urlscan.io logo urlscan.io
SecurityTrails logo

1.banksieutoc.one Open in urlscan Pro
2606:4700:3035::ac43:b9d8  Public Scan

Go To Rescan Add Verdict Report
URL: https://1.banksieutoc.one/
Submission: On December 13 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 13 domains to perform 63 HTTP transactions. The main IP is 2606:4700:3035::ac43:b9d8, located in United States and belongs to CLOUDFLARENET, US. The main domain is 1.banksieutoc.one.
TLS certificate: Issued by GTS CA 1P5 on November 11th 2022. Valid for: 3 months.
This is the only time 1.banksieutoc.one was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

21    2606:4700:3035::ac43:b9d8 (United States)

ASN13335 (CLOUDFLARENET, US)
1.banksieutoc.one
banksieutoc.one
2    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2620:0:862:ed1a::1 (United States)

ASN14907 (WIKIMEDIA, US)
vi.wikipedia.org
6    146.75.120.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
13    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
luongchinh.xyz
1    104.18.27.9 (None, )

ASN13335 (CLOUDFLARENET, US)
img.pikbest.com
5    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    104.21.20.107 (None, )

ASN13335 (CLOUDFLARENET, US)
api.inetstatic.com
3    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
21 banksieutoc.one
1.banksieutoc.one
banksieutoc.one
5 MB
16 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
204 KB
6 imgur.com
i.imgur.com — Cisco Umbrella Rank: 6132
13 MB
5 gstatic.com
fonts.gstatic.com
60 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
5 KB
2 wikipedia.org
vi.wikipedia.org — Cisco Umbrella Rank: 165805
2 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
2 KB
1 inetstatic.com
api.inetstatic.com — Cisco Umbrella Rank: 579895
762 B
1 google.de
adservice.google.de — Cisco Umbrella Rank: 11832
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 840
700 B
1 pikbest.com
img.pikbest.com — Cisco Umbrella Rank: 177897
51 KB
1 luongchinh.xyz
luongchinh.xyz
63 13
Domain Requested by
13 pagead2.googlesyndication.com 1.banksieutoc.one
pagead2.googlesyndication.com
tpc.googlesyndication.com
12 banksieutoc.one 1.banksieutoc.one
banksieutoc.one
9 1.banksieutoc.one 1.banksieutoc.one
6 i.imgur.com 1.banksieutoc.one
5 fonts.gstatic.com fonts.googleapis.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 vi.wikipedia.org 1 redirects 1.banksieutoc.one
2 fonts.googleapis.com 1.banksieutoc.one
1 www.google.com tpc.googlesyndication.com
1 api.inetstatic.com banksieutoc.one
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 img.pikbest.com 1.banksieutoc.one
1 luongchinh.xyz 1.banksieutoc.one
63 16

This site contains links to these domains. Also see Links.

Domain
m.me
nhantien.momo.vn
Subject Issuer Validity Valid
*.banksieutoc.one
GTS CA 1P5		 2022-11-11 -
2023-02-09		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.imgur.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-03-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.luongchinh.xyz
E1		 2022-12-08 -
2023-03-08		 3 months crt.sh
*.pikbest.com
GeoTrust RSA CN CA G2		 2022-03-04 -
2023-03-31		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.inetstatic.com
E1		 2022-10-17 -
2023-01-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://1.banksieutoc.one/
Frame ID: F69C93646F904A524B24C3AF44574881
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: 386C1A2D65D7ECA9F5B8E557F08677B6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4796296997108553&output=html&adk=1812271804&adf=3025194257&lmt=1670933514&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2F1.banksieutoc.one%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670933514603&bpp=4&bdt=1372&idt=234&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2293471278521&frm=20&pv=2&ga_vid=1678223099.1670933515&ga_sid=1670933515&ga_hid=1464914470&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071168%2C44779794%2C31071263%2C44780792%2C21065724&oid=2&pvsid=1922309807031484&tmod=4221779&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=279
Frame ID: 9BEDF79299201A25DC7D6DC221850509
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 74E55EE5B7DBA780FF960BD161412876
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7C24113F1E88DE429AE969267B3F81ED
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Chạm Tay Ngay Trúng Ngay Tiền Tỷ - Kiếm Tiền Trong 1 Nốt Nhạc

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • sweet(?:-)?alert(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

63
Requests

94 %
HTTPS

79 %
IPv6

13
Domains

16
Subdomains

15
IPs

3
Countries

19574 kB
Transfer

20211 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://vi.wikipedia.org/wiki HTTP 301
  • https://vi.wikipedia.org/wiki/Trang_Ch%C3%ADnh

