urlscan.io logo urlscan.io
SecurityTrails logo

ads.duongtamob.com Open in urlscan Pro
13.228.81.39  Public Scan

Go To Rescan Add Verdict Report
URL: https://ads.duongtamob.com/
Submission: On June 28 via api from US — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 29 HTTP transactions. The main IP is 13.228.81.39, located in Singapore, Singapore and belongs to AMAZON-02, US. The main domain is ads.duongtamob.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on June 28th 2024. Valid for: 3 months.
This is the only time ads.duongtamob.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13.228.81.39 16509 (AMAZON-02)
2 2404:6800:400... 15169 (GOOGLE)
16 2600:9000:223... 16509 (AMAZON-02)
8 2404:6800:400... 15169 (GOOGLE)
2 52.221.176.50 16509 (AMAZON-02)
2 2 18.140.111.49 16509 (AMAZON-02)
29 5
1    13.228.81.39 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-81-39.ap-southeast-1.compute.amazonaws.com
ads.duongtamob.com
2    2404:6800:4003:c01::5f (Singapore, Singapore)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
16    2600:9000:223b:a00:11:52e1:b680:93a1 (United States)

ASN16509 (AMAZON-02, US)
w.ladicdn.com
8    2404:6800:4003:c00::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    52.221.176.50 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-176-50.ap-southeast-1.compute.amazonaws.com
a.ladipage.com
2    18.140.111.49 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-111-49.ap-southeast-1.compute.amazonaws.com
static.ladipage.net
Apex Domain
Subdomains		 Transfer
16 ladicdn.com
w.ladicdn.com — Cisco Umbrella Rank: 66316
868 KB
8 gstatic.com
fonts.gstatic.com
228 KB
2 ladipage.net
static.ladipage.net — Cisco Umbrella Rank: 144930
139 B
2 ladipage.com
a.ladipage.com — Cisco Umbrella Rank: 74986
651 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
2 KB
1 duongtamob.com
ads.duongtamob.com
33 KB
29 6
Domain Requested by
16 w.ladicdn.com ads.duongtamob.com
w.ladicdn.com
8 fonts.gstatic.com fonts.googleapis.com
2 static.ladipage.net 2 redirects
2 a.ladipage.com w.ladicdn.com
2 fonts.googleapis.com ads.duongtamob.com
1 ads.duongtamob.com
29 6

This site contains no links.

Subject Issuer Validity Valid
ads.duongtamob.com
ZeroSSL RSA Domain Secure Site CA		 2024-06-28 -
2024-09-26		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
w.ladicdn.com
Amazon RSA 2048 M02		 2023-10-12 -
2024-11-10		 a year crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
a.ladipage.com
Amazon RSA 2048 M03		 2024-04-17 -
2025-05-16		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ads.duongtamob.com/
Frame ID: AAE17E83CF2B3A3A694881B2505027AE
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Dưỡng Tâm OB

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

29
Requests

93 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

1133 kB
Transfer

1846 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://static.ladipage.net/5cd129bdc2076e52d083acfe/dtob-main-01-removebg-preview-20240617071535-dr5gl.png HTTP 301
  • https://w.ladicdn.com/5cd129bdc2076e52d083acfe/dtob-main-01-removebg-preview-20240617071535-dr5gl.png
Request Chain 27
  • https://static.ladipage.net/5cd129bdc2076e52d083acfe/dtob-main-01-removebg-preview-20240617071535-dr5gl.png HTTP 301
  • https://w.ladicdn.com/5cd129bdc2076e52d083acfe/dtob-main-01-removebg-preview-20240617071535-dr5gl.png

