETZNER-AS)
1 49.12.22.42 24940 (HETZNER-AS)
1 52.56.125.139 16509 (AMAZON-02)
1 2 142.250.186.70 15169 (GOOGLE)
1 1 94.23.99.218 16276 (OVH)
1 54.76.176.197 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.66.147.52 16509 (AMAZON-02)
1 99.86.4.94 16509 (AMAZON-02)
2 13.41.33.70 16509 (AMAZON-02)
84 30
23    198.20.70.139 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: phx26.stablehost.com
tuihoctaichinh.com
2    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
1    136.243.63.184 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: xip08.oneall.com
tuihoctaichinh.api.oneall.com
9    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
adservice.google.de
2    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    185.29.134.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
2    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    138.201.84.245 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.245.84.201.138.clients.your-server.de
hal9000.redintelligence.net
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
4    138.201.135.164 (St. Ingbert, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.135.201.138.clients.your-server.de
hal900015.redintelligence.net
2    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
1    88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de
pb.media01.eu
1    2a0b:4d07:2::3 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
adv.office-partner.de
2    2a01:4f8:d0a:2321::2 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
cdn.retailads.net
1    49.12.22.42 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-3.futalis.de
futalis.de
1    52.56.125.139 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-56-125-139.eu-west-2.compute.amazonaws.com
track.webgains.com
2    142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
5994599.fls.doubleclick.net
1    94.23.99.218 (France)

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu
medialead.de
1    54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
ad-server.eu
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.66.147.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-52.fra60.r.cloudfront.net
analytics.webgains.io
1    99.86.4.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-94.fra6.r.cloudfront.net
cdn.track.production.webgains.team
2    13.41.33.70 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-41-33-70.eu-west-2.compute.amazonaws.com
api.webgains.io
Apex Domain
Subdomains		 Transfer
23 tuihoctaichinh.com
tuihoctaichinh.com
346 KB
9 gstatic.com
fonts.gstatic.com
123 KB
8 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 32554
hal900015.redintelligence.net — Cisco Umbrella Rank: 283348
53 KB
8 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
tpc.googlesyndication.com — Cisco Umbrella Rank: 136
238 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 28
5994599.fls.doubleclick.net — Cisco Umbrella Rank: 137377
22 KB
4 mathtag.com
tags.mathtag.com — Cisco Umbrella Rank: 4326
pixel.mathtag.com — Cisco Umbrella Rank: 982
3 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
2 KB
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 18377
api.webgains.io — Cisco Umbrella Rank: 46446
32 KB
3 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 44493
medialead.de — Cisco Umbrella Rank: 44071
1 KB
2 retailads.net
cdn.retailads.net — Cisco Umbrella Rank: 99925
6 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 65
718 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 145
89 KB
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 2681
pixel.wp.com — Cisco Umbrella Rank: 2515
3 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
1 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 43325
438 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 41
41 KB
1 ad-server.eu
ad-server.eu — Cisco Umbrella Rank: 92567
312 B
1 webgains.com
track.webgains.com — Cisco Umbrella Rank: 36504
2 KB
1 futalis.de
futalis.de — Cisco Umbrella Rank: 144638
401 B
1 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 111395
931 B
1 media01.eu
pb.media01.eu — Cisco Umbrella Rank: 44068
629 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 186
49 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8682
531 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 863
609 B
1 oneall.com
tuihoctaichinh.api.oneall.com
13 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 337
258 KB
84 26
Domain Requested by
23 tuihoctaichinh.com tuihoctaichinh.com
9 fonts.gstatic.com fonts.googleapis.com
6 pagead2.googlesyndication.com tuihoctaichinh.com
pagead2.googlesyndication.com
4 hal900015.redintelligence.net hal9000.redintelligence.net
hal900015.redintelligence.net
4 hal9000.redintelligence.net tuihoctaichinh.com
hal900015.redintelligence.net
4 www.facebook.com 2 redirects connect.facebook.net
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
3 tags.mathtag.com googleads.g.doubleclick.net
tags.mathtag.com
2 api.webgains.io analytics.webgains.io
2 5994599.fls.doubleclick.net 1 redirects tuihoctaichinh.com
2 cdn.retailads.net 1 redirects futalis.de
2 pv.medialead.de 2 redirects
2 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
2 adservice.google.com pagead2.googlesyndication.com
5994599.fls.doubleclick.net
2 connect.facebook.net tuihoctaichinh.com
connect.facebook.net
2 fonts.googleapis.com tuihoctaichinh.com
hal900015.redintelligence.net
1 cdn.track.production.webgains.team googleads.g.doubleclick.net
1 analytics.webgains.io track.webgains.com
1 www.googletagmanager.com adv.office-partner.de
1 ad-server.eu googleads.g.doubleclick.net
1 medialead.de 1 redirects
1 track.webgains.com tuihoctaichinh.com
1 futalis.de hal900015.redintelligence.net
1 adv.office-partner.de hal900015.redintelligence.net
1 pb.media01.eu hal900015.redintelligence.net
1 pixel.mathtag.com tags.mathtag.com
1 www.googletagservices.com googleads.g.doubleclick.net
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 pixel.wp.com tuihoctaichinh.com
1 tuihoctaichinh.api.oneall.com tuihoctaichinh.com
1 stats.wp.com tuihoctaichinh.com
1 cdn.jsdelivr.net tuihoctaichinh.com
84 33

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
bit.ly
wordpress.org
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-10 -
2023-03-17		 2 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-18 -
2023-04-25		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
redintelligence.net
R3		 2023-02-08 -
2023-05-09		 3 months crt.sh
pixel.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-05		 a year crt.sh
*.media01.eu
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-05-20 -
2023-05-21		 a year crt.sh
adv.office-partner.de
R3		 2023-03-02 -
2023-05-31		 3 months crt.sh
*.futalis.de
R3		 2023-02-16 -
2023-05-17		 3 months crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-02-22 -
2023-07-13		 5 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
cdn.retailads.net
Encryption Everywhere DV TLS CA - G1		 2022-06-17 -
2023-06-18		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.webgains.io
Amazon RSA 2048 M02		 2023-03-02 -
2023-09-21		 7 months crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M01		 2023-02-28 -
2023-10-28		 8 months crt.sh

This page contains 11 frames:

Primary Page: http://tuihoctaichinh.com/
Frame ID: 61B5D447652C73BB0DDB053B560BD74E
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230307/r20190131/zrt_lookup.html
Frame ID: F34456B127BDCB95BE1B23FFFC28CFA6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9785533834415065&output=html&adk=1812271804&adf=3025194257&lmt=1678393220&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=http%3A%2F%2Ftuihoctaichinh.com%2F&ea=0&pra=5&wgl=1&dt=1678393220421&bpp=5&bdt=906&idt=196&shv=r20230307&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=883741237089&frm=20&pv=2&ga_vid=2087292303.1678393221&ga_sid=1678393221&ga_hid=1631592750&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44777876%2C44774292&oid=2&pvsid=84248036881030&tmod=2093322584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=243
Frame ID: B0B21C8EA4AEB0110D2CB63DDAD2636D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9785533834415065&output=html&h=250&slotname=3987083038&adk=1746836503&adf=28996181&pi=t.ma~as.3987083038&w=300&lmt=1678393220&format=300x250&url=http%3A%2F%2Ftuihoctaichinh.com%2F&wgl=1&dt=1678393220426&bpp=1&bdt=912&idt=245&shv=r20230307&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=883741237089&frm=20&pv=1&ga_vid=2087292303.1678393221&ga_sid=1678393221&ga_hid=1631592750&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1132&ady=582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44777876%2C44774292&oid=2&pvsid=84248036881030&tmod=2093322584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=XqlIp1w0eL&p=http%3A//tuihoctaichinh.com&dtd=250
Frame ID: 1670613AD9C3CC92E3B09BE31A920D51
Requests: 17 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df302d8a9b1b384c%2526domain%253Dtuihoctaichinh.com%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Ftuihoctaichinh.com%25252Ff3500e6b727660c%2526relation%253Dparent.parent%26container_width%3D215%26height%3D455%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Ftuihoctaichinh%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D341
Frame ID: 50E8B2F792A846A7EA227B9C5CF229F1
Requests: 1 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=60870300195724000951393012258015&actionid=981741&produktid=&dt_url=
Frame ID: 55E296941F4A8663F4CD1B8F2CE408B0
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 08C420E922157F87AE7BE355EF327D42
Requests: 2 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2391955529
Frame ID: 5F156C9288BA638E182F1D19E14BE637
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNqKvv7Vz_0CFUXMOwIdLK4Nbw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3095964519860.488
Frame ID: DA826F0AA958A11D903FBB1B12E70753
Requests: 2 HTTP requests in this frame

Frame: https://hal900015.redintelligence.net/request_content.php?s=60870300195724000951393012258015&a=1be0e8bd
Frame ID: 556608EF780DA4CC17A68013D4EEB487
Requests: 9 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1835482928fd48%2526domain%253Dtuihoctaichinh.com%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Ftuihoctaichinh.com%25252Ff3500e6b727660c%2526relation%253Dparent.parent%26container_width%3D0%26height%3D455%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Ftuihoctaichinh%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D341
Frame ID: B38E27F087AA9DFD4AA799BF5855C091
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Tui học Tài Chính

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

84
Requests

55 %
HTTPS

45 %
IPv6

26
Domains

33
Subdomains

30
IPs

6
Countries

1284 kB
Transfer

3647 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • http://cdn.jsdelivr.net/npm/mathjax@3/es5/tex-chtml.js?ver=5.6.10 HTTP 307
  • https://cdn.jsdelivr.net/npm/mathjax@3/es5/tex-chtml.js?ver=5.6.10
Request Chain 37
  • http://connect.facebook.net/en_US/sdk.js HTTP 307
  • https://connect.facebook.net/en_US/sdk.js
Request Chain 46
  • https://www.facebook.com/v2.3/plugins/page.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df302d8a9b1b384c%26domain%3Dtuihoctaichinh.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Ftuihoctaichinh.com%252Ff3500e6b727660c%26relation%3Dparent.parent&container_width=215&height=455&hide_cover=false&hide_cta=false&href=https%3A%2F%2Fwww.facebook.com%2Ftuihoctaichinh&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=false&width=341 HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df302d8a9b1b384c%2526domain%253Dtuihoctaichinh.com%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Ftuihoctaichinh.com%25252Ff3500e6b727660c%2526relation%253Dparent.parent%26container_width%3D215%26height%3D455%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Ftuihoctaichinh%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D341
Request Chain 58
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=60870300195724000951393012258015&t=htlp HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=60870300195724000951393012258015&actionid=981741&produktid=&dt_url=
Request Chain 60
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=60870300195724000951393012258015&ra_cnt_active=1&ra_cnt=1 HTTP 302
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2391955529
Request Chain 62
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3095964519860.488 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CNqKvv7Vz_0CFUXMOwIdLK4Nbw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3095964519860.488
Request Chain 64
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=60870300195724000951393012258015 HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=60870300195724000951393012258015 HTTP 302
  • https://ad-server.eu/wm/pb/native.png
Request Chain 79
  • https://www.facebook.com/v2.3/plugins/page.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1835482928fd48%26domain%3Dtuihoctaichinh.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Ftuihoctaichinh.com%252Ff3500e6b727660c%26relation%3Dparent.parent&container_width=0&height=455&hide_cover=false&hide_cta=false&href=https%3A%2F%2Fwww.facebook.com%2Ftuihoctaichinh&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=false&width=341 HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1835482928fd48%2526domain%253Dtuihoctaichinh.com%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Ftuihoctaichinh.com%25252Ff3500e6b727660c%2526relation%253Dparent.parent%26container_width%3D0%26height%3D455%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Ftuihoctaichinh%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D341