63 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
1.banksieutoc.one/ 		35 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1.banksieutoc.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b9d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
2f143e4d8688657329cac0e0e7163e9777834f7b6e66b9e7e3f550839554adb9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
778e9ad658999134-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 13 Dec 2022 12:11:53 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2BG9WwnRK1tuolBVXA17ulSFRrJx1MT%2FKiW%2FtHPwrvNMcMVcvY%2FHPXtbr17VKz5iQILY2Tu0VgY60R6rJ6fK2eks4Z32%2BAMJksa1OdbfOETUjV9V3rqX%2FvCYAfcvJp6lzQj1KLTwPKmzFq9p9fXigA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
x-turbo-charged-by
LiteSpeed
css2
fonts.googleapis.com/ 		1 KB
930 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Goldman&display=swap
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b6339159f209ed801b5bf3c0b681f73490f9e6cb1b4f03827d07ffe6228fe9fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 13 Dec 2022 12:11:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 12:11:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Dec 2022 12:11:53 GMT
css2
fonts.googleapis.com/ 		9 KB
853 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&family=Roboto:wght@900&display=swap
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d2121d80a0dd495935b5cb038a4f508bccfc8aac628af516b34eeebf76900c7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 13 Dec 2022 12:11:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 12:11:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Dec 2022 12:11:53 GMT
stylea4b4.css
banksieutoc.one/assets/css/ 		59 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banksieutoc.one/assets/css/stylea4b4.css?v=1670933513
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b9d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65e60ae7116b526ceb55512bf7299f3f38a2a8171fb0e6aadc6fce185ee20e2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:11:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 05 Dec 2022 10:56:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7mFB03dxE3WWW1SnkkrIqVYjQHtKD3tv%2FqqJj6RkfmY8v0%2Bhn%2FAK4%2BZdlHrRa52NpVShFQl5udxzH32gU28lTR%2BQxQbDw0q5yV%2Fz9PvmUN%2FstUZatbsuc%2B04Jn5V3BYCYZquTENlU0ck0hZ5aM0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
778e9ad9f8cc9134-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 20 Dec 2022 12:11:53 GMT
tomdz.css
banksieutoc.one/assets/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banksieutoc.one/assets/css/tomdz.css
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b9d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83b95cc10c5b0224655793f2baec6eaafa265e557606cc212d02a3f40c683cc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:11:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 30 Sep 2022 14:39:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LUx8MKlz1D3tzfe4r7vFAMQ54gz6JkIuKFF4dZwUvfEorF1otScUuBbt85zxwZxGEIRT4hbXr%2FXiATHhwm4w7boaCaSOMtO0lrNfZFM9vcA%2BpQXgg681tPxJb%2FDk%2BG5KU%2BH0JpOyIcBrSpT0bPM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
778e9ad9f8ce9134-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 20 Dec 2022 12:11:53 GMT
boxicons.min.css
banksieutoc.one/assets/css/ 		62 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banksieutoc.one/assets/css/boxicons.min.css
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b9d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fc734c80933766675fda9c9a1f867289de58d1e6ddc85621e1a37eb506a22ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:11:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 04 Sep 2022 06:19:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eDDR1jX9sltE74YJtPcO1tMv6JQrQwJRtKB8QxfRQKbC20i6aPkBnWoUwInL02cNXv%2FIvNjlbkgupdybxsc71pZIlAaeNFb%2FHZugKI10u1PDqSpxM0oxXactRq9%2BfIBvJP6P6M%2Bed0FP7NQKQ60%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
778e9ad9f8d09134-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 20 Dec 2022 12:11:53 GMT
jquery-2.1.0.min.js
banksieutoc.one/assets/js/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banksieutoc.one/assets/js/jquery-2.1.0.min.js
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b9d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3270f295222b076621426ed5dd098bf593915075d714dcacc60ebbeb343ca68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:11:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 04 Sep 2022 06:19:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r2BbangFCAOtS71LMv1cHZGp5HIvrvpJ5bqiITm%2BI82roHgcZHHiY9jsO%2FETnSQjmu7H24cILzwDsjYInQGOqfilEDKjpIMZNl0KbVpCDvOfrzeERyq8Cf0sVw6Av43nAp4KDcP8y0gIxUgRM5s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
778e9ad9f8d59134-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 20 Dec 2022 12:11:53 GMT
Trang_Ch%C3%ADnh
vi.wikipedia.org/wiki/
Redirect Chain
  • https://vi.wikipedia.org/wiki
  • https://vi.wikipedia.org/wiki/Trang_Ch%C3%ADnh
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://vi.wikipedia.org/wiki/Trang_Ch%C3%ADnh
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H2
Server
2620:0:862:ed1a::1 , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Redirect headers

date
Tue, 13 Dec 2022 12:11:53 GMT
strict-transport-security
max-age=106384710; includeSubDomains; preload
x-content-type-options
nosniff
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
0
x-cache-status
miss
x-cache
cp3050 miss, cp3052 miss
server-timing
cache;desc="miss", host;desc="cp3052"
content-length
0
x-client-ip
2001:ac8:20:303::203e
last-modified
Tue, 13 Dec 2022 12:11:53 GMT
server
mw1370.eqiad.wmnet
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
vary
Accept-Encoding,X-Forwarded-Proto,Cookie,Authorization
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
text/html; charset=UTF-8
location
https://vi.wikipedia.org/wiki/Trang_Ch%C3%ADnh
cache-control
s-maxage=1200, must-revalidate, max-age=0
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
bootstrap.min.js
banksieutoc.one/assets/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banksieutoc.one/assets/js/bootstrap.min.js
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b9d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd2ecab2d0408a6d42f6517039d063e1912639d03fe000c78a0184d8b53c4379