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ads.duongtamob.com/ 		166 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.duongtamob.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.81.39 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-81-39.ap-southeast-1.compute.amazonaws.com
Software
openresty /
Resource Hash
0e496e63c6bf0b62376d3b18c81a6038a73cc3145b084297eb7a8abc9a0eb929
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 28 Jun 2024 17:13:23 GMT
server
openresty
statuscode
200
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
css2
fonts.googleapis.com/ 		19 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Dancing+Script:wght@400;700&family=Tinos:wght@400;700&display=swap
Requested by
Host: ads.duongtamob.com
URL: https://ads.duongtamob.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::5f Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
686b6180ce69e5810a870340c4d3091b6b18cf1d60c7a88927a71dcee12806de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ads.duongtamob.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 28 Jun 2024 17:13:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 28 Jun 2024 17:13:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 28 Jun 2024 17:13:23 GMT
ladipagev3.min.js
w.ladicdn.com/v4/source/ 		396 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.ladicdn.com/v4/source/ladipagev3.min.js?v=1719454728158
Requested by
Host: ads.duongtamob.com
URL: https://ads.duongtamob.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223b:a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8c877aac44c70cf7437db7d5cdb382edc8afc64f21d9b56657bf8483f93ab9f6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ads.duongtamob.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 07:54:26 GMT
content-encoding
gzip
via
1.1 2da7d450deef501f4b6eb466e3a79f4a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
33537
x-cache
Hit from cloudfront
server
nginx
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id
_RrUUF_wr021PJJD1M7Eor1NwyORPjFIb9YdQQJLAT1uY1-veeJ6Ww==
expires
Sat, 28 Jun 2025 07:54:26 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Dancing+Script:wght@400;700&family=Tinos:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://ads.duongtamob.com
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 18:43:01 GMT
x-content-type-options
nosniff
age
81022
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 18:43:01 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Dancing+Script:wght@400;700&family=Tinos:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://ads.duongtamob.com
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 18:36:17 GMT
x-content-type-options
nosniff
age
81426
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35328
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 18:36:17 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Dancing+Script:wght@400;700&family=Tinos:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://ads.duongtamob.com
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 18:39:20 GMT
x-content-type-options
nosniff
age
81243
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16552
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 18:39:20 GMT
If2RXTr6YS-zF4S-kcSWSVi_szLgiuE.woff2
fonts.gstatic.com/s/dancingscript/v25/ 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dancingscript/v25/If2RXTr6YS-zF4S-kcSWSVi_szLgiuE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Dancing+Script:wght@400;700&family=Tinos:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a29a97013ad393d493acb1e33515d103c2f6a2cf6634250faf7cc176720a6135
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://ads.duongtamob.com
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 18:24:27 GMT
x-content-type-options
nosniff
age
82136
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42672
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:02:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 18:24:27 GMT
If2RXTr6YS-zF4S-kcSWSVi_szLviuEViw.woff2
fonts.gstatic.com/s/dancingscript/v25/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dancingscript/v25/If2RXTr6YS-zF4S-kcSWSVi_szLviuEViw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Dancing+Script:wght@400;700&family=Tinos:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92abb906ec46045377504faeb773712dd12fd5954b29d674eec20196bed2a3e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://ads.duongtamob.com
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 15:32:26 GMT
x-content-type-options
nosniff
age
6057
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7768
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:51:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Jun 2025 15:32:26 GMT
buE1poGnedXvwj1AW3Fu0C8.woff2
fonts.gstatic.com/s/tinos/v24/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tinos/v24/buE1poGnedXvwj1AW3Fu0C8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Dancing+Script:wght@400;700&family=Tinos:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e2e32d71d3d13fb4b2a5ece0a5415a91b093ead0234ce54487390ca5d4275cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://ads.duongtamob.com
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 18:53:09 GMT
x-content-type-options
nosniff
age
80414
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25136
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:03:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 18:53:09 GMT
buE1poGnedXvwj1AW3Fg0C8H-Q.woff2
fonts.gstatic.com/s/tinos/v24/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tinos/v24/buE1poGnedXvwj1AW3Fg0C8H-Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Dancing+Script:wght@400;700&family=Tinos:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff33373773d556c24be58d5e9d6b4dee09e858c5bccea39853c68e37e840f66a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://ads.duongtamob.com
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 13:39:19 GMT
x-content-type-options
nosniff
age
12844
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47580
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:02:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Jun 2025 13:39:19 GMT
buE1poGnedXvwj1AW3Fh0C8H-Q.woff2
fonts.gstatic.com/s/tinos/v24/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tinos/v24/buE1poGnedXvwj1AW3Fh0C8H-Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Dancing+Script:wght@400;700&family=Tinos:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e94967ad640f7e238ed785cad8af319c4823ee952839be4dca4c796fcc36e22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://ads.duongtamob.com
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 13:39:19 GMT
x-content-type-options
nosniff
age
12844
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9292
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:19:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Jun 2025 13:39:19 GMT
button-01-20200724065130.png
w.ladicdn.com/s224x58/5da6cb07a973800e7e31908d/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s224x58/5da6cb07a973800e7e31908d/button-01-20200724065130.png
Requested by
Host: ads.duongtamob.com
URL: https://ads.duongtamob.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223b:a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ff55cc6988ab591daa31ddb28a81f02060f8e5e271ed574683beef68de638669