84 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
tuihoctaichinh.com/ 		26 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://tuihoctaichinh.com/
Protocol
HTTP/1.1
Server
198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
phx26.stablehost.com
Software
LiteSpeed /
Resource Hash
24826653ceff31e5f87fe497b95655e247131b8ff9fb58160b090bd18ad63c24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-encoding
gzip
content-length
7485
content-type
text/html; charset=UTF-8
date
Thu, 09 Mar 2023 20:20:19 GMT
link
<http://tuihoctaichinh.com/wp-json/>; rel="https://api.w.org/" <http://tuihoctaichinh.com/wp-json/wp/v2/pages/42>; rel="alternate"; type="application/json" <https://wp.me/P7ciJd-G>; rel=shortlink
server
LiteSpeed
strict-transport-security
max-age=31536000
vary
Accept-Encoding
style.min.css
tuihoctaichinh.com/wp-includes/css/dist/block-library/ 		50 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://tuihoctaichinh.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6.10
Requested by
Host: tuihoctaichinh.com
URL: http://tuihoctaichinh.com/
Protocol
HTTP/1.1
Server
198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
phx26.stablehost.com
Software
LiteSpeed /
Resource Hash
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tuihoctaichinh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 20:20:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Mon, 22 Feb 2021 17:02:08 GMT
server
LiteSpeed
etag
"c88a-6033e390-70f4afad283aef3b;gz"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
9612
expires
Thu, 16 Mar 2023 20:20:19 GMT
styles.css
tuihoctaichinh.com/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://tuihoctaichinh.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.1
Requested by
Host: tuihoctaichinh.com
URL: http://tuihoctaichinh.com/
Protocol
HTTP/1.1
Server
198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
phx26.stablehost.com
Software
LiteSpeed /
Resource Hash
070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tuihoctaichinh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 20:20:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 15 Jun 2021 15:14:01 GMT
server
LiteSpeed
etag
"a50-60c8c3b9-c5c5c366be31baee;gz"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
1004
expires
Thu, 16 Mar 2023 20:20:19 GMT
all.min.css
tuihoctaichinh.com/wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/5.15.1/css/ 		58 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://tuihoctaichinh.com/wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/5.15.1/css/all.min.css?ver=2.4.2.3
Requested by
Host: tuihoctaichinh.com
URL: http://tuihoctaichinh.com/
Protocol
HTTP/1.1
Server
198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
phx26.stablehost.com
Software
LiteSpeed /
Resource Hash
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tuihoctaichinh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 20:20:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 15 Jun 2021 15:13:55 GMT
server
LiteSpeed
etag
"e7d0-60c8c3b3-66a2a228070f8e02;gz"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
14342
expires
Thu, 16 Mar 2023 20:20:19 GMT
v4-shims.min.css
tuihoctaichinh.com/wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/5.15.1/css/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://tuihoctaichinh.com/wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/5.15.1/css/v4-shims.min.css?ver=2.4.2.3
Requested by
Host: tuihoctaichinh.com
URL: http://tuihoctaichinh.com/
Protocol
HTTP/1.1
Server
198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
phx26.stablehost.com
Software
LiteSpeed /
Resource Hash
fda3035030d3843c2751dc0da65fb802230ec00a4008aeed83ddddc7b97cbc93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tuihoctaichinh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 20:20:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 15 Jun 2021 15:13:55 GMT
server
LiteSpeed
etag
"684e-60c8c3b3-1c99aa4007cc1c43;gz"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
4642
expires
Thu, 16 Mar 2023 20:20:19 GMT
bootstrap.css
tuihoctaichinh.com/wp-content/themes/nisarg/css/ 		144 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://tuihoctaichinh.com/wp-content/themes/nisarg/css/bootstrap.css?ver=5.6.10
Requested by
Host: tuihoctaichinh.com
URL: http://tuihoctaichinh.com/
Protocol
HTTP/1.1
Server
198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
phx26.stablehost.com
Software
LiteSpeed /
Resource Hash
ef9c554bca3ce5b9f978b626ff8c3a441c0468af2599bdb4e9b6b32f6743f058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tuihoctaichinh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 20:20:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 17 Feb 2021 01:41:45 GMT
server
LiteSpeed
etag
"23fe6-602c7459-508ed55b94b61fb3;gz"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
28050
expires
Thu, 16 Mar 2023 20:20:19 GMT
style.css
tuihoctaichinh.com/wp-content/themes/nisarg/ 		34 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://tuihoctaichinh.com/wp-content/themes/nisarg/style.css?ver=5.6.10
Requested by
Host: tuihoctaichinh.com
URL: http://tuihoctaichinh.com/
Protocol
HTTP/1.1
Server
198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
phx26.stablehost.com
Software
LiteSpeed /
Resource Hash
f3aa1e85d3226abb38f698ad6c5d7a64c52dacdb4bbd14191c079b63d960780b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tuihoctaichinh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 20:20:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 17 Feb 2021 01:41:45 GMT
server
LiteSpeed
etag
"8819-602c7459-badf5f22b4dc7539;gz"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
8780
expires
Thu, 16 Mar 2023 20:20:19 GMT
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Lato:400,300italic,700|Source+Sans+Pro:400,400italic
Requested by
Host: tuihoctaichinh.com
URL: http://tuihoctaichinh.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e5c45502246d6e8e56522a924bddc63ab4cc096c6de0bdadf6577a3aa83a981c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tuihoctaichinh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 20:20:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Thu, 09 Mar 2023 20:20:19 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Thu, 09 Mar 2023 20:20:19 GMT
social-logos.min.css
tuihoctaichinh.com/wp-content/plugins/jetpack/_inc/social-logos/ 		12 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://tuihoctaichinh.com/wp-content/plugins/jetpack/_inc/social-logos/social-logos.min.css?ver=9.8.1
Requested by
Host: tuihoctaichinh.com
URL: http://tuihoctaichinh.com/
Protocol
HTTP/1.1
Server
198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
phx26.stablehost.com
Software
LiteSpeed /
Resource Hash
b958e0f47861dde13a175cc69494bdb54f08e2b5e78cecf6abd16470d2085257
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tuihoctaichinh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 20:20:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 15 Jun 2021 15:14:10 GMT
server
LiteSpeed
etag
"2f4a-60c8c3c2-c454ce15828a9069;gz"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
7897
expires
Thu, 16 Mar 2023 20:20:19 GMT
jetpack.css
tuihoctaichinh.com/wp-content/plugins/jetpack/css/ 		72 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://tuihoctaichinh.com/wp-content/plugins/jetpack/css/jetpack.css?ver=9.8.1
Requested by
Host: tuihoctaichinh.com
URL: http://tuihoctaichinh.com/
Protocol
HTTP/1.1
Server
198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
phx26.stablehost.com
Software
LiteSpeed /
Resource Hash
a63e79b5a97bf477e7d6ad34b4f8be2e4e8c7f3162f7d58b156ff0557f65c312
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tuihoctaichinh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 20:20:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 15 Jun 2021 15:14:06 GMT
server
LiteSpeed
etag
"11f12-60c8c3be-22e6834cc8964cb9;gz"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
16571
expires
Thu, 16 Mar 2023 20:20:19 GMT
jquery.min.js
tuihoctaichinh.com/wp-includes/js/jquery/ 		87 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tuihoctaichinh.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: tuihoctaichinh.com
URL: http://tuihoctaichinh.com/
Protocol
HTTP/1.1
Server
198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
phx26.stablehost.com
Software
LiteSpeed /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tuihoctaichinh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 20:20:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 09 Jan 2021 04:35:26 GMT
server
LiteSpeed
etag
"15d98-5ff9328e-d5fc05e2f77fb260;gz"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
34817
expires
Thu, 16 Mar 2023 20:20:19 GMT
jquery-migrate.min.js
tuihoctaichinh.com/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tuihoctaichinh.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: tuihoctaichinh.com
URL: http://tuihoctaichinh.com/
Protocol
HTTP/1.1
Server
198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
phx26.stablehost.com
Software
LiteSpeed /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tuihoctaichinh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 20:20:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 09 Jan 2021 04:35:26 GMT
server
LiteSpeed
etag
"2bd8-5ff9328e-63f68ed66d145761;gz"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
4461
expires
Thu, 16 Mar 2023 20:20:19 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tuihoctaichinh.com
URL: http://tuihoctaichinh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e73587bbf59841d943e4ec02df1f5b6c1f81936d1adbfe0c4512bd1923eab79f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tuihoctaichinh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 20:20:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48527
x-xss-protection
0
server
cafe
etag
15389425324783234742
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 09 Mar 2023 20:20:20 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tuihoctaichinh.com
URL: http://tuihoctaichinh.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
855ac45f95c382118c14bb4ec914ba225c6259a710cc99e8835ee1c281726e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tuihoctaichinh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 20:20:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Length
51265
X-XSS-Protection
0
Server
cafe
ETag
12691162883013312249
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=3600
Timing-Allow-Origin
*
Expires
Thu, 09 Mar 2023 20:20:20 GMT
wp-polyfill.min.js
tuihoctaichinh.com/wp-includes/js/dist/vendor/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tuihoctaichinh.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
Requested by
Host: tuihoctaichinh.com
URL: http://tuihoctaichinh.com/
Protocol
HTTP/1.1
Server
198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
phx26.stablehost.com
Software
LiteSpeed /
Resource Hash
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tuihoctaichinh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 20:20:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 09 Jan 2021 04:35:27 GMT
server
LiteSpeed
etag
"183ee-5ff9328f-ce96e6f867d1d5a;gz"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
38233
expires
Thu, 16 Mar 2023 20:20:19 GMT
index.js
tuihoctaichinh.com/wp-content/plugins/contact-form-7/includes/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tuihoctaichinh.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.1
Requested by
Host: tuihoctaichinh.com
URL: http://tuihoctaichinh.com/
Protocol
HTTP/1.1
Server
198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
phx26.stablehost.com
Software
LiteSpeed /
Resource Hash
927d5436967ebce8a52c4bdcd27cc056c910a72270f74990dfbd1d554840c12d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tuihoctaichinh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 20:20:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 15 Jun 2021 15:14:01 GMT
server
LiteSpeed
etag
"34ad-60c8c3b9-46d8b57f30474845;gz"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
4318
expires
Thu, 16 Mar 2023 20:20:19 GMT
scroll-back-to-top.js
tuihoctaichinh.com/wp-content/plugins/scroll-back-to-top/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tuihoctaichinh.com/wp-content/plugins/scroll-back-to-top/assets/js/scroll-back-to-top.js
Requested by
Host: tuihoctaichinh.com
URL: http://tuihoctaichinh.com/
Protocol
HTTP/1.1
Server
198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
phx26.stablehost.com
Software
LiteSpeed /
Resource Hash
fe79305175ad9699e4f76c2af9b9e8a5469aa80765af8baeca051c5971d5485a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tuihoctaichinh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 20:20:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 20 Jan 2016 11:28:32 GMT
server
LiteSpeed
etag
"9c6-569f6f60-73484df7b71ad133;gz"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
806
expires
Thu, 16 Mar 2023 20:20:20 GMT
tex-chtml.js
cdn.jsdelivr.net/npm/mathjax@3/es5/
Redirect Chain
  • http://cdn.jsdelivr.net/npm/mathjax@3/es5/tex-chtml.js?ver=5.6.10
  • https://cdn.jsdelivr.net/npm/mathjax@3/es5/tex-chtml.js?ver=5.6.10
1 MB
258 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/mathjax@3/es5/tex-chtml.js?ver=5.6.10
Requested by
Host: tuihoctaichinh.com
URL: http://tuihoctaichinh.com/
Protocol
H2
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0a6ded5abbce13331658dd239f34382abd06492c74b71b61e8caa8112ec55fa5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tuihoctaichinh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 09 Mar 2023 20:20:19 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
16541
x-jsd-version
3.2.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
263452
x-served-by
cache-fra-eddf8230028-FRA, cache-hhn-etou8220033-HHN
x-jsd-version-type
version
etag
W/"11b71d-5rrUYYZf7iU87WaawfBgSS+mhY8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