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:11:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 04 Sep 2022 06:19:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66n1U7IgmJlkaH%2FB2wC8jkz%2BW3WpiGhB1PA9YuPRTF3BEOKcqZbGRzjR7BTake%2FsakrSzMRm3dQVRXaPgQ1%2F2xTv%2BCsxTREupwolsbb9RPL6CJvHol0MCRRtFXbpuAAIUgLElrHjWfaod1n8OJI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
778e9ada08ee9134-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 20 Dec 2022 12:11:53 GMT
lazyload.js
banksieutoc.one/assets/js/ 		62 B
345 B 		Script
General
Check archive.org
Download Go to
Full URL
https://banksieutoc.one/assets/js/lazyload.js
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b9d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a7c3f7bd05bac2b7f2dfd13729c5ea58966323e164d800a42a52bec2e48cc56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:11:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 04 Sep 2022 06:19:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2NEuRQPCb5uCUpXMLqE7f%2FWTT3Hg0%2BBREPFJfdxLE6xymmn87b3kAOtTnFvP0X%2BWOGu9lO%2FQIDoQFqQERSks5waYqUAt6Hdb14hN6vPTsXf9oan%2BaWOiFDoQf61SKetcZF7LpGlyZi7bNddlFdg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
778e9ad9f8d49134-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 20 Dec 2022 12:11:53 GMT
jquery.cookie.js
banksieutoc.one/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banksieutoc.one/assets/js/jquery.cookie.js
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b9d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dd83af26ed5c6d49c1d4401a4d9e438bc8f173b639dc8dfb0838c4e70be973a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:11:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 04 Sep 2022 06:19:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I9mMLbcfgOw7NmGQhtEoWhQOk6JlAG7Kb3e7kyNzxoPVFNT3rFiQ24jHzObsazzsQ3ycX2sLVCUqFIldNTNfN5fe82HMmsE7rTNtly5zihCSGz23oYRbd5X%2F%2FjBQcc%2FZF3%2BygvJVdKy%2F7ugHphg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
778e9ad9f8d29134-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 20 Dec 2022 12:11:53 GMT
js.cookie.js
banksieutoc.one/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banksieutoc.one/assets/js/js.cookie.js
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b9d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
310b5be9f2f9529d876e9ab4b36a2f12db338af9006a56914ead796225ebbe66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:11:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 04 Sep 2022 06:19:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lPL5FihQieVd0XCWsi0Vvc0qSDBoFDR09bDlHD90Zbe77KNl6M06VOh6Cq6QPyBiu5kPP8kRnei1odrR51FzRJU2cM1%2BSt9DHBMlOy6rpwrRNQNQ2qW3rVVqK1sLMquFCxxNrGBjgOFEhpYJUAY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
778e9ada08ed9134-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 20 Dec 2022 12:11:53 GMT
bootstrap-datepicker.min.js
banksieutoc.one/assets/js/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banksieutoc.one/assets/js/bootstrap-datepicker.min.js
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b9d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5673cbae0dc0af2fe20d57a6e5cb9ceb59bfb21f1be7fba8da69ad8beccd52ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:11:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 04 Sep 2022 06:19:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FBsWhhP6v3OWNs0VxwyoA%2FGaM3VZBD7YDqcPTjM8Ivep1jRY%2FfJiAj3LNB7ulF%2FMdgm1sQhhWAMuuuxmf9FAHqXzS%2Bpo%2BTLOtpTkd%2BvD8Se16tkXeZ3Dl2dvdUIYQtXhCJB4R69mCi7FCFWC%2BSE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
778e9ada08e99134-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 20 Dec 2022 12:11:53 GMT
sweetalert.min.js
banksieutoc.one/assets/js/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banksieutoc.one/assets/js/sweetalert.min.js
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b9d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7136574919ae28c81048d019e30bcea1b382b8be9f517dca3ad66b1c6b38be6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:11:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 04 Sep 2022 06:19:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CWC%2FC8PI%2FEAAcwyW5Z2h8ThjjZbsao0u5yAdnijI7AkRQkREJwErMzTbnmotwMmTypjWwBonlsaYqzALlk3Wo6oNbIHsG8HndWcNubRH%2BskR8z9q9wGsnsyNviLrI25%2BP7UO4eCbkJ4MKf5Kgv4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
778e9ad9f8d79134-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 20 Dec 2022 12:11:53 GMT
tomdz.js
banksieutoc.one/assets/js/ 		1 KB
691 B 		Script
General
Check archive.org
Download Go to
Full URL
https://banksieutoc.one/assets/js/tomdz.js
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b9d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80a70373be25d13d2429f19f19bccbef46e76fefef84d47d423133818b327430