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ads.duongtamob.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 01:42:22 GMT
content-encoding
gzip
via
1.1 2da7d450deef501f4b6eb466e3a79f4a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
2820661
x-cache
Hit from cloudfront
server
nginx
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id
Y3PhNFcv314erVFgc0M5rVN3FK2BGE0YxHFaCwmZjFl-vBVIWjpSlg==
expires
Tue, 27 May 2025 01:42:22 GMT
head_list_2-20200717064025.png
w.ladicdn.com/s350x350/5da6cb07a973800e7e31908d/ 		378 B
866 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s350x350/5da6cb07a973800e7e31908d/head_list_2-20200717064025.png
Requested by
Host: ads.duongtamob.com
URL: https://ads.duongtamob.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223b:a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f34b77358f7b7402a9e6431f955d6f1f02752ccf93afb028075f608fb940cede

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ads.duongtamob.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 16 Mar 2024 00:06:31 GMT
content-encoding
gzip
via
1.1 2da7d450deef501f4b6eb466e3a79f4a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
9047212
x-cache
Hit from cloudfront
server
nginx
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id
RRJ6_3F96POBXvTqR89UnCxoy-CogfS-14FgN3Amx0rJs9hTJoOEmw==
expires
Sun, 16 Mar 2025 00:06:31 GMT
head_list_1-20200717064025.png
w.ladicdn.com/s350x350/5da6cb07a973800e7e31908d/ 		374 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s350x350/5da6cb07a973800e7e31908d/head_list_1-20200717064025.png
Requested by
Host: ads.duongtamob.com
URL: https://ads.duongtamob.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223b:a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2d2a678b33ff2cfa12d8fbf9841c1c994717943999d804eeaf1ba30cdde3243f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ads.duongtamob.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Jan 2024 13:17:55 GMT
content-encoding
gzip
via
1.1 2da7d450deef501f4b6eb466e3a79f4a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
13924528
x-cache
Hit from cloudfront
server
nginx
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id
AbofzjhQw9qsFdYX568vsi8MqocWvbuhMpg-KoXEiz265Iua-zBSAg==
expires
Sat, 18 Jan 2025 13:17:55 GMT
bg_01-20200917072236.jpg
w.ladicdn.com/s1440x643/5da6cb07a973800e7e31908d/ 		21 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s1440x643/5da6cb07a973800e7e31908d/bg_01-20200917072236.jpg
Requested by
Host: ads.duongtamob.com
URL: https://ads.duongtamob.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223b:a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
78130380420952a1939f25d0e95ceed4263c3048106b1783a587642c5562eca7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ads.duongtamob.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 08:32:34 GMT
content-encoding
gzip
via
1.1 2da7d450deef501f4b6eb466e3a79f4a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
204049
x-cache
Hit from cloudfront
server
nginx
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id
JjyMROUJ7C3pW8sYh2Hjs0LhJkDGnSzXu09-ljs04EzKh2DW0HqifQ==
expires
Thu, 26 Jun 2025 08:32:34 GMT
dtob-main-01-removebg-preview-20240617071535-dr5gl.png
w.ladicdn.com/s750x750/5cd129bdc2076e52d083acfe/ 		204 KB
203 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s750x750/5cd129bdc2076e52d083acfe/dtob-main-01-removebg-preview-20240617071535-dr5gl.png
Requested by
Host: ads.duongtamob.com
URL: https://ads.duongtamob.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223b:a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e93b700a3ae20a6c2e74a7b7bb2b5e35584b14996769a47c747f0aeda1e66962