Location
https://cdn.jsdelivr.net/npm/mathjax@3/es5/tex-chtml.js?ver=5.6.10
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
bootstrap.js
tuihoctaichinh.com/wp-content/themes/nisarg/js/ 		67 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tuihoctaichinh.com/wp-content/themes/nisarg/js/bootstrap.js?ver=5.6.10
Requested by
Host: tuihoctaichinh.com
URL: http://tuihoctaichinh.com/
Protocol
HTTP/1.1
Server
198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
phx26.stablehost.com
Software
LiteSpeed /
Resource Hash
ef43a4d502ffb688656851d788c42869d47e8840d007b4f4b66f62530171acd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tuihoctaichinh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 20:20:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 17 Feb 2021 01:41:45 GMT
server
LiteSpeed
etag
"10d1a-602c7459-d3c5dd5bf27d6c0;gz"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
17645
expires
Thu, 16 Mar 2023 20:20:20 GMT
navigation.js
tuihoctaichinh.com/wp-content/themes/nisarg/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tuihoctaichinh.com/wp-content/themes/nisarg/js/navigation.js?ver=5.6.10
Requested by
Host: tuihoctaichinh.com
URL: http://tuihoctaichinh.com/
Protocol
HTTP/1.1
Server
198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
phx26.stablehost.com
Software
LiteSpeed /
Resource Hash
a6e9a4d24ddc59d459a87d112a1b4aeb825a43beb56041b40a1efe09b5a491ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tuihoctaichinh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 20:20:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 17 Feb 2021 01:41:45 GMT
server
LiteSpeed
etag
"c86-602c7459-e8f6c094fa2701d5;gz"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
1238
expires
Thu, 16 Mar 2023 20:20:20 GMT
skip-link-focus-fix.js
tuihoctaichinh.com/wp-content/themes/nisarg/js/ 		751 B
860 B 		Script
General
Check archive.org
Download Go to
Full URL
http://tuihoctaichinh.com/wp-content/themes/nisarg/js/skip-link-focus-fix.js?ver=5.6.10
Requested by
Host: tuihoctaichinh.com
URL: http://tuihoctaichinh.com/
Protocol
HTTP/1.1
Server
198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
phx26.stablehost.com
Software
LiteSpeed /
Resource Hash
5a1a3a3f0ef52a304cde50940ee607a2ebb008b76fa4cf49721b6e5cc07c350a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tuihoctaichinh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 20:20:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 17 Feb 2021 01:41:45 GMT
server
LiteSpeed
etag
"2ef-602c7459-565c12ca842b7cf2;gz"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
389
expires
Thu, 16 Mar 2023 20:20:20 GMT
nisarg.js
tuihoctaichinh.com/wp-content/themes/nisarg/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tuihoctaichinh.com/wp-content/themes/nisarg/js/nisarg.js?ver=5.6.10
Requested by
Host: tuihoctaichinh.com
URL: http://tuihoctaichinh.com/
Protocol
HTTP/1.1
Server
198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
phx26.stablehost.com
Software
LiteSpeed /
Resource Hash
b73ec855361ff486832406e9f53820cf95319765a68d0e2d94eeb528125939b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tuihoctaichinh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 20:20:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 17 Feb 2021 01:41:45 GMT
server
LiteSpeed
etag
"8db-602c7459-7e811f50cd12d861;gz"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
843
expires
Thu, 16 Mar 2023 20:20:20 GMT
facebook-embed.min.js
tuihoctaichinh.com/wp-content/plugins/jetpack/_inc/build/ 		737 B
931 B 		Script
General
Check archive.org
Download Go to
Full URL
http://tuihoctaichinh.com/wp-content/plugins/jetpack/_inc/build/facebook-embed.min.js
Requested by
Host: tuihoctaichinh.com
URL: http://tuihoctaichinh.com/
Protocol
HTTP/1.1
Server
198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
phx26.stablehost.com
Software
LiteSpeed /
Resource Hash
75f7bf0ff2d3d8880e9006a2567b8d07183899dc678a5d396f5c5febd9006187
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tuihoctaichinh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 20:20:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 15 Jun 2021 15:14:08 GMT
server
LiteSpeed
etag
"2e1-60c8c3c0-ed3896be9025b7ff;gz"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
460
expires
Thu, 16 Mar 2023 20:20:20 GMT
wp-embed.min.js
tuihoctaichinh.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tuihoctaichinh.com/wp-includes/js/wp-embed.min.js?ver=5.6.10
Requested by
Host: tuihoctaichinh.com
URL: http://tuihoctaichinh.com/
Protocol
HTTP/1.1
Server
198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
phx26.stablehost.com
Software
LiteSpeed /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tuihoctaichinh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 20:20:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 04 Feb 2021 05:04:10 GMT
server
LiteSpeed
etag
"592-601b804a-1c9ba6249bed9746;gz"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
778
expires
Thu, 16 Mar 2023 20:20:20 GMT
e-202310.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202310.js
Requested by
Host: tuihoctaichinh.com
URL: http://tuihoctaichinh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tuihoctaichinh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nc
HIT hhn
date
Thu, 09 Mar 2023 20:20:20 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 04 Mar 2024 06:09:12 GMT
wp-emoji-release.min.js
tuihoctaichinh.com/wp-includes/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tuihoctaichinh.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6.10
Requested by
Host: tuihoctaichinh.com
URL: http://tuihoctaichinh.com/
Protocol
HTTP/1.1
Server
198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
phx26.stablehost.com
Software
LiteSpeed /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tuihoctaichinh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 20:20:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 04 Feb 2021 05:04:08 GMT
server
LiteSpeed
etag
"3795-601b8048-d5fcf07fa9dcc048;gz"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
5213
expires
Thu, 16 Mar 2023 20:20:20 GMT
library.js
tuihoctaichinh.api.oneall.com/socialize/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tuihoctaichinh.api.oneall.com/socialize/library.js
Requested by
Host: tuihoctaichinh.com
URL: http://tuihoctaichinh.com/
Protocol
HTTP/1.1
Server
136.243.63.184 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
xip08.oneall.com
Software
nginx /
Resource Hash
ecd1c682db418a5764046929f37b3a4b72ce66fbf8724ca8cbc238258c13b528

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tuihoctaichinh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
private
Date
Thu, 09 Mar 2023 20:20:20 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Jan 2017 06:54:23 GMT
Server
nginx
X-Forwarded-Target
xromeo.oneall.com
Vary
Accept-Encoding
P3P
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Content-Type
text/javascript; charset=UTF-8
Cache-Control
max-age=14400, private
Connection
keep-alive
Content-Length
12475
X-Cached
MISS
Expires
Fri, 10 Mar 2023 00:20:20 GMT
cropped-THTC-Cover-Template-web-1-2.png
tuihoctaichinh.com/wp-content/uploads/2020/02/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tuihoctaichinh.com/wp-content/uploads/2020/02/cropped-THTC-Cover-Template-web-1-2.png
Requested by
Host: tuihoctaichinh.com
URL: http://tuihoctaichinh.com/
Protocol
HTTP/1.1
Server
198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
phx26.stablehost.com
Software
LiteSpeed /
Resource Hash
3cb514c89d63ad35ea09beaa9179bf4af06294de29c83a0c25db800005802314
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tuihoctaichinh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 20:20:20 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 05 Feb 2020 14:51:52 GMT
server
LiteSpeed
etag
"db85-5e3ad688-fb83e5c89916219e;;;"
content-type
image/png
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
56197
expires
Thu, 16 Mar 2023 20:20:20 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Lato:400,300italic,700|Source+Sans+Pro:400,400italic
Protocol
HTTP/1.1
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://tuihoctaichinh.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 00:30:37 GMT
X-Content-Type-Options
nosniff
Age
71383
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
13036
X-XSS-Protection
0
Last-Modified
Wed, 27 Apr 2022 16:04:42 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Fri, 08 Mar 2024 00:30:37 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Lato:400,300italic,700|Source+Sans+Pro:400,400italic
Protocol
HTTP/1.1
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://tuihoctaichinh.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 15:33:51 GMT
X-Content-Type-Options
nosniff
Age
17189
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
23040
X-XSS-Protection
0
Last-Modified
Tue, 26 Apr 2022 15:56:42 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Fri, 08 Mar 2024 15:33:51 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Lato:400,300italic,700|Source+Sans+Pro:400,400italic
Protocol
HTTP/1.1
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://tuihoctaichinh.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 09:42:34 GMT
X-Content-Type-Options
nosniff
Age
556666
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
23580
X-XSS-Protection
0
Last-Modified
Tue, 26 Apr 2022 15:48:56 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Sat, 02 Mar 2024 09:42:34 GMT
6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/sourcesanspro/v21/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Lato:400,300italic,700|Source+Sans+Pro:400,400italic
Protocol
HTTP/1.1
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://tuihoctaichinh.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 00:48:59 GMT
X-Content-Type-Options
nosniff
Age
70281
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
12580
X-XSS-Protection
0
Last-Modified
Wed, 27 Apr 2022 16:19:48 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Fri, 08 Mar 2024 00:48:59 GMT
fa-solid-900.woff2
tuihoctaichinh.com/wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/5.15.1/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://tuihoctaichinh.com/wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/5.15.1/webfonts/fa-solid-900.woff2
Requested by
Host: tuihoctaichinh.com
URL: http://tuihoctaichinh.com/wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/5.15.1/css/all.min.css?ver=2.4.2.3
Protocol
HTTP/1.1
Server
198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
phx26.stablehost.com
Software
LiteSpeed /
Resource Hash
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://tuihoctaichinh.com/wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/5.15.1/css/all.min.css?ver=2.4.2.3
Origin
http://tuihoctaichinh.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 20:20:20 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 15 Jun 2021 15:13:55 GMT
server
LiteSpeed
etag
"139ac-60c8c3b3-d43f11bc81573ec3;;;"
content-type
font/woff2
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
80300
S6u9w4BMUTPHh6UVSwaPGR_p.woff2
fonts.gstatic.com/s/lato/v23/ 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwaPGR_p.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Lato:400,300italic,700|Source+Sans+Pro:400,400italic
Protocol
HTTP/1.1
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ef7cd3d4ed7de91e7eb3c05a31c6fa1da0b08d07cbfab8ae108c34d5e39cdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://tuihoctaichinh.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 02 Mar 2023 23:09:47 GMT
X-Content-Type-Options
nosniff
Age
594633
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
5368
X-XSS-Protection
0
Last-Modified
Tue, 26 Apr 2022 15:56:40 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Fri, 01 Mar 2024 23:09:47 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Lato:400,300italic,700|Source+Sans+Pro:400,400italic
Protocol
HTTP/1.1
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee519845ad25d096974439033bfbfc99578285ab9788287b915940cc7f8d3147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://tuihoctaichinh.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 06:18:34 GMT
X-Content-Type-Options
nosniff
Age
568906
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
11792
X-XSS-Protection
0
Last-Modified
Wed, 27 Apr 2022 16:04:43 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Sat, 02 Mar 2024 06:18:34 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qN67lqDY.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		4 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qN67lqDY.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Lato:400,300italic,700|Source+Sans+Pro:400,400italic
Protocol
HTTP/1.1
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e0839c2fc964208d157d5582aa3629465196ad2d90b9aee7ba1a480d8ec40a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://tuihoctaichinh.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 12:05:18 GMT
X-Content-Type-Options
nosniff
Age
548102
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
4216
X-XSS-Protection
0
Last-Modified
Wed, 27 Apr 2022 16:04:41 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Sat, 02 Mar 2024 12:05:18 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/ 		360 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9785533834415065&plah=tuihoctaichinh.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6578eae4bc33547c0642559dc9a3a5982079af0ee0b701f9ddd3f5b65f0a91bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tuihoctaichinh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 20:20:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121461
x-xss-protection
0
server
cafe
etag
2036159164692411567
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 09 Mar 2023 20:20:20 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230307/r20190131/ Frame F344 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230307/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://tuihoctaichinh.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
829
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 09 Mar 2023 20:06:31 GMT
etag
2378337311435320485
expires
Thu, 23 Mar 2023 20:06:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sdk.js
connect.facebook.net/en_US/
Redirect Chain
  • http://connect.facebook.net/en_US/sdk.js
  • https://connect.facebook.net/en_US/sdk.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: tuihoctaichinh.com
URL: http://tuihoctaichinh.com/
Protocol
H2
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
299e5d9e836291994f0dcf042115b5358beee76430b091b9fd0afdbff2a53a11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tuihoctaichinh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 09 Mar 2023 20:20:20 GMT
content-md5
QETbousBJbPTV0tRM7j21A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
x-fb-rlafr
0
x-fb-debug
7txqfe+AD+Ie3AOjhzm7pmAYaGQPgKyL4VhIndSyQ/zD1hFp5vrID9o9SDSnb4sM/PbpUb2PNzM+DR7omAdU9g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
x-fb-content-md5
7474d77a74df5a801117aa53a7263142
cross-origin-opener-policy
same-origin-allow-popups
etag
"a64e4515e4268e47d99374b5000bc35a"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Thu, 09 Mar 2023 20:33:31 GMT