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:11:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 04 Sep 2022 06:19:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rn6XyuEA7fbdqXmDdB1LRkxrYzBWhDI0%2BG13Jbja9EPocSOfsdtsvGEJgpACfz8dwaNj6088lFhlcRS3ySIqBXuR%2F4ni8TSw7ieYpBIT68Qucho0xctmnF59FLfxSaN%2B5gZLt2BpLh4WFYVyaxo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
778e9ad9f8d19134-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 20 Dec 2022 12:11:53 GMT
cookie.js
banksieutoc.one/assets/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banksieutoc.one/assets/js/cookie.js
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b9d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eca391a0e148956a0a652cba32cf5d5cd36211e8dc050dd1aa0c2eb520ca3b22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:11:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 04 Sep 2022 06:19:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2F9%2FKNOJxCpXJwRvkcwbiEtrGL3MqwGnNf8y%2BDcLY8IwjUy6lMREw9sY23tVfSaAFBhAf%2FFN3LN4n%2F57iPtWDo0E0ZSADFnUXwtL8YEcw0Io5fFtthr13LGlj6TntGTmwdDqgsyt4wOOJalXH08%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
778e9ad9f8da9134-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 20 Dec 2022 12:11:53 GMT
rotate.js
1.banksieutoc.one/assets/Scripts/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1.banksieutoc.one/assets/Scripts/rotate.js
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b9d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aaee62b88cfa903114d5f3790dbb26412a313abb502d00ec3906ef8597bdfeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:11:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 13 Dec 2022 12:11:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZysDbdZy3ZBmDiTpAxL5PzoBSEcn2f60WPZ4AXRM%2F%2FTV4CBaqUhNAEO2o7VmLdYIUfa3sbRVw3PkOwYnQPaJLq7Nd%2Fn%2FkZTXDKkPgI34PzxNm5%2BIsWjdxsfgHAibGcGAXJJMdScajmzsuxQB9WrtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
778e9ad9f8c19134-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 20 Dec 2022 12:11:53 GMT
F8Uw4W0.png
i.imgur.com/ 		326 KB
327 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/F8Uw4W0.png
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
12ee99233b88a13fb32809cd6213690bea24416bff014e280042117e1fb9a513
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:11:54 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
717627
x-cache
HIT, HIT
content-length
334103
x-served-by
cache-iad-kjyo7100101-IAD, cache-hhn-etou8220052-HHN
last-modified
Mon, 05 Dec 2022 04:51:26 GMT
server
cat factory 1.0
x-timer
S1670933514.468750,VS0,VE2
etag
"21987c1600ad4638fbed08ba4c451e4b"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
46, 1
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4796296997108553
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a9a0bf92afdd0a87621caa8e391d203a5c8e333c753b9e3d7303b9bf5e765d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1.banksieutoc.one/
Origin
https://1.banksieutoc.one
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:11:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49387
x-xss-protection
0
server
cafe
etag
18153695105531286030
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 12:11:54 GMT
RFAsKik.png
i.imgur.com/ 		261 KB
262 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/RFAsKik.png
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
ebb866e41501547ff216d82aea50cb78040ab6821e3ce6a39c40ff418d34199c
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:11:54 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
2770405
x-cache
HIT, HIT
content-length
267774
x-served-by
cache-iad-kiad7000117-IAD, cache-hhn-etou8220052-HHN
last-modified
Thu, 03 Nov 2022 22:50:03 GMT
server
cat factory 1.0
x-timer
S1670933514.469821,VS0,VE5
etag
"820499815b5dc40c06254348736c4192"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
113, 1
24.png
1.banksieutoc.one/upload/vongquay_kimcuong/thumb/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.banksieutoc.one/upload/vongquay_kimcuong/thumb/24.png
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b9d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32944879411986a6c5bc5886d2d261e9cd2541dbbee09baf88834a765e2a6ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:11:54 GMT
cf-cache-status
MISS
last-modified
Tue, 13 Dec 2022 12:11:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xrMSxTAdfifpxc2wGMjZZsrFEnxTQ1aLf%2F5ptgVy%2Fp07rDvhvijsGRi%2Fkk%2BIDaRf5Q62lqWv0UKNXFUO2LcgACLH1sYpofLN5ee3GTI38ScWr3cKyNZgbE7GZ%2BlVv32%2Fr%2Btjgvl%2BYOS2olQOHZvcTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
778e9addeca89c0c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1297147
expires
Tue, 20 Dec 2022 12:11:54 GMT
quauynhanhedit.gif
1.banksieutoc.one/assets/images/ 		298 KB
299 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.banksieutoc.one/assets/images/quauynhanhedit.gif
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b9d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c14a7c21a22af60f3d087d0fc59bed5a36ab845fd9fb09e9be0350eee7d273cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:11:54 GMT
cf-cache-status
MISS
last-modified
Tue, 13 Dec 2022 12:11:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NpcJayQjT%2FLpSsp1T4Lh8dDJHHe1WPxV3vKRaP3RUsstP3cBGjuau2hNrs41RBPg9A%2F8InaGkCZBppwEvdBQF9o3oR6HHTO%2BvJDgrv4y%2BjrVeGD0rFraDSU4wuRWKCR1sIT94%2Bo7EZVeUptZeLX%2FaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
778e9addecac9c0c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
305363
expires
Tue, 20 Dec 2022 12:11:54 GMT
23.png
1.banksieutoc.one/upload/vongquay_kimcuong/thumb/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.banksieutoc.one/upload/vongquay_kimcuong/thumb/23.png
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b9d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31986a080a23215077cf4b7d5bea8c38ab0f380c55c9361616b4f14e623c5a84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:11:54 GMT
cf-cache-status
MISS
last-modified
Tue, 13 Dec 2022 12:11:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XnEl8k%2BIv1IVdJ4Qw2csk68HORZxlRSB8TSYHgzHSVvdBrV4%2Bz6udPGm8n5tJgSwLLRY2iAYK3sJxWxrOSLz8f7kfRKIy%2Bl%2Fjbm4VltLeEVDfbk6OMtDcB0ZMRthASffvcCdODOZJz0r3JYXNKOLOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
778e9addecb09c0c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1469821
expires
Tue, 20 Dec 2022 12:11:54 GMT
22.png
1.banksieutoc.one/upload/vongquay_kimcuong/thumb/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.banksieutoc.one/upload/vongquay_kimcuong/thumb/22.png
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b9d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ac3d760ee871c78b15222b2370b5ed4bce580b534ea6d4c27921911a7fee560