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ads.duongtamob.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 07:15:53 GMT
content-encoding
gzip
via
1.1 2da7d450deef501f4b6eb466e3a79f4a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
35850
x-cache
Hit from cloudfront
server
nginx
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id
sUBWU7RdE1hrYg84DwVLMcgWzYFi2ZIRqYABsXMjV9cASY5Y-uUv1w==
expires
Sat, 28 Jun 2025 07:15:53 GMT
i_time-20200717064841.png
w.ladicdn.com/s400x400/5da6cb07a973800e7e31908d/ 		989 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s400x400/5da6cb07a973800e7e31908d/i_time-20200717064841.png
Requested by
Host: ads.duongtamob.com
URL: https://ads.duongtamob.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223b:a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a18560f9a3fb6e847c9b9511120877161772e54f8be2e6d55f7c9d5c9cbe73d7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ads.duongtamob.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 11 Feb 2024 00:45:59 GMT
content-encoding
gzip
via
1.1 2da7d450deef501f4b6eb466e3a79f4a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
11982444
x-cache
Hit from cloudfront
server
nginx
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id
Bk6tRurvdyEScq2Y6WPa0xEsFATXiqDg1P8r6df1gZT3xyJphyNAmA==
expires
Mon, 10 Feb 2025 00:45:59 GMT
i_include-20200717064841.png
w.ladicdn.com/s400x400/5da6cb07a973800e7e31908d/ 		863 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s400x400/5da6cb07a973800e7e31908d/i_include-20200717064841.png
Requested by
Host: ads.duongtamob.com
URL: https://ads.duongtamob.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223b:a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cb3c477d9640afc21834187a4c71ecc0d47a4ca68c616a0cf173919416fdbb78

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ads.duongtamob.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 00:15:59 GMT
content-encoding
gzip
via
1.1 2da7d450deef501f4b6eb466e3a79f4a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
8269044
x-cache
Hit from cloudfront
server
nginx
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id
lpUBg6ASJ0O384609wXY9eaZsjOO5f5VbuB5Fo6WX__hv86KiYRBIw==
expires
Tue, 25 Mar 2025 00:15:59 GMT
i_heart-20200717064841.png
w.ladicdn.com/s400x400/5da6cb07a973800e7e31908d/ 		983 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s400x400/5da6cb07a973800e7e31908d/i_heart-20200717064841.png
Requested by
Host: ads.duongtamob.com
URL: https://ads.duongtamob.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223b:a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
60ef2fb4347e5179701217fd70c218671c5736ea8a50fc4ce87303272638a088

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ads.duongtamob.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Jan 2024 13:17:57 GMT
content-encoding
gzip
via
1.1 2da7d450deef501f4b6eb466e3a79f4a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
13924526
x-cache
Hit from cloudfront
server
nginx
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id
9oRcqrT2LIz_pifT8pKqabqv8st5C7B1UTYrB8iB_NdmA_p5N_dEyA==
expires
Sat, 18 Jan 2025 13:17:57 GMT
button-01-20200724065130.png
w.ladicdn.com/s249x68/5da6cb07a973800e7e31908d/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s249x68/5da6cb07a973800e7e31908d/button-01-20200724065130.png
Requested by
Host: ads.duongtamob.com
URL: https://ads.duongtamob.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223b:a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
bc3e3a7956aa6fc833d3f1072c093c07e3c3deaffc93774278c0f333760cc6a3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ads.duongtamob.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 02:39:57 GMT
content-encoding
gzip
via
1.1 2da7d450deef501f4b6eb466e3a79f4a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
2126006
x-cache
Hit from cloudfront
server
nginx
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id
dxqDt1z5Ufp5CJuHjT_HzAZgHCapXkBgwNFf7g74AQg4TqKAeQhXpA==
expires
Wed, 04 Jun 2025 02:39:57 GMT
duongtamob-removebg-preview-20240626064027-x-g7w.png
w.ladicdn.com/s400x400/5cd129bdc2076e52d083acfe/ 		272 KB
272 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s400x400/5cd129bdc2076e52d083acfe/duongtamob-removebg-preview-20240626064027-x-g7w.png
Requested by
Host: ads.duongtamob.com
URL: https://ads.duongtamob.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223b:a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5daced26d6cf24a34a2d40fe4d7300ab3a15b8948340ea29c97d9d94a150cd72