Redirect headers

Location
https://connect.facebook.net/en_US/sdk.js#xfbml=1&appId=249643311490&version=v2.3
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
g.gif
pixel.wp.com/ 		50 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pixel.wp.com/g.gif?v=ext&j=1%3A9.8.1&blog=106366283&post=42&tz=7&srv=tuihoctaichinh.com&host=tuihoctaichinh.com&ref=&fcp=3209&rand=0.516050887635038
Requested by
Host: tuihoctaichinh.com
URL: http://tuihoctaichinh.com/
Protocol
HTTP/1.1
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tuihoctaichinh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 09 Mar 2023 20:20:20 GMT
Cache-Control
no-cache
Server
nginx
Connection
keep-alive
Content-Length
50
Content-Type
image/gif
sdk.js
connect.facebook.net/en_US/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=aedb293580d8467085164b38743e2c34
Requested by
Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
82f06272949b7be14419ea7509bb0cadc1c839a59a67ceb609408fc1e2664a85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://tuihoctaichinh.com/
Origin
http://tuihoctaichinh.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 09 Mar 2023 20:20:20 GMT
content-md5
S8JlBlGmZnlH9pVwLbLsYA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88567
x-fb-rlafr
0
x-fb-debug
CY5rvseL1bNUa1SiRpGwLZDIFKJ4ei3zgyESUbDcfUVMxkpl593X7HUPUxv5f9TNJcKHPob/8tJ+jeIJ6YaFIg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
3b37e164e621898deb4fc483e91c91d2
cross-origin-opener-policy
same-origin-allow-popups
etag
"0bb5c40aca37a6ee9d73940d2f3c69ee"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Fri, 08 Mar 2024 17:38:46 GMT
cookie.js
partner.googleadservices.com/gampad/ 		403 B
609 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=tuihoctaichinh.com&callback=_gfp_s_&client=ca-pub-9785533834415065
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9785533834415065&plah=tuihoctaichinh.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b23d507aa451c77c44196b223b6cb7e621f12b68e1b799373b033a4c6e11ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tuihoctaichinh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 20:20:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
257
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=tuihoctaichinh.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9785533834415065&plah=tuihoctaichinh.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tuihoctaichinh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 20:20:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=tuihoctaichinh.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9785533834415065&plah=tuihoctaichinh.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tuihoctaichinh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 20:20:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&id=site-navigation&cls=main-navigation%20navbar-fixed-top%20navbar-left&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: tuihoctaichinh.com
URL: http://tuihoctaichinh.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tuihoctaichinh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Mar 2023 20:20:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame B0B2 		20 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9785533834415065&output=html&adk=1812271804&adf=3025194257&lmt=1678393220&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=http%3A%2F%2Ftuihoctaichinh.com%2F&ea=0&pra=5&wgl=1&dt=1678393220421&bpp=5&bdt=906&idt=196&shv=r20230307&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=883741237089&frm=20&pv=2&ga_vid=2087292303.1678393221&ga_sid=1678393221&ga_hid=1631592750&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44777876%2C44774292&oid=2&pvsid=84248036881030&tmod=2093322584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=243
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9785533834415065&plah=tuihoctaichinh.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a415772d639fc251a8ce523a4138c49f2ef7e1ec2439fa044be55f2140a07f37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://tuihoctaichinh.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
5856
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 09 Mar 2023 20:20:20 GMT
expires
Thu, 09 Mar 2023 20:20:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1670 		24 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9785533834415065&output=html&h=250&slotname=3987083038&adk=1746836503&adf=28996181&pi=t.ma~as.3987083038&w=300&lmt=1678393220&format=300x250&url=http%3A%2F%2Ftuihoctaichinh.com%2F&wgl=1&dt=1678393220426&bpp=1&bdt=912&idt=245&shv=r20230307&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=883741237089&frm=20&pv=1&ga_vid=2087292303.1678393221&ga_sid=1678393221&ga_hid=1631592750&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1132&ady=582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44777876%2C44774292&oid=2&pvsid=84248036881030&tmod=2093322584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=XqlIp1w0eL&p=http%3A//tuihoctaichinh.com&dtd=250
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9785533834415065&plah=tuihoctaichinh.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7bac140442b32531c721f3fcad11bc3d7ec8c775df6473ea734da5e2715a129a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://tuihoctaichinh.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
10799
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 09 Mar 2023 20:20:21 GMT
expires
Thu, 09 Mar 2023 20:20:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/login/ Frame 50E8
Redirect Chain
  • https://www.facebook.com/v2.3/plugins/page.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df302d8a9b1b384c%26domain%3Dtuihoct...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbit...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df302d8a9b1b384c%2526domain%253Dtuihoctaichinh.com%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Ftuihoctaichinh.com%25252Ff3500e6b727660c%2526relation%253Dparent.parent%26container_width%3D215%26height%3D455%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Ftuihoctaichinh%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D341
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=aedb293580d8467085164b38743e2c34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://tuihoctaichinh.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 09 Mar 2023 20:20:20 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
priority
u=3,i
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
fb34HiEZoISgkHO9J+JvDz6PbDbvF/CEspwTbOfrF22mTs3NcJu97WD44LABfAcVl+y49cuck+mVzukHgvdUtA==
x-frame-options
DENY
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 09 Mar 2023 20:20:20 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v10.0
location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df302d8a9b1b384c%2526domain%253Dtuihoctaichinh.com%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Ftuihoctaichinh.com%25252Ff3500e6b727660c%2526relation%253Dparent.parent%26container_width%3D215%26height%3D455%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Ftuihoctaichinh%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D341
origin-agent-cluster
?0
pragma
no-cache
priority
u=3,i
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
x-fb-debug
6K0p1xlPoJByC6lavhWnKyS210JJQInzHismk3JGZtXkTadn7CTTR/ULLqBCjVxeeXC76a3codKeOY1iQZ59PA==
x-fb-rlafr
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-9785533834415065&warn=13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=true&reatf=true&a=6%2C1%2C5%2C7&apv=20230305_093442&sat=1678168665225&afm=0&as_count=1&d_count=0&ng_count=0&am_count=0&atf_count=1&mdns=0.155&alldns=0.155&allp=32&fd=(0%2C8%2C0)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=1613&abl=false&rr=n&su=tuihoctaichinh.com&pvc=84248036881030&r=0.1&eid=44759875%2C44759837%2C44759926%2C44777876%2C44774292
Requested by
Host: tuihoctaichinh.com
URL: http://tuihoctaichinh.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tuihoctaichinh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Mar 2023 20:20:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
tags.mathtag.com/notify/ Frame 1670 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVRFNE5UVmxOamN0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYzNDE2ODA5MDIyMzYxNTE5MS82NjIyMzI2LzQ1NjIzMDYvNC9ESFNDM3Nsb1NycWg5enJyUjFEdTUwaDlOWm12ejNwb3BKdlU0Y2hyTkVFLzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzYzNDE2ODA5MDIyMzYxNTE5MS9oa2cvMC81OTMvODgvOTk5LzMyMi8yMDAxOjFiNjA6Mjo6LzAuMDAwLzE2NzgzOTMyMjAvMTY3ODQxNzIyMC80L3B1Yi05Nzg1NTMzODM0NDE1MDY1Lw/dzLxK4IVq_7aZQdjc9DCCbGfl1c&nodeid=3412&group=hkg&auctionid=634168090223615191&pbs_auctionid=634168090223615191&shardkey=634168090223615191&sid=4562306&cid=6622326&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=103.229.206.170&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCUzGhD8KZMHBMuiRpt8Pn8y0mA3Ph46bXMCG2YLGAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi05Nzg1NTMzODM0NDE1MDY1yAEJqAMBqgTeAU_Q5tFEWl2a2kbt8JuelsHVu9Mc10j8c58ObqQg_aNu3UyrGr3I1ieGBjI8ffdi9-GLftkJz5wjanV9EI6YyBythszpqIRsULj7LNul2QPUcF3b3deIEaKKG1CSaPFV0FIOyDgjRMtoZ5ysfnLki3zNKhz_RexaiY4jAKseMeMS4Eozkq7b7u4Ck7_MuYuVz-DkE2DPAL-3XlIpvMfmyYXySSr23Tj1vsfIgVk1NoDfaKyJK0TbyceZn_pFhjh63ItTQDONk3Lews5k04NNrPy7RkHgtdSySvsQ-fyE3IAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1O0zfZfktMbMfj09x4z9G1A9WmqA%26client%3Dca-pub-9785533834415065%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9785533834415065&output=html&h=250&slotname=3987083038&adk=1746836503&adf=28996181&pi=t.ma~as.3987083038&w=300&lmt=1678393220&format=300x250&url=http%3A%2F%2Ftuihoctaichinh.com%2F&wgl=1&dt=1678393220426&bpp=1&bdt=912&idt=245&shv=r20230307&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=883741237089&frm=20&pv=1&ga_vid=2087292303.1678393221&ga_sid=1678393221&ga_hid=1631592750&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1132&ady=582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44777876%2C44774292&oid=2&pvsid=84248036881030&tmod=2093322584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=XqlIp1w0eL&p=http%3A//tuihoctaichinh.com&dtd=250