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:11:54 GMT
cf-cache-status
MISS
last-modified
Tue, 13 Dec 2022 12:11:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wMuXvgW1s3%2BXrVVh%2BYd7C5CFVJ01Msuf3Wlki5FWcXQbCIBZ7MLTEgp65Z7YbFCuV3xSNfYOqxmeluUkItA2P2r5q%2Frh0zrPE5y2C6U8CRT8xxgLBvXF%2BoPpdnGSVP3Cid0yiEyti6bRTVC10iI5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
778e9addecb29c0c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1294529
expires
Tue, 20 Dec 2022 12:11:54 GMT
21.png
1.banksieutoc.one/upload/vongquay_kimcuong/thumb/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.banksieutoc.one/upload/vongquay_kimcuong/thumb/21.png
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b9d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8722aa73cde3508a528d76e459946fe18d495a85dc9f0e5bb039c7361621c8c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:11:54 GMT
cf-cache-status
MISS
last-modified
Tue, 13 Dec 2022 12:11:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=itkSuQ7MZXCfOA%2BmxOB2gGC1hI4BuqlJUWGih%2Bb5sQruQx%2FZEPDKFCxLiC5ptJPH7w8v34KogQHsVyJNk8r49EXO6xFohxbuDTsSmlAg9p3ub%2Bvnd8q%2FwPueN%2B0kmhnD2L5aLY8zTd0EJe40uWwxKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
778e9addecb79c0c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1267097
expires
Tue, 20 Dec 2022 12:11:54 GMT
zLny7wu.gif
i.imgur.com/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/zLny7wu.gif
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
37c0b0ee897779b8eafcfd52d4e8b8b3db97aba0a2eb503e40414ab638497de2
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:11:54 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
2393777
x-cache
HIT, HIT
content-length
3090096
x-served-by
cache-iad-kcgs7200131-IAD, cache-hhn-etou8220052-HHN
last-modified
Tue, 13 Sep 2022 02:14:43 GMT
server
cat factory 1.0
x-timer
S1670933514.471044,VS0,VE9
etag
"4039023b4a9eba231ca2d37ebeabc680"
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
116, 1
yw0W5yQ.gif
i.imgur.com/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/yw0W5yQ.gif
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
72a6f859e57d001df144874f8c7b48eff5302ff4fa5931fd10f61c58a7d73531
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:11:54 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
618603
x-cache
HIT, HIT
content-length
3106162
x-served-by
cache-iad-kjyo7100144-IAD, cache-hhn-etou8220052-HHN
last-modified
Thu, 08 Sep 2022 12:14:24 GMT
server
cat factory 1.0
x-timer
S1670933514.469463,VS0,VE9
etag
"82bb196a1bba611fec800cfc988a77c0"
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
37, 1
642C7Iz.gif
i.imgur.com/ 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/642C7Iz.gif
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
045b227715c7bf0c850021feea5d019754ede09773b64e17c78ac41633709357
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:11:54 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
1607577
x-cache
HIT, MISS
content-length
3931552
x-served-by
cache-iad-kcgs7200055-IAD, cache-hhn-etou8220052-HHN
last-modified
Tue, 13 Sep 2022 02:10:31 GMT
server
cat factory 1.0
x-timer
S1670933514.469429,VS0,VE152
etag
"c0bc1e7cc0567c0f7c6a29195d0018a4"
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
117, 0
QB8TXCC.gif
i.imgur.com/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/QB8TXCC.gif
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
0950b077b520413531add5961351d2c7b4d4f14cc3e6d12c875435fd237a235f
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:11:54 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
776242
x-cache
HIT, HIT
content-length
3215613
x-served-by
cache-iad-kcgs7200082-IAD, cache-hhn-etou8220052-HHN
last-modified
Thu, 08 Sep 2022 11:43:35 GMT
server
cat factory 1.0
x-timer
S1670933514.469397,VS0,VE12
etag
"bb8ffe85f33ac69e1e81c4b7cb4319ac"
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
57, 1
234632nh%E1%BA%ADn%20qu%C3%A0%20noel.gif
luongchinh.xyz/tep-tin/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://luongchinh.xyz/tep-tin/234632nh%E1%BA%ADn%20qu%C3%A0%20noel.gif
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
kuna4b4.js
1.banksieutoc.one/assets/frontend/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1.banksieutoc.one/assets/frontend/js/kuna4b4.js?v=1623309620
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b9d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
331ae6c492db1af9f218583eb67a79ffdb102bef00fe26b9284c3adbd258e07e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:11:54 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 13 Dec 2022 12:11:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wf0o7hTxWvJ1YF2gnWnhFX0OgrKTPdTZtKDwWcaDbY%2FH3wFezRBH4HeGWBYoSlikftgpLC%2FbkJJIP0q3XghCJTAnlNutU3ZVDSYdV2%2Bk86WZb1WBG0rHfm1wGbCeJ0XJvg42M8fVnvRo%2FyM%2BApxi%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
778e9adcca849c0c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 20 Dec 2022 12:11:54 GMT
new-year-27s-eve-lantern-red-simple-spring-festival-background_6247306.jpg!bwr800
img.pikbest.com/backgrounds/20220119/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.pikbest.com/backgrounds/20220119/new-year-27s-eve-lantern-red-simple-spring-festival-background_6247306.jpg!bwr800
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.9 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a2569e10e92a7cc8bfd8f82152ba29b037528ff540de08daa1403b65ef323dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:11:54 GMT
via
T.166.N, V.pcw-cn-hkg-166, T.187.N, M.gtt-us-lax1-187
cf-cache-status
HIT
x-source
U/200, G/200
content-length
52062
x-request-id
995625cb5d7e8db6d7cde516669f602a
cf-bgj
h2pri
last-modified
Fri, 25 Feb 2022 08:09:11 GMT
server
cloudflare
etag
"f3e5e71c28fc65fa46eaab537af1571b"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=16070400
accept-ranges
bytes
cf-ray
778e9ae15e34906a-FRA
expires
Sat, 17 Jun 2023 12:11:54 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&family=Roboto:wght@900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1.banksieutoc.one
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 23:09:50 GMT
x-content-type-options
nosniff
age
46924
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15660