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ads.duongtamob.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 08:32:36 GMT
content-encoding
gzip
via
1.1 2da7d450deef501f4b6eb466e3a79f4a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
204047
x-cache
Hit from cloudfront
server
nginx
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id
-HcycjRftlzIWNPyMXb9szeTTji-sSRXpU7ySk4L70CafxU6fwyLlw==
expires
Thu, 26 Jun 2025 08:32:36 GMT
no-202110110414441-20240626063509-rshta.png
w.ladicdn.com/s450x400/5cd129bdc2076e52d083acfe/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s450x400/5cd129bdc2076e52d083acfe/no-202110110414441-20240626063509-rshta.png
Requested by
Host: ads.duongtamob.com
URL: https://ads.duongtamob.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223b:a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ef4b57cf9256912900a69e544759c514a246c9c8d66982e9f58498de304115db

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ads.duongtamob.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 07:18:29 GMT
content-encoding
gzip
via
1.1 2da7d450deef501f4b6eb466e3a79f4a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
35694
x-cache
Hit from cloudfront
server
nginx
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id
Pf8fzwc7ZhgRLlbiNNurgls-d1Vj_-__2--PYQQO6bWIzsulrPEfMA==
expires
Sat, 28 Jun 2025 07:18:29 GMT
no-202110110414441-20240626063509-rshta.png
w.ladicdn.com/s450x350/5cd129bdc2076e52d083acfe/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s450x350/5cd129bdc2076e52d083acfe/no-202110110414441-20240626063509-rshta.png
Requested by
Host: ads.duongtamob.com
URL: https://ads.duongtamob.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223b:a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ef4b57cf9256912900a69e544759c514a246c9c8d66982e9f58498de304115db

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ads.duongtamob.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 08:32:34 GMT
content-encoding
gzip
via
1.1 2da7d450deef501f4b6eb466e3a79f4a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
204049
x-cache
Hit from cloudfront
server
nginx
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id
TPEdd5SA_zQs80SDgQrDt4jn5rJVFsOBzv4Ji3EbX1mVh7779qktjA==
expires
Thu, 26 Jun 2025 08:32:34 GMT
css2
fonts.googleapis.com/ 		19 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Dancing+Script:wght@400;700&family=Tinos:wght@400;700&display=swap
Requested by
Host: ads.duongtamob.com
URL: https://ads.duongtamob.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::5f Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
686b6180ce69e5810a870340c4d3091b6b18cf1d60c7a88927a71dcee12806de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ads.duongtamob.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 17:13:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 28 Jun 2024 17:13:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 28 Jun 2024 17:13:23 GMT
event
a.ladipage.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://a.ladipage.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.176.50 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-176-50.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,ladi_camp_form_submit,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_page_view
Access-Control-Request-Method
POST
Origin
https://ads.duongtamob.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
2592000
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 28 Jun 2024 17:13:24 GMT
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-xss-protection
0
ladipage.formdata.min.js
w.ladicdn.com/v4/source/ 		60 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.ladicdn.com/v4/source/ladipage.formdata.min.js?v=1719454728158
Requested by
Host: w.ladicdn.com
URL: https://w.ladicdn.com/v4/source/ladipagev3.min.js?v=1719454728158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223b:a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
93b6f3a390932b3f0a95b5784967c97c18208e0e607267031437e6d1d35183cf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ads.duongtamob.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 07:54:26 GMT
content-encoding
gzip
via
1.1 2da7d450deef501f4b6eb466e3a79f4a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
33537
x-cache
Hit from cloudfront
server
nginx
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id
pSDGuzTFgHXssKjYnBtIFFayUXaaea_QhUtQB56aug9ibDu5OWsZxg==
expires
Sat, 28 Jun 2025 07:54:26 GMT
event
a.ladipage.com/ 		125 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ladipage.com/event
Requested by
Host: w.ladicdn.com
URL: https://w.ladicdn.com/v4/source/ladipagev3.min.js?v=1719454728158
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.176.50 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-176-50.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0e8766356e7b8f563df27d4e7928077709065f892850c9089cb42d922530fc7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
LADI_CLIENT_ID
34cfade0-9782-43ff-4a9a-f60a48f21613
LADI_CAMP_