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.381.0 /
Resource Hash
5f264caf42b579e8b581ac3ca57ee9671bf31f505bd014b8d1ebb73d8a8d40ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 20:20:21 GMT
x-mm-nodeid
3412
Content-Encoding
gzip
x-mm-bid-request-time
1678393220
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
close
x-mm-handled-by-owner
true
Last-Modified
Thu, 09 Mar 2023 20:20:20 GMT
Server
MMBD/3.381.0
x-mm-latency
480 (1)
Content-Type
application/x-javascript; charset=UTF-8
x-mm-dbg
NotCount
Cache-Control
no-cache
x-mm-host
cdg-router-x29, hkg-bidder-x87
x-mm-lag
1
Expires
Thu, 09 Mar 2023 20:20:20 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/ Frame 1670 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9785533834415065&output=html&h=250&slotname=3987083038&adk=1746836503&adf=28996181&pi=t.ma~as.3987083038&w=300&lmt=1678393220&format=300x250&url=http%3A%2F%2Ftuihoctaichinh.com%2F&wgl=1&dt=1678393220426&bpp=1&bdt=912&idt=245&shv=r20230307&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=883741237089&frm=20&pv=1&ga_vid=2087292303.1678393221&ga_sid=1678393221&ga_hid=1631592750&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1132&ady=582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44777876%2C44774292&oid=2&pvsid=84248036881030&tmod=2093322584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=XqlIp1w0eL&p=http%3A//tuihoctaichinh.com&dtd=250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 19:11:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
4154
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Mar 2023 19:11:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/ Frame 1670 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9785533834415065&output=html&h=250&slotname=3987083038&adk=1746836503&adf=28996181&pi=t.ma~as.3987083038&w=300&lmt=1678393220&format=300x250&url=http%3A%2F%2Ftuihoctaichinh.com%2F&wgl=1&dt=1678393220426&bpp=1&bdt=912&idt=245&shv=r20230307&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=883741237089&frm=20&pv=1&ga_vid=2087292303.1678393221&ga_sid=1678393221&ga_hid=1631592750&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1132&ady=582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44777876%2C44774292&oid=2&pvsid=84248036881030&tmod=2093322584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=XqlIp1w0eL&p=http%3A//tuihoctaichinh.com&dtd=250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 19:11:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
4154
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8558
x-xss-protection
0
server
cafe
etag
3110455901848521628
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Mar 2023 19:11:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1670 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9785533834415065&output=html&h=250&slotname=3987083038&adk=1746836503&adf=28996181&pi=t.ma~as.3987083038&w=300&lmt=1678393220&format=300x250&url=http%3A%2F%2Ftuihoctaichinh.com%2F&wgl=1&dt=1678393220426&bpp=1&bdt=912&idt=245&shv=r20230307&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=883741237089&frm=20&pv=1&ga_vid=2087292303.1678393221&ga_sid=1678393221&ga_hid=1631592750&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1132&ady=582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44777876%2C44774292&oid=2&pvsid=84248036881030&tmod=2093322584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=XqlIp1w0eL&p=http%3A//tuihoctaichinh.com&dtd=250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 20:20:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49657
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678278820084806"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Mar 2023 20:20:21 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 1670 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C53YThD8KZMHBMuiRpt8Pn8y0mA3Ph46bXMCG2YLGAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi05Nzg1NTMzODM0NDE1MDY1yAEJqAMBqgTbAU_Q5tFEWl2a2kbt8JuelsHVu9Mc10j8c58ObqQg_aNu3UyrGr3I1ieGBjI8ffdi9-GLftkJz5wjanV9EI6YyBythszpqIRsULj7LNul2QPUcF3b3deIEaKKG1CSaPFV0FIOyDgjRMtoZ5ysfnLki3zNKhz_RexaiY4jAKseMeMS4Eozkq7b7u4Ck7_MuYuVz-DkE2DPAL-3XlIpvMfmyYXySSr23Tj1vsfIgVk1NoDfaKyJK0SZy-YLM0bhgbXelCCLAJx9jmbUfsRKy2LwbLwUvOD-mcwc00cXdIAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi05Nzg1NTMzODM0NDE1MDY1GAA&sigh=R2HkwGsUgPo&uach_m=[UACH]&cid=CAQSGwDUE5ymi5t4XfD6Ajq8e65OciSNf6oGWGDSbRgB&tpd=AGWhJmu02RpRGMaPdYifTY0JTp8AVLaODtB-Fp1WOefpxPJHxjvb41XRoL_pybVIMvrZrWicHPIwrmbUA_UFcK1C8SHRiHzlRzBnSJbbLkv7LKXwc1KDt4yaG31g6qkPpIzlpV3UhGQdD-gzpdMuCCzCKctYVxHh10PU3lk_lPBOcJQRAFWp6nv1Ror45IdOvpCON5y-KA1fwit7ydloMklL-eEfTspVmnwd4vPavzuV2VcmnJtXJblSwBtRzp7RwoiFvCVwwndFlDmr-Rt80IjiyY8g2OOhV7abPnMLxDpCdYWXPGN7-_nyEMt7EELB8j57RSXCDbnefO2WjgRa9oBmHpgNImOUVIZL9N9-rzDnoQapylU_oM1ZO_RjE5UWRhZg6aS-UhOKdauxjJ0Syspn1iVgjI-2ElWWKzCT9AyxZyc9nGDGHhox3mNrzTjSQfMtozQ9aeP-gm1pO10uUBBz1Qvpp1GLjfLFFmNfp9IFxWltYtXVoskEOWZRHF6fQQ9znj3LrmJtJ7ZV26YCPkIy38wj0JSoQG5f2iYw5FPnCg3zjZyyHYC-i2KqrOtY_dr7LmXSf-anvPerfJqy_AxUQdWVv0RY13uSGrI7QvK6vICDvMx_uB61YsmK5y6PEr3PJYuxwVMA78ptFVWErUHEfEU9MdoJMKjOhNArGXopVnaNf53v-J6yb5xYRFmLhnL7DJVA5asn3uZ1O-NyCjmjwPs_AtfdFE5vxRmKjl_RV8xzo8p7EQI4FeOMntB2_ic80vc5kbvx6Lfie1o58DVV22qwivvaWyNqdCEHSyXKRs76xFWMKjsUBCJ5nJoZwE0Qle7ftTQCTw7RHzMxS5vECG8b9mfuHLnt6SxaNgTDVkI_JlSbLwDj3EEpnHNWXoA4h4AVdGfsmcZQyGzbsgQUravAQ25FnuZ8MQ5ZUX7i09YOXjiBsy_J1dF_MMMb2Zl2ZLmmVfkEfSW0a-QH2l5EbxRzqfgiPjIUdhJ1nuoWkcnszqe8cj6qk3QVVgpRcOvVZx2aWJyUtxSiwr2heIEPYjnMl_jmYfus6oJKBn9LVTD6NpxS2X7WwdnrXFXLT_6OCz01TMMJkRy8OH3bPncXf1uunPKuhyZqlCf0jxgAsMXQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9785533834415065&output=html&h=250&slotname=3987083038&adk=1746836503&adf=28996181&pi=t.ma~as.3987083038&w=300&lmt=1678393220&format=300x250&url=http%3A%2F%2Ftuihoctaichinh.com%2F&wgl=1&dt=1678393220426&bpp=1&bdt=912&idt=245&shv=r20230307&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=883741237089&frm=20&pv=1&ga_vid=2087292303.1678393221&ga_sid=1678393221&ga_hid=1631592750&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1132&ady=582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44777876%2C44774292&oid=2&pvsid=84248036881030&tmod=2093322584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=XqlIp1w0eL&p=http%3A//tuihoctaichinh.com&dtd=250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9785533834415065&output=html&h=250&slotname=3987083038&adk=1746836503&adf=28996181&pi=t.ma~as.3987083038&w=300&lmt=1678393220&format=300x250&url=http%3A%2F%2Ftuihoctaichinh.com%2F&wgl=1&dt=1678393220426&bpp=1&bdt=912&idt=245&shv=r20230307&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=883741237089&frm=20&pv=1&ga_vid=2087292303.1678393221&ga_sid=1678393221&ga_hid=1631592750&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1132&ady=582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44777876%2C44774292&oid=2&pvsid=84248036881030&tmod=2093322584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=XqlIp1w0eL&p=http%3A//tuihoctaichinh.com&dtd=250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 09 Mar 2023 20:20:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 09 Mar 2023 20:20:21 GMT
01qrvgnrrbds
hal9000.redintelligence.net/zone/ Frame 1670 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=634168090223615191&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DFDPjER8u8_ZLEoOZ0NJhdg%26exch_seat%3D20035004448%26mt_aid%3D634168090223615191%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D4c02640a-3f85-4101-bc20-2ff6bf29b41c%26mt_cid%3D4c02640a-3f85-4101-bc20-2ff6bf29b41c%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCCUzGhD8KZMHBMuiRpt8Pn8y0mA3Ph46bXMCG2YLGAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi05Nzg1NTMzODM0NDE1MDY1yAEJqAMBqgTeAU_Q5tFEWl2a2kbt8JuelsHVu9Mc10j8c58ObqQg_aNu3UyrGr3I1ieGBjI8ffdi9-GLftkJz5wjanV9EI6YyBythszpqIRsULj7LNul2QPUcF3b3deIEaKKG1CSaPFV0FIOyDgjRMtoZ5ysfnLki3zNKhz_RexaiY4jAKseMeMS4Eozkq7b7u4Ck7_MuYuVz-DkE2DPAL-3XlIpvMfmyYXySSr23Tj1vsfIgVk1NoDfaKyJK0TbyceZn_pFhjh63ItTQDONk3Lews5k04NNrPy7RkHgtdSySvsQ-fyE3IAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1O0zfZfktMbMfj09x4z9G1A9WmqA%2526client%253Dca-pub-9785533834415065%2526adurl%253D%26redirect%3D
Requested by
Host: tuihoctaichinh.com
URL: http://tuihoctaichinh.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
7aff1ab9588cf3717f553a63213fa1a3959f52b1840216c198b16cf3db6c9ade