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:42:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 23:09:50 GMT
boxicons.woff2
banksieutoc.one/assets/fonts/ 		0
0
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&family=Roboto:wght@900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1.banksieutoc.one
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 08:45:21 GMT
x-content-type-options
nosniff
age
12393
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15700
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:51:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Dec 2023 08:45:21 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCoYb8td.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCoYb8td.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&family=Roboto:wght@900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7eaf0683081d1ec178eafefff2c407475fe4e69e0d7104e0121f72dcdd1c4d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1.banksieutoc.one
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 08:45:45 GMT
x-content-type-options
nosniff
age
12369
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11760
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:07:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Dec 2023 08:45:45 GMT
vien.gif
1.banksieutoc.one/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.banksieutoc.one/images/vien.gif
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b9d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
198bd9546bfd29a99fe412b99f2313a3fa1b9e8afa658a47c5843d67960d48b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:11:54 GMT
cf-cache-status
MISS
last-modified
Tue, 13 Dec 2022 12:11:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LdsUoLmdoluy%2FufVSFLEi7Oxb3wzGC2LP4KR%2Bv0V0ZE88c9ED4Vw6jDqmMpevUicmXOgGnfA5G83Plor4U%2BTlp%2Bp3miUER0buOl4n3fQJhU2nc1na6Jnn5SuEmNsjkkll37M9XRHa44CWHOJoWlgpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
778e9addfcdb9c0c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8200
expires
Tue, 20 Dec 2022 12:11:54 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&family=Roboto:wght@900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30fa70635379ae1b58491bc41572760c1f3c8445265436a5fec4c36a197e4121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1.banksieutoc.one
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 08:45:53 GMT
x-content-type-options
nosniff
age
12361
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11816
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:52:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Dec 2023 08:45:53 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCsYb8td.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCsYb8td.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&family=Roboto:wght@900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf3fbb19e9654fa5727bc1312cd4b8bd54d23adb70168da4315cead4666f7dc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1.banksieutoc.one
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 08:55:57 GMT
x-content-type-options
nosniff
age
11757
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5564
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:11:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Dec 2023 08:55:57 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4796296997108553&plah=1.banksieutoc.one&bust=31071168
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4796296997108553
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6fb024c4e143035c7bc6c634bca0acb039ecc9c623ed3caa3ed7c49ca10ad394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:11:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119970
x-xss-protection
0
server
cafe
etag
13401392082991444023
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 12:11:54 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame 386C 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4796296997108553
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1.banksieutoc.one/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
35981
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 02:12:13 GMT
etag
10353107486223812946
expires
Tue, 27 Dec 2022 02:12:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=new_abg_tag&value=true&host_v=false&frequency=0.01&eid=44759875%2C44759926%2C44759837%2C31071168%2C44779794%2C44780792%2C21065724
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 12:11:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=modern_js&fy=2021&supports=true&c=2021&eid=44759875%2C44759926%2C44759837%2C31071168%2C44779794%2C44780792%2C21065724
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 12:11:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=abg::amalserr&status=tcto&guarding=true&timeout=50&rate=0.01&eid=44759875%2C44759926%2C44759837%2C31071168%2C44779794%2C44780792%2C21065724
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 12:11:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=abg_host&host=1.banksieutoc.one&eid=44759875%2C44759926%2C44759837%2C31071168%2C44779794%2C44780792%2C21065724
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 12:11:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=4&tms=200&eid=44759875%2C44759926%2C44759837%2C31071168%2C44779794%2C44780792%2C21065724
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 12:11:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		397 B
700 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=1.banksieutoc.one&callback=_gfp_s_&client=ca-pub-4796296997108553&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4796296997108553&plah=1.banksieutoc.one&bust=31071168
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7b5927532a299f37d35f8e66a963cc156564754aaf03ec2b176e38b6be594a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:11:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=1.banksieutoc.one
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4796296997108553&plah=1.banksieutoc.one&bust=31071168
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:11:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=1.banksieutoc.one
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4796296997108553&plah=1.banksieutoc.one&bust=31071168