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 20:20:22 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3359
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame 1670 		49 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=634168090223615191&node_id=3412&exch_id=4
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVRFNE5UVmxOamN0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYzNDE2ODA5MDIyMzYxNTE5MS82NjIyMzI2LzQ1NjIzMDYvNC9ESFNDM3Nsb1NycWg5enJyUjFEdTUwaDlOWm12ejNwb3BKdlU0Y2hyTkVFLzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzYzNDE2ODA5MDIyMzYxNTE5MS9oa2cvMC81OTMvODgvOTk5LzMyMi8yMDAxOjFiNjA6Mjo6LzAuMDAwLzE2NzgzOTMyMjAvMTY3ODQxNzIyMC80L3B1Yi05Nzg1NTMzODM0NDE1MDY1Lw/dzLxK4IVq_7aZQdjc9DCCbGfl1c&nodeid=3412&group=hkg&auctionid=634168090223615191&pbs_auctionid=634168090223615191&shardkey=634168090223615191&sid=4562306&cid=6622326&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=103.229.206.170&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCUzGhD8KZMHBMuiRpt8Pn8y0mA3Ph46bXMCG2YLGAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi05Nzg1NTMzODM0NDE1MDY1yAEJqAMBqgTeAU_Q5tFEWl2a2kbt8JuelsHVu9Mc10j8c58ObqQg_aNu3UyrGr3I1ieGBjI8ffdi9-GLftkJz5wjanV9EI6YyBythszpqIRsULj7LNul2QPUcF3b3deIEaKKG1CSaPFV0FIOyDgjRMtoZ5ysfnLki3zNKhz_RexaiY4jAKseMeMS4Eozkq7b7u4Ck7_MuYuVz-DkE2DPAL-3XlIpvMfmyYXySSr23Tj1vsfIgVk1NoDfaKyJK0TbyceZn_pFhjh63ItTQDONk3Lews5k04NNrPy7RkHgtdSySvsQ-fyE3IAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1O0zfZfktMbMfj09x4z9G1A9WmqA%26client%3Dca-pub-9785533834415065%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.381.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 20:20:22 GMT
Server
MMBD/3.381.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x42, hkg-bidder-x87
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Thu, 09 Mar 2023 20:20:21 GMT
img
pixel.mathtag.com/event/ Frame 1670 		43 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=634168090223615191&v3=651871&v4=4562306&v5=6622326&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVRFNE5UVmxOamN0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYzNDE2ODA5MDIyMzYxNTE5MS82NjIyMzI2LzQ1NjIzMDYvNC9ESFNDM3Nsb1NycWg5enJyUjFEdTUwaDlOWm12ejNwb3BKdlU0Y2hyTkVFLzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzYzNDE2ODA5MDIyMzYxNTE5MS9oa2cvMC81OTMvODgvOTk5LzMyMi8yMDAxOjFiNjA6Mjo6LzAuMDAwLzE2NzgzOTMyMjAvMTY3ODQxNzIyMC80L3B1Yi05Nzg1NTMzODM0NDE1MDY1Lw/dzLxK4IVq_7aZQdjc9DCCbGfl1c&nodeid=3412&group=hkg&auctionid=634168090223615191&pbs_auctionid=634168090223615191&shardkey=634168090223615191&sid=4562306&cid=6622326&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=103.229.206.170&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCUzGhD8KZMHBMuiRpt8Pn8y0mA3Ph46bXMCG2YLGAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi05Nzg1NTMzODM0NDE1MDY1yAEJqAMBqgTeAU_Q5tFEWl2a2kbt8JuelsHVu9Mc10j8c58ObqQg_aNu3UyrGr3I1ieGBjI8ffdi9-GLftkJz5wjanV9EI6YyBythszpqIRsULj7LNul2QPUcF3b3deIEaKKG1CSaPFV0FIOyDgjRMtoZ5ysfnLki3zNKhz_RexaiY4jAKseMeMS4Eozkq7b7u4Ck7_MuYuVz-DkE2DPAL-3XlIpvMfmyYXySSr23Tj1vsfIgVk1NoDfaKyJK0TbyceZn_pFhjh63ItTQDONk3Lews5k04NNrPy7RkHgtdSySvsQ-fyE3IAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1O0zfZfktMbMfj09x4z9G1A9WmqA%26client%3Dca-pub-9785533834415065%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 569 46451a0 master cdg-pixel-x12 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 20:20:22 GMT
Server
MT3 569 46451a0 master cdg-pixel-x12 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Thu, 09 Mar 2023 20:20:21 GMT
img
tags.mathtag.com/event/ Frame 1670 		49 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=634168090223615191&st=4562306&time=1678393221&nodeid=3412
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVRFNE5UVmxOamN0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYzNDE2ODA5MDIyMzYxNTE5MS82NjIyMzI2LzQ1NjIzMDYvNC9ESFNDM3Nsb1NycWg5enJyUjFEdTUwaDlOWm12ejNwb3BKdlU0Y2hyTkVFLzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzYzNDE2ODA5MDIyMzYxNTE5MS9oa2cvMC81OTMvODgvOTk5LzMyMi8yMDAxOjFiNjA6Mjo6LzAuMDAwLzE2NzgzOTMyMjAvMTY3ODQxNzIyMC80L3B1Yi05Nzg1NTMzODM0NDE1MDY1Lw/dzLxK4IVq_7aZQdjc9DCCbGfl1c&nodeid=3412&group=hkg&auctionid=634168090223615191&pbs_auctionid=634168090223615191&shardkey=634168090223615191&sid=4562306&cid=6622326&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=103.229.206.170&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCUzGhD8KZMHBMuiRpt8Pn8y0mA3Ph46bXMCG2YLGAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi05Nzg1NTMzODM0NDE1MDY1yAEJqAMBqgTeAU_Q5tFEWl2a2kbt8JuelsHVu9Mc10j8c58ObqQg_aNu3UyrGr3I1ieGBjI8ffdi9-GLftkJz5wjanV9EI6YyBythszpqIRsULj7LNul2QPUcF3b3deIEaKKG1CSaPFV0FIOyDgjRMtoZ5ysfnLki3zNKhz_RexaiY4jAKseMeMS4Eozkq7b7u4Ck7_MuYuVz-DkE2DPAL-3XlIpvMfmyYXySSr23Tj1vsfIgVk1NoDfaKyJK0TbyceZn_pFhjh63ItTQDONk3Lews5k04NNrPy7RkHgtdSySvsQ-fyE3IAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1O0zfZfktMbMfj09x4z9G1A9WmqA%26client%3Dca-pub-9785533834415065%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.381.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 20:20:22 GMT
Server
MMBD/3.381.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x42, hkg-bidder-x87
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Thu, 09 Mar 2023 20:20:21 GMT
request.php
hal900015.redintelligence.net/ Frame 1670 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900015.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=45bcf12e2b&subid=&uid=aa87908af1f0f728&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DFDPjER8u8_ZLEoOZ0NJhdg%26exch_seat%3D20035004448%26mt_aid%3D634168090223615191%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D4c02640a-3f85-4101-bc20-2ff6bf29b41c%26mt_cid%3D4c02640a-3f85-4101-bc20-2ff6bf29b41c%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCCUzGhD8KZMHBMuiRpt8Pn8y0mA3Ph46bXMCG2YLGAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi05Nzg1NTMzODM0NDE1MDY1yAEJqAMBqgTeAU_Q5tFEWl2a2kbt8JuelsHVu9Mc10j8c58ObqQg_aNu3UyrGr3I1ieGBjI8ffdi9-GLftkJz5wjanV9EI6YyBythszpqIRsULj7LNul2QPUcF3b3deIEaKKG1CSaPFV0FIOyDgjRMtoZ5ysfnLki3zNKhz_RexaiY4jAKseMeMS4Eozkq7b7u4Ck7_MuYuVz-DkE2DPAL-3XlIpvMfmyYXySSr23Tj1vsfIgVk1NoDfaKyJK0TbyceZn_pFhjh63ItTQDONk3Lews5k04NNrPy7RkHgtdSySvsQ-fyE3IAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1O0zfZfktMbMfj09x4z9G1A9WmqA%2526client%253Dca-pub-9785533834415065%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9785533834415065%26output%3Dhtml%26h%3D250%26slotname%3D3987083038%26adk%3D1746836503%26adf%3D28996181%26pi%3Dt.ma~as.3987083038%26w%3D300%26lmt%3D1678393220%26format%3D300x250%26url%3Dhttp%253A%252F%252Ftuihoctaichinh.com%252F%26wgl%3D1%26dt%3D1678393220426%26bpp%3D1%26bdt%3D912%26idt%3D245%26shv%3Dr20230307%26mjsv%3Dm202302210101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D883741237089%26frm%3D20%26pv%3D1%26ga_vid%3D2087292303.1678393221%26ga_sid%3D1678393221%26ga_hid%3D1631592750%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D1132%26ady%3D582%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759837%252C44759926%252C44777876%252C44774292%26oid%3D2%26pvsid%3D84248036881030%26tmod%3D2093322584%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CoeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D23%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3DXqlIp1w0eL%26p%3Dhttp%253A%2F%2Ftuihoctaichinh.com%26dtd%3D250&ancestorOrigins=null&random=5213400324453&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=634168090223615191&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DFDPjER8u8_ZLEoOZ0NJhdg%26exch_seat%3D20035004448%26mt_aid%3D634168090223615191%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D4c02640a-3f85-4101-bc20-2ff6bf29b41c%26mt_cid%3D4c02640a-3f85-4101-bc20-2ff6bf29b41c%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCCUzGhD8KZMHBMuiRpt8Pn8y0mA3Ph46bXMCG2YLGAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi05Nzg1NTMzODM0NDE1MDY1yAEJqAMBqgTeAU_Q5tFEWl2a2kbt8JuelsHVu9Mc10j8c58ObqQg_aNu3UyrGr3I1ieGBjI8ffdi9-GLftkJz5wjanV9EI6YyBythszpqIRsULj7LNul2QPUcF3b3deIEaKKG1CSaPFV0FIOyDgjRMtoZ5ysfnLki3zNKhz_RexaiY4jAKseMeMS4Eozkq7b7u4Ck7_MuYuVz-DkE2DPAL-3XlIpvMfmyYXySSr23Tj1vsfIgVk1NoDfaKyJK0TbyceZn_pFhjh63ItTQDONk3Lews5k04NNrPy7RkHgtdSySvsQ-fyE3IAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1O0zfZfktMbMfj09x4z9G1A9WmqA%2526client%253Dca-pub-9785533834415065%2526adurl%253D%26redirect%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
926283bfec42a5773520aa1cef2ee934ff09d7d60abd8bd42a384d51cf8d7fe2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Mar 2023 20:20:22 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
60870300195724000951393012258015
Connection
close
Content-Length
1303
Expires
Thu, 09 Mar 2023 20:20:22 +0100
view.aspx
pb.media01.eu/ Frame 55E2
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=60870300195724000951393012258015&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=60870300195724000951393012258015&actionid=981741&produktid=&dt_url=
0
629 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=60870300195724000951393012258015&actionid=981741&produktid=&dt_url=
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=45bcf12e2b&subid=&uid=aa87908af1f0f728&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DFDPjER8u8_ZLEoOZ0NJhdg%26exch_seat%3D20035004448%26mt_aid%3D634168090223615191%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D4c02640a-3f85-4101-bc20-2ff6bf29b41c%26mt_cid%3D4c02640a-3f85-4101-bc20-2ff6bf29b41c%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCCUzGhD8KZMHBMuiRpt8Pn8y0mA3Ph46bXMCG2YLGAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi05Nzg1NTMzODM0NDE1MDY1yAEJqAMBqgTeAU_Q5tFEWl2a2kbt8JuelsHVu9Mc10j8c58ObqQg_aNu3UyrGr3I1ieGBjI8ffdi9-GLftkJz5wjanV9EI6YyBythszpqIRsULj7LNul2QPUcF3b3deIEaKKG1CSaPFV0FIOyDgjRMtoZ5ysfnLki3zNKhz_RexaiY4jAKseMeMS4Eozkq7b7u4Ck7_MuYuVz-DkE2DPAL-3XlIpvMfmyYXySSr23Tj1vsfIgVk1NoDfaKyJK0TbyceZn_pFhjh63ItTQDONk3Lews5k04NNrPy7RkHgtdSySvsQ-fyE3IAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1O0zfZfktMbMfj09x4z9G1A9WmqA%2526client%253Dca-pub-9785533834415065%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9785533834415065%26output%3Dhtml%26h%3D250%26slotname%3D3987083038%26adk%3D1746836503%26adf%3D28996181%26pi%3Dt.ma~as.3987083038%26w%3D300%26lmt%3D1678393220%26format%3D300x250%26url%3Dhttp%253A%252F%252Ftuihoctaichinh.com%252F%26wgl%3D1%26dt%3D1678393220426%26bpp%3D1%26bdt%3D912%26idt%3D245%26shv%3Dr20230307%26mjsv%3Dm202302210101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D883741237089%26frm%3D20%26pv%3D1%26ga_vid%3D2087292303.1678393221%26ga_sid%3D1678393221%26ga_hid%3D1631592750%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D1132%26ady%3D582%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759837%252C44759926%252C44777876%252C44774292%26oid%3D2%26pvsid%3D84248036881030%26tmod%3D2093322584%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CoeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D23%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3DXqlIp1w0eL%26p%3Dhttp%253A%2F%2Ftuihoctaichinh.com%26dtd%3D250&ancestorOrigins=null&random=5213400324453&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 09 Mar 2023 20:20:21 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Thu, 09 Mar 2023 09:20:22 GMT
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-xss-protection
1; mode=block

Redirect headers

Content-Length
0
Content-Type
application/javascript
Date
Thu, 09 Mar 2023 20:20:22 GMT
Host
pv.medialead.de
Keep-Alive
timeout=20
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=60870300195724000951393012258015&actionid=981741&produktid=&dt_url=
Proxy-Host
pv.medialead.de
Server
nginx/1.17.5
Strict-Transport-Security
max-age=15768000
X-IPLB-Instance
40027
X-IPLB-Request-ID
D972DA1C:C34C_91EFC182:01BB_640A3F86_B81C857:2FD2D
/
adv.office-partner.de/ Frame 08C4 		930 B
931 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=45bcf12e2b&subid=&uid=aa87908af1f0f728&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DFDPjER8u8_ZLEoOZ0NJhdg%26exch_seat%3D20035004448%26mt_aid%3D634168090223615191%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D4c02640a-3f85-4101-bc20-2ff6bf29b41c%26mt_cid%3D4c02640a-3f85-4101-bc20-2ff6bf29b41c%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCCUzGhD8KZMHBMuiRpt8Pn8y0mA3Ph46bXMCG2YLGAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi05Nzg1NTMzODM0NDE1MDY1yAEJqAMBqgTeAU_Q5tFEWl2a2kbt8JuelsHVu9Mc10j8c58ObqQg_aNu3UyrGr3I1ieGBjI8ffdi9-GLftkJz5wjanV9EI6YyBythszpqIRsULj7LNul2QPUcF3b3deIEaKKG1CSaPFV0FIOyDgjRMtoZ5ysfnLki3zNKhz_RexaiY4jAKseMeMS4Eozkq7b7u4Ck7_MuYuVz-DkE2DPAL-3XlIpvMfmyYXySSr23Tj1vsfIgVk1NoDfaKyJK0TbyceZn_pFhjh63ItTQDONk3Lews5k04NNrPy7RkHgtdSySvsQ-fyE3IAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1O0zfZfktMbMfj09x4z9G1A9WmqA%2526client%253Dca-pub-9785533834415065%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9785533834415065%26output%3Dhtml%26h%3D250%26slotname%3D3987083038%26adk%3D1746836503%26adf%3D28996181%26pi%3Dt.ma~as.3987083038%26w%3D300%26lmt%3D1678393220%26format%3D300x250%26url%3Dhttp%253A%252F%252Ftuihoctaichinh.com%252F%26wgl%3D1%26dt%3D1678393220426%26bpp%3D1%26bdt%3D912%26idt%3D245%26shv%3Dr20230307%26mjsv%3Dm202302210101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D883741237089%26frm%3D20%26pv%3D1%26ga_vid%3D2087292303.1678393221%26ga_sid%3D1678393221%26ga_hid%3D1631592750%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D1132%26ady%3D582%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759837%252C44759926%252C44777876%252C44774292%26oid%3D2%26pvsid%3D84248036881030%26tmod%3D2093322584%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CoeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D23%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3DXqlIp1w0eL%26p%3Dhttp%253A%2F%2Ftuihoctaichinh.com%26dtd%3D250&ancestorOrigins=null&random=5213400324453&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:2::3 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Thu, 09 Mar 2023 20:20:22 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Thu, 16 Mar 2023 20:20:22 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn-engine
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
htlp
futalis.de/ Frame 5F15
Redirect Chain
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=60870300195724000951393012258015&ra_cnt_active=1&ra_cnt=1
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2391955529
350 B
401 B 		Document
General
Check archive.org
Download Go to
Full URL
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2391955529
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=45bcf12e2b&subid=&uid=aa87908af1f0f728&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DFDPjER8u8_ZLEoOZ0NJhdg%26exch_seat%3D20035004448%26mt_aid%3D634168090223615191%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D4c02640a-3f85-4101-bc20-2ff6bf29b41c%26mt_cid%3D4c02640a-3f85-4101-bc20-2ff6bf29b41c%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCCUzGhD8KZMHBMuiRpt8Pn8y0mA3Ph46bXMCG2YLGAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi05Nzg1NTMzODM0NDE1MDY1yAEJqAMBqgTeAU_Q5tFEWl2a2kbt8JuelsHVu9Mc10j8c58ObqQg_aNu3UyrGr3I1ieGBjI8ffdi9-GLftkJz5wjanV9EI6YyBythszpqIRsULj7LNul2QPUcF3b3deIEaKKG1CSaPFV0FIOyDgjRMtoZ5ysfnLki3zNKhz_RexaiY4jAKseMeMS4Eozkq7b7u4Ck7_MuYuVz-DkE2DPAL-3XlIpvMfmyYXySSr23Tj1vsfIgVk1NoDfaKyJK0TbyceZn_pFhjh63ItTQDONk3Lews5k04NNrPy7RkHgtdSySvsQ-fyE3IAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1O0zfZfktMbMfj09x4z9G1A9WmqA%2526client%253Dca-pub-9785533834415065%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9785533834415065%26output%3Dhtml%26h%3D250%26slotname%3D3987083038%26adk%3D1746836503%26adf%3D28996181%26pi%3Dt.ma~as.3987083038%26w%3D300%26lmt%3D1678393220%26format%3D300x250%26url%3Dhttp%253A%252F%252Ftuihoctaichinh.com%252F%26wgl%3D1%26dt%3D1678393220426%26bpp%3D1%26bdt%3D912%26idt%3D245%26shv%3Dr20230307%26mjsv%3Dm202302210101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D883741237089%26frm%3D20%26pv%3D1%26ga_vid%3D2087292303.1678393221%26ga_sid%3D1678393221%26ga_hid%3D1631592750%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D1132%26ady%3D582%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759837%252C44759926%252C44777876%252C44774292%26oid%3D2%26pvsid%3D84248036881030%26tmod%3D2093322584%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CoeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D23%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3DXqlIp1w0eL%26p%3Dhttp%253A%2F%2Ftuihoctaichinh.com%26dtd%3D250&ancestorOrigins=null&random=5213400324453&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
49.12.22.42 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lb-3.futalis.de
Software
/
Resource Hash
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
350
content-type
text/html; charset=utf-8

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Thu, 09 Mar 2023 20:20:22 GMT
location
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2391955529
p3p
policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server
Apache
xphp81
true
link.html
track.webgains.com/ Frame 1670 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=60870300195724000951393012258015&nw=1
Requested by
Host: tuihoctaichinh.com
URL: http://tuihoctaichinh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.125.139 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-125-139.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
4033f61697c9302dc6ff6002ac44191e261cdf01c6556313d10b0d59cb07645c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 20:20:22 GMT
last-modified
Thu, 09 Mar 2023 20:20:22 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Thu, 09 Mar 2023 20:21:22 GMT
activityi;dc_pre=CNqKvv7Vz_0CFUXMOwIdLK4Nbw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3095964519860.488
5994599.fls.doubleclick.net/ Frame DA82
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3095964519860.488?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CNqKvv7Vz_0CFUXMOwIdLK4Nbw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3095964519860.488?
391 B
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNqKvv7Vz_0CFUXMOwIdLK4Nbw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3095964519860.488?
Requested by
Host: tuihoctaichinh.com
URL: http://tuihoctaichinh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
cafe /
Resource Hash
9f12df6800204c80cc3972091fb6234e743787e17db23b13ba395e9314053229
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
218
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 09 Mar 2023 20:20:22 GMT
expires
Thu, 09 Mar 2023 20:20:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 09 Mar 2023 20:20:22 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNqKvv7Vz_0CFUXMOwIdLK4Nbw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3095964519860.488?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900015.redintelligence.net/ Frame 5566 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900015.redintelligence.net/request_content.php?s=60870300195724000951393012258015&a=1be0e8bd
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=45bcf12e2b&subid=&uid=aa87908af1f0f728&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DFDPjER8u8_ZLEoOZ0NJhdg%26exch_seat%3D20035004448%26mt_aid%3D634168090223615191%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D4c02640a-3f85-4101-bc20-2ff6bf29b41c%26mt_cid%3D4c02640a-3f85-4101-bc20-2ff6bf29b41c%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCCUzGhD8KZMHBMuiRpt8Pn8y0mA3Ph46bXMCG2YLGAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi05Nzg1NTMzODM0NDE1MDY1yAEJqAMBqgTeAU_Q5tFEWl2a2kbt8JuelsHVu9Mc10j8c58ObqQg_aNu3UyrGr3I1ieGBjI8ffdi9-GLftkJz5wjanV9EI6YyBythszpqIRsULj7LNul2QPUcF3b3deIEaKKG1CSaPFV0FIOyDgjRMtoZ5ysfnLki3zNKhz_RexaiY4jAKseMeMS4Eozkq7b7u4Ck7_MuYuVz-DkE2DPAL-3XlIpvMfmyYXySSr23Tj1vsfIgVk1NoDfaKyJK0TbyceZn_pFhjh63ItTQDONk3Lews5k04NNrPy7RkHgtdSySvsQ-fyE3IAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1O0zfZfktMbMfj09x4z9G1A9WmqA%2526client%253Dca-pub-9785533834415065%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9785533834415065%26output%3Dhtml%26h%3D250%26slotname%3D3987083038%26adk%3D1746836503%26adf%3D28996181%26pi%3Dt.ma~as.3987083038%26w%3D300%26lmt%3D1678393220%26format%3D300x250%26url%3Dhttp%253A%252F%252Ftuihoctaichinh.com%252F%26wgl%3D1%26dt%3D1678393220426%26bpp%3D1%26bdt%3D912%26idt%3D245%26shv%3Dr20230307%26mjsv%3Dm202302210101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D883741237089%26frm%3D20%26pv%3D1%26ga_vid%3D2087292303.1678393221%26ga_sid%3D1678393221%26ga_hid%3D1631592750%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D1132%26ady%3D582%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759837%252C44759926%252C44777876%252C44774292%26oid%3D2%26pvsid%3D84248036881030%26tmod%3D2093322584%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CoeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D23%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3DXqlIp1w0eL%26p%3Dhttp%253A%2F%2Ftuihoctaichinh.com%26dtd%3D250&ancestorOrigins=null&random=5213400324453&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
3567e0065545541017039d7cacf3cc48b9b6177a79dc1a83ce2158092f229213

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2027
Content-Type
text/html; charset=utf-8
Date
Thu, 09 Mar 2023 20:20:22 GMT
Expires
Thu, 09 Mar 2023 20:20:22 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
native.png
ad-server.eu/wm/pb/ Frame 1670
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=60870300195724000951393012258015
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=60870300195724000951393012258015
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9785533834415065&output=html&h=250&slotname=3987083038&adk=1746836503&adf=28996181&pi=t.ma~as.3987083038&w=300&lmt=1678393220&format=300x250&url=http%3A%2F%2Ftuihoctaichinh.com%2F&wgl=1&dt=1678393220426&bpp=1&bdt=912&idt=245&shv=r20230307&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=883741237089&frm=20&pv=1&ga_vid=2087292303.1678393221&ga_sid=1678393221&ga_hid=1631592750&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1132&ady=582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44777876%2C44774292&oid=2&pvsid=84248036881030&tmod=2093322584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=XqlIp1w0eL&p=http%3A//tuihoctaichinh.com&dtd=250
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 20:22:58 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Thu, 09 Mar 2023 20:20:22 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
D972DA1C:C356_91EFC182:01BB_640A3F86_B8221A0:2FD2C
X-IPLB-Instance
40027
Content-Type
application/go
Location
https://ad-server.eu/wm/pb/native.png
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
truncated
/ Frame 1670 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca440ee46356a137f389050dba4ac509d8dcff623d65e1d9f350635525178d07