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:11:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2F1.banksieutoc.one%2F&tn=DIV&id=myModal&cls=modal&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 12:11:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2F1.banksieutoc.one%2F&tn=DIV&id=myModal&cls=modal&ign=false&pw=1600&ph=1200&x=0&y=69.6
Requested by
Host: 1.banksieutoc.one
URL: https://1.banksieutoc.one/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 12:11:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 9BED 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4796296997108553&output=html&adk=1812271804&adf=3025194257&lmt=1670933514&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2F1.banksieutoc.one%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670933514603&bpp=4&bdt=1372&idt=234&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2293471278521&frm=20&pv=2&ga_vid=1678223099.1670933515&ga_sid=1670933515&ga_hid=1464914470&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071168%2C44779794%2C31071263%2C44780792%2C21065724&oid=2&pvsid=1922309807031484&tmod=4221779&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=279
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4796296997108553&plah=1.banksieutoc.one&bust=31071168
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1.banksieutoc.one/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 12:11:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
script.js
api.inetstatic.com/tracking/ 		200 B
762 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.inetstatic.com/tracking/script.js?referrer=https://1.banksieutoc.one/
Requested by
Host: banksieutoc.one
URL: https://banksieutoc.one/assets/js/jquery-2.1.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.20.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.21
Resource Hash
82843a2293143c619a79d6a8d700e57fb72ea730d56cb5fa8a7cc0ca5bc90c89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:11:55 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.2.21
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/html; charset=utf-8
access-control-allow-origin
https://1.banksieutoc.one
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2F6wfL8KtyZiq0CzcYto1qQBUvsuk2XYf5RKGhCeZ%2BOOGJHe3UTXIOm7hJjAmYnt0v8kcuOVAaDJETFOBsAn7eVRhwQIuUuBvVB0300mqZpZ2NSNf5TAy3JgcwDTR4SLrXoNMOQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
778e9ae49ee7faf6-DUS
access-control-allow-headers
X-Requested-With,content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
boxicons.woff
banksieutoc.one/assets/fonts/ 		0
0
boxicons.ttf
banksieutoc.one/assets/fonts/ 		0
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4796296997108553&plah=1.banksieutoc.one&bust=31071168
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ba24e99fdcea99d17f4431377488c47a000bdcf520d74172c20ffe46c050d1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:11:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11082
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4796296997108553&plah=1.banksieutoc.one&bust=31071168
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:11:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 13 Dec 2022 12:11:57 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 74E5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1.banksieutoc.one/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
752
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 11:59:25 GMT
expires
Wed, 13 Dec 2023 11:59:25 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7C24 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
75a9cf3e1970fca327cca2cc15c96eaf99dbd07f3e0d163d5d459d9af764aff5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3dl3e626uB_XJfDAxKOF3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1.banksieutoc.one/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-3dl3e626uB_XJfDAxKOF3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 12:11:57 GMT
expires
Tue, 13 Dec 2022 12:11:57 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame 74E5 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 10:51:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4812
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Dec 2023 10:51:45 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7C24 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=1922309807031484&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 74E5 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?xgre8g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:11:57 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=1922309807031484&bg=!WlmlWR3NAAYgquz3AKo7ACkAdvg8Wj2n42APyqnfKaeQONYAEI4_t0Ztn3Wk_MePrqKP4kyoZNsAGgIAAABXUgAAAA5oAQcKAJyb5rwsZQCw9yLSzDyiTgj4xhOwNUpAFXyQEPRbzPPA8zSLRJJjSaHsm3o6D8_nD_OAd-iy4C8U-OWnptFmylM0y6o35zWx8eg66QtKzG-I-Vl9iB6t4diwIlpEicWV2P5wRKyGw8uMIrTgUT54XXpdcWZ5YvGtVitISMo5zKeD75x2-OivGJ5inICm-F_VJLDsAqZRrrs1eweSuSaZAuUHUH1-90S8U7PUZvf_nGPQ0Z2ZEFE-ZD8camYJw0ca8co1nqCaJ3eJ1CuYjkV1bIfU0q_xwWApWaHtJP26Df76HfJusCzMo1TlVAH6c1NeE0ZoAkVAFt4Yo_cHGKcQk63JfjFfzV8CrFmYLLIPyjpZaLFLBAntcmhiVD3FrhhpdoSL-QWguvpkNEePDjQzpWsgrb5gCePaYK3_-equCDnPZrHIAnHOsmHk0CUQaZLKHIU0NCY7zA3DbpH1gDN6-sapFSNNzPL-ziuv-PtPWQw-1usmgfLjZmwg8wubAPf_7rsCrbr-tWqyOuM2xkrStPsOutarvlqb5Bhu6pl-IV8jyLw0IRu4llyYjrMzBpMHHacavfLp_oZ2x2aZne0kO8_W5sivAt-tsCnoakk5JAkvQKOWLDYIX7Ks-dQTzsYaNNG8OYGbWteUjzHfJtKRcyFNa3vR33lQFMv03wvKD559KpRqtdYUWhlVmjFoNPaCMHniQ2DRBv_l7hnoOhJw-KkobGLFAJXRWkzBUG2P49antkbCaLsMKw-tspf_EC8ozFi0C5rOLTrtdoaMxT_XTzrGjj_6LYTCm4n4-lRfCni0wxEJQBHLgcsaRHdD3SZwzfcFWxjx_WZbKw83EsXUY2DgbPTrJL6qh10VrYGWiusdgP9f8R9OkvzPnHYjJ4nTrNezoZC5jdIRQr_KO36_2x-PBl6dzGAWdH_Zp3KoIIgujyHIXb54v4HMML-ec54iiHAIJnNZmM-4DRMnCOfswh2sCfPxjNIUpdZ_llmDY7yahYv8q0EiFGvOJFWRXeX1TIMY2Qnamuq1Vp7WmosojTov6GsAsN-nOVyfmoEe-1EQfpy2kW9MRC_3YpXOeULg-7rjfTqTis0CBjKtSP1eqxHbWqrXWWKVcXs6GuFX0sUufb7dIc0CTQiFpqeGxpgA1AyhZvyhD4UedtMBoiQch1h8zqhNZYvhRfk_Qqv-Q14jDpg8znU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1.banksieutoc.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
banksieutoc.one
URL
https://banksieutoc.one/assets/fonts/boxicons.woff2
Domain
banksieutoc.one
URL
https://banksieutoc.one/assets/fonts/boxicons.woff
Domain
banksieutoc.one
URL
https://banksieutoc.one/assets/fonts/boxicons.ttf

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontentvisibilityautostatechange function| $ function| jQuery function| Cookies function| setImmediate function| clearImmediate function| swal function| sweetAlert function| muarandom function| muanick object| Wilq32 object| theToggle function| hasClass function| addClass function| removeClass function| toggleClass function| copyToClipboard object| modal object| btn object| span function| Tab function| activeTab function| buyRandom function| buykc object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_image_requests boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages string| r string| t object| GoogleGcLKhOms

5 Cookies

Domain/Path Name / Value
1.banksieutoc.one/ Name: PHPSESSID
Value: d7e2cd5f0bf6a58d4ce39d566a8f871d
1.banksieutoc.one/ Name: PHPREFS
Value: full
.banksieutoc.one/ Name: __gads
Value: ID=026e6b8e6ee0b2ee-222e6a360dd900f5:T=1670933514:RT=1670933514:S=ALNI_MYGMB8m_AAdt9waI2zIhPtqcS-hKA
.banksieutoc.one/ Name: __gpi
Value: UID=00000b91b3171162:T=1670933514:RT=1670933514:S=ALNI_MZ3Yz2XwNA-XtIlYTkfO9X05HsTWQ
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

8 Console Messages

Source Level URL
Text
network error URL: https://luongchinh.xyz/tep-tin/234632nh%E1%BA%ADn%20qu%C3%A0%20noel.gif
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4796296997108553&output=html&adk=1812271804&adf=3025194257&lmt=1670933514&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2F1.banksieutoc.one%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670933514603&bpp=4&bdt=1372&idt=234&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2293471278521&frm=20&pv=2&ga_vid=1678223099.1670933515&ga_sid=1670933515&ga_hid=1464914470&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071168%2C44779794%2C31071263%2C44780792%2C21065724&oid=2&pvsid=1922309807031484&tmod=4221779&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=279
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript error URL: https://1.banksieutoc.one/
Message:
Access to font at 'https://banksieutoc.one/assets/fonts/boxicons.woff2' from origin 'https://1.banksieutoc.one' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://banksieutoc.one/assets/fonts/boxicons.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://1.banksieutoc.one/
Message:
Access to font at 'https://banksieutoc.one/assets/fonts/boxicons.woff' from origin 'https://1.banksieutoc.one' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://banksieutoc.one/assets/fonts/boxicons.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://1.banksieutoc.one/
Message:
Access to font at 'https://banksieutoc.one/assets/fonts/boxicons.ttf' from origin 'https://1.banksieutoc.one' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://banksieutoc.one/assets/fonts/boxicons.ttf
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.banksieutoc.one
adservice.google.com
adservice.google.de
api.inetstatic.com
banksieutoc.one
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.imgur.com
img.pikbest.com
luongchinh.xyz
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
vi.wikipedia.org
www.google.com
banksieutoc.one
104.18.27.9
104.21.20.107
146.75.120.193
2606:4700:3035::ac43:b9d8
2620:0:862:ed1a::1
2a00:1450:4001:803::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:812::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2004
2a06:98c1:3121::3
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
045b227715c7bf0c850021feea5d019754ede09773b64e17c78ac41633709357
0950b077b520413531add5961351d2c7b4d4f14cc3e6d12c875435fd237a235f
12ee99233b88a13fb32809cd6213690bea24416bff014e280042117e1fb9a513
198bd9546bfd29a99fe412b99f2313a3fa1b9e8afa658a47c5843d67960d48b3
1a2569e10e92a7cc8bfd8f82152ba29b037528ff540de08daa1403b65ef323dc
1fc734c80933766675fda9c9a1f867289de58d1e6ddc85621e1a37eb506a22ba
2a7c3f7bd05bac2b7f2dfd13729c5ea58966323e164d800a42a52bec2e48cc56
2dd83af26ed5c6d49c1d4401a4d9e438bc8f173b639dc8dfb0838c4e70be973a
2f143e4d8688657329cac0e0e7163e9777834f7b6e66b9e7e3f550839554adb9
30fa70635379ae1b58491bc41572760c1f3c8445265436a5fec4c36a197e4121
310b5be9f2f9529d876e9ab4b36a2f12db338af9006a56914ead796225ebbe66
31986a080a23215077cf4b7d5bea8c38ab0f380c55c9361616b4f14e623c5a84
32944879411986a6c5bc5886d2d261e9cd2541dbbee09baf88834a765e2a6ef2
331ae6c492db1af9f218583eb67a79ffdb102bef00fe26b9284c3adbd258e07e
37c0b0ee897779b8eafcfd52d4e8b8b3db97aba0a2eb503e40414ab638497de2
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
4a9a0bf92afdd0a87621caa8e391d203a5c8e333c753b9e3d7303b9bf5e765d7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5673cbae0dc0af2fe20d57a6e5cb9ceb59bfb21f1be7fba8da69ad8beccd52ef
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65e60ae7116b526ceb55512bf7299f3f38a2a8171fb0e6aadc6fce185ee20e2e
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6fb024c4e143035c7bc6c634bca0acb039ecc9c623ed3caa3ed7c49ca10ad394
7136574919ae28c81048d019e30bcea1b382b8be9f517dca3ad66b1c6b38be6a
72a6f859e57d001df144874f8c7b48eff5302ff4fa5931fd10f61c58a7d73531
75a9cf3e1970fca327cca2cc15c96eaf99dbd07f3e0d163d5d459d9af764aff5
7ac3d760ee871c78b15222b2370b5ed4bce580b534ea6d4c27921911a7fee560
80a70373be25d13d2429f19f19bccbef46e76fefef84d47d423133818b327430
82843a2293143c619a79d6a8d700e57fb72ea730d56cb5fa8a7cc0ca5bc90c89
83b95cc10c5b0224655793f2baec6eaafa265e557606cc212d02a3f40c683cc2
8722aa73cde3508a528d76e459946fe18d495a85dc9f0e5bb039c7361621c8c0
8ba24e99fdcea99d17f4431377488c47a000bdcf520d74172c20ffe46c050d1d
9aaee62b88cfa903114d5f3790dbb26412a313abb502d00ec3906ef8597bdfeb
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b6339159f209ed801b5bf3c0b681f73490f9e6cb1b4f03827d07ffe6228fe9fb
b7b5927532a299f37d35f8e66a963cc156564754aaf03ec2b176e38b6be594a5
b7eaf0683081d1ec178eafefff2c407475fe4e69e0d7104e0121f72dcdd1c4d2
bf3fbb19e9654fa5727bc1312cd4b8bd54d23adb70168da4315cead4666f7dc8
c14a7c21a22af60f3d087d0fc59bed5a36ab845fd9fb09e9be0350eee7d273cf
c3270f295222b076621426ed5dd098bf593915075d714dcacc60ebbeb343ca68
cd2ecab2d0408a6d42f6517039d063e1912639d03fe000c78a0184d8b53c4379
d2121d80a0dd495935b5cb038a4f508bccfc8aac628af516b34eeebf76900c7b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
ebb866e41501547ff216d82aea50cb78040ab6821e3ce6a39c40ff418d34199c
eca391a0e148956a0a652cba32cf5d5cd36211e8dc050dd1aa0c2eb520ca3b22