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 5566 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=60870300195724000951393012258015&a=1be0e8bd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 09 Mar 2023 20:20:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 09 Mar 2023 20:01:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 Mar 2023 20:20:22 GMT
/
hal9000.redintelligence.net/scale/ Frame 5566 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=60870300195724000951393012258015&a=1be0e8bd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
620699f9fc4373204a8c8cdb71c2af220bbca8072618c29f18c67ca3bb5aaed8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 20:20:22 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16265
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 5566 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=60870300195724000951393012258015&a=1be0e8bd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
3e7fbc229cfb2c71266b11c95aecf2ebcbd0fc930cba3d8adfab63b32eac2bbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 20:20:22 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16545
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 5566 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=60870300195724000951393012258015&a=1be0e8bd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
53d78e3eec0c95cf04f4649a4ff97111fcb02e2dd9cf8d009b023de8f14a834c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 20:20:22 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
13012
Vary
Accept-Encoding
Content-Type
image/png
gtm.js
www.googletagmanager.com/ Frame 08C4 		105 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
efbf9fd35c3f22c20c5e0c6bed818077f811e27cf33f30314696176bd9146305
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 20:20:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41432
x-xss-protection
0
last-modified
Thu, 09 Mar 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 Mar 2023 20:20:22 GMT
ts.js
cdn.retailads.net/ Frame 5F15 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retailads.net/ts.js
Requested by
Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2391955529
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a01:4f8:d0a:2321::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futalis.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 20:20:22 GMT
last-modified
Fri, 21 Jan 2022 14:35:51 GMT
server
Apache
etag
"14aa-5d6188919baaa"
content-type
application/javascript
xphp81
true
accept-ranges
bytes
content-length
5290
viewability
hal900015.redintelligence.net/ Frame 5566 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900015.redintelligence.net/viewability?s=60870300195724000951393012258015&a=23f594d6&vb=m
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=60870300195724000951393012258015&a=1be0e8bd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/request_content.php?s=60870300195724000951393012258015&a=1be0e8bd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 20:20:22 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 5566 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900015.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 15:41:23 GMT
x-content-type-options
nosniff
age
16739
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13052
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Mar 2024 15:41:23 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 5566 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900015.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 00:28:56 GMT
x-content-type-options
nosniff
age
71486
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Mar 2024 00:28:56 GMT
pvClk.min.js
analytics.webgains.io/ Frame 1670 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=60870300195724000951393012258015&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 12:12:42 GMT
content-encoding
gzip
via
1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
last-modified
Wed, 08 Mar 2023 12:12:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
29261
etag
W/"876c293e6c37046ecb0c11ce2e276942"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
NQ9Z8xahwcnc-Rf6Dtg15WEavC4DS0xCu7AyRzDy3B4q1BR3iH0UDA==
1x1.gif
cdn.track.production.webgains.team/7121/ Frame 1670 		85 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1678393522&Signature=OtWQzR8YVIyALZPVjAIPMwbd8EnfiypiKexX1iTMnRocLLq5QNKwJ6290KmOKebV~Fs5oJvJxrXa9pht0iwuhjU1PmDAaOUXuWu3fqufUyTA~dp6n5bZ~XMuFEU5fr9zrZ5nFpD~hbYiA9vSp5NtVgDBBYR~mAl09QTM7NtOkgO7r0GaqKkEM9Ab~nQm8O6JRQv825opdvTjYvLjll4U4SLYLpw7n-twDRgSgTRUeSJbL-obDE1ry3qfmUKNNuuvk3~9F3E3DTX2x5yJZEOFJsJF-WnBLHJcv5gzH33HD5YdnUVii9rTOXvG48TfDOxOKvA~HuxeIwQNv1HEtFFnwA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9785533834415065&output=html&h=250&slotname=3987083038&adk=1746836503&adf=28996181&pi=t.ma~as.3987083038&w=300&lmt=1678393220&format=300x250&url=http%3A%2F%2Ftuihoctaichinh.com%2F&wgl=1&dt=1678393220426&bpp=1&bdt=912&idt=245&shv=r20230307&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=883741237089&frm=20&pv=1&ga_vid=2087292303.1678393221&ga_sid=1678393221&ga_hid=1631592750&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1132&ady=582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44777876%2C44774292&oid=2&pvsid=84248036881030&tmod=2093322584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=XqlIp1w0eL&p=http%3A//tuihoctaichinh.com&dtd=250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-94.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 09 Mar 2023 04:01:44 GMT
via
1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
58719
etag
"70af33d70b6810475aae19743c8c435b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
85
x-amz-cf-id
TWcmHzG1JLvWb18PbO8SMQAFmGw0PbV8D2JWAB63vScWRVPkBSBq3Q==
dc_pre=CNqKvv7Vz_0CFUXMOwIdLK4Nbw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3095964519860.488
adservice.google.com/ddm/fls/z/ Frame DA82 		42 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CNqKvv7Vz_0CFUXMOwIdLK4Nbw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3095964519860.488
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNqKvv7Vz_0CFUXMOwIdLK4Nbw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3095964519860.488?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Mar 2023 20:20:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230307&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9785533834415065&plah=tuihoctaichinh.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7e691665873b3bfaf44eb8e57ddaf039d2c4ee7c38fdca72d36d04ee253e99bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tuihoctaichinh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 20:20:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11121
x-xss-protection
0
/
www.facebook.com/login/ Frame B38E
Redirect Chain
  • https://www.facebook.com/v2.3/plugins/page.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1835482928fd48%26domain%3Dtuihoct...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbit...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1835482928fd48%2526domain%253Dtuihoctaichinh.com%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Ftuihoctaichinh.com%25252Ff3500e6b727660c%2526relation%253Dparent.parent%26container_width%3D0%26height%3D455%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Ftuihoctaichinh%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D341
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=aedb293580d8467085164b38743e2c34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://tuihoctaichinh.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 09 Mar 2023 20:20:22 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
priority
u=0,i
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
+HbkJaktPTWaDbXHiFCvCqLoLTIwdKqpQ1Dc/dcEtzCp5m/HqxNa5GSTasPDlAbjDhb/LZ4nmol5JW1qU8RO8Q==
x-frame-options
DENY
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 09 Mar 2023 20:20:22 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v10.0
location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1835482928fd48%2526domain%253Dtuihoctaichinh.com%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Ftuihoctaichinh.com%25252Ff3500e6b727660c%2526relation%253Dparent.parent%26container_width%3D0%26height%3D455%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Ftuihoctaichinh%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D341
origin-agent-cluster
?0
pragma
no-cache
priority
u=3,i
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
x-fb-debug
SJkyrPoPYs4bsGCZJrpoyN5QEOXxe+f6JU4SDVlZvp3QVYEA7iDPVYtWPZ039ps+KZyOtDOlt2iqno31JC06FQ==
x-fb-rlafr
0
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		0
0
tracking-event
api.webgains.io/ Frame 1670 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.41.33.70 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-33-70.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 09 Mar 2023 20:20:23 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.41.33.70 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-33-70.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Thu, 09 Mar 2023 20:20:23 GMT
server
nginx
viewability
hal900015.redintelligence.net/ Frame 5566 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900015.redintelligence.net/viewability?s=60870300195724000951393012258015&a=23f594d6&vb=v
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=60870300195724000951393012258015&a=1be0e8bd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/request_content.php?s=60870300195724000951393012258015&a=1be0e8bd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 20:20:23 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sodar/sodar2.js

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| credentialless object| MathJax object| _wpemojiSettings function| advanced_ads_ready undefined| $ function| jQuery object| adsbygoogle object| oneall function| oa_social_abstract function| oa_social_login function| oa_social_link function| oa_social_sharing object| _oa_asq function| oa_class object| _oneall object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| wpcf7 object| scrollBackToTop object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter object| screenReaderText object| jpfbembed function| fbAsyncInit object| wp object| _stq function| st_go function| linktracker_init object| wpcom object| twemoji number| height object| FB function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| __buffer object| googletag object| GoogleGcLKhOms

9 Cookies

Domain/Path Name / Value
.tuihoctaichinh.com/ Name: __gads
Value: ID=9018393f1d443570-228002c347dd00fe:T=1678393220:RT=1678393220:S=ALNI_MblrBaIBUj5UBYW0Nt71o6w3oUGTw
.tuihoctaichinh.com/ Name: __gpi
Value: UID=00000bc2bfab1e8b:T=1678393220:RT=1678393220:S=ALNI_Mbt-dL5aKoKsrSWw8JmPMViQGIO9A
.doubleclick.net/ Name: IDE
Value: AHWqTUlKruoY4KbT65460FXij6UMTya9k0h66Bi6SKDivRPLWiJ_f4z9PsXYsrjSmtc
.mathtag.com/ Name: uuid
Value: 4c02640a-3f85-4101-bc20-2ff6bf29b41c
.retailads.net/ Name: ppb2172
Value: 2391955529
.futalis.de/ Name: raSIDb
Value: 2391955529
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1678393222507,"clickCookie":false}}
pb.media01.eu/ Name: ASP.NET_SessionId
Value: udo30snipnw4jguyd5kennwi
pb.media01.eu/ Name: DTU
Value: 47B07C38283D11B3A5D9E91481687BD8

2 Console Messages

Source Level URL
Text
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
ad-server.eu
adservice.google.com
adservice.google.de
adv.office-partner.de
analytics.webgains.io
api.webgains.io
cdn.jsdelivr.net
cdn.retailads.net
cdn.track.production.webgains.team
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
futalis.de
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900015.redintelligence.net
medialead.de
pagead2.googlesyndication.com
partner.googleadservices.com
pb.media01.eu
pixel.mathtag.com
pixel.wp.com
pv.medialead.de
stats.wp.com
tags.mathtag.com
tpc.googlesyndication.com
track.webgains.com
tuihoctaichinh.api.oneall.com
tuihoctaichinh.com
www.facebook.com
www.googletagmanager.com
www.googletagservices.com
tpc.googlesyndication.com
13.41.33.70
136.243.63.184
138.201.135.164
138.201.84.245
142.250.186.70
145.239.193.130
18.66.147.52
185.29.134.245
192.0.76.3
198.20.70.139
2.18.233.201
2a00:1450:4001:800::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2008
2a01:4f8:d0a:2321::2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42::485
2a0b:4d07:2::3
49.12.22.42
52.56.125.139
54.76.176.197
88.198.250.30
94.23.99.218
99.86.4.94
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
0a6ded5abbce13331658dd239f34382abd06492c74b71b61e8caa8112ec55fa5
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
24826653ceff31e5f87fe497b95655e247131b8ff9fb58160b090bd18ad63c24
299e5d9e836291994f0dcf042115b5358beee76430b091b9fd0afdbff2a53a11
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3567e0065545541017039d7cacf3cc48b9b6177a79dc1a83ce2158092f229213
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3cb514c89d63ad35ea09beaa9179bf4af06294de29c83a0c25db800005802314
3e7fbc229cfb2c71266b11c95aecf2ebcbd0fc930cba3d8adfab63b32eac2bbb
4033f61697c9302dc6ff6002ac44191e261cdf01c6556313d10b0d59cb07645c
4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38
4b23d507aa451c77c44196b223b6cb7e621f12b68e1b799373b033a4c6e11ae2
4ef7cd3d4ed7de91e7eb3c05a31c6fa1da0b08d07cbfab8ae108c34d5e39cdb9
53d78e3eec0c95cf04f4649a4ff97111fcb02e2dd9cf8d009b023de8f14a834c
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5a1a3a3f0ef52a304cde50940ee607a2ebb008b76fa4cf49721b6e5cc07c350a
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5f264caf42b579e8b581ac3ca57ee9671bf31f505bd014b8d1ebb73d8a8d40ee
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
620699f9fc4373204a8c8cdb71c2af220bbca8072618c29f18c67ca3bb5aaed8
6578eae4bc33547c0642559dc9a3a5982079af0ee0b701f9ddd3f5b65f0a91bd
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
6e0839c2fc964208d157d5582aa3629465196ad2d90b9aee7ba1a480d8ec40a5
75f7bf0ff2d3d8880e9006a2567b8d07183899dc678a5d396f5c5febd9006187
7aff1ab9588cf3717f553a63213fa1a3959f52b1840216c198b16cf3db6c9ade
7bac140442b32531c721f3fcad11bc3d7ec8c775df6473ea734da5e2715a129a
7e691665873b3bfaf44eb8e57ddaf039d2c4ee7c38fdca72d36d04ee253e99bc
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
82f06272949b7be14419ea7509bb0cadc1c839a59a67ceb609408fc1e2664a85
855ac45f95c382118c14bb4ec914ba225c6259a710cc99e8835ee1c281726e01
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
926283bfec42a5773520aa1cef2ee934ff09d7d60abd8bd42a384d51cf8d7fe2
927d5436967ebce8a52c4bdcd27cc056c910a72270f74990dfbd1d554840c12d
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
9f12df6800204c80cc3972091fb6234e743787e17db23b13ba395e9314053229
a415772d639fc251a8ce523a4138c49f2ef7e1ec2439fa044be55f2140a07f37
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a63e79b5a97bf477e7d6ad34b4f8be2e4e8c7f3162f7d58b156ff0557f65c312
a6e9a4d24ddc59d459a87d112a1b4aeb825a43beb56041b40a1efe09b5a491ba
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b73ec855361ff486832406e9f53820cf95319765a68d0e2d94eeb528125939b8
b958e0f47861dde13a175cc69494bdb54f08e2b5e78cecf6abd16470d2085257
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ca440ee46356a137f389050dba4ac509d8dcff623d65e1d9f350635525178d07
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c45502246d6e8e56522a924bddc63ab4cc096c6de0bdadf6577a3aa83a981c
e73587bbf59841d943e4ec02df1f5b6c1f81936d1adbfe0c4512bd1923eab79f
ecd1c682db418a5764046929f37b3a4b72ce66fbf8724ca8cbc238258c13b528
ee519845ad25d096974439033bfbfc99578285ab9788287b915940cc7f8d3147
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef43a4d502ffb688656851d788c42869d47e8840d007b4f4b66f62530171acd4
ef9c554bca3ce5b9f978b626ff8c3a441c0468af2599bdb4e9b6b32f6743f058
efbf9fd35c3f22c20c5e0c6bed818077f811e27cf33f30314696176bd9146305
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3aa1e85d3226abb38f698ad6c5d7a64c52dacdb4bbd14191c079b63d960780b
fda3035030d3843c2751dc0da65fb802230ec00a4008aeed83ddddc7b97cbc93
fe79305175ad9699e4f76c2af9b9e8a5469aa80765af8baeca051c5971d5485a
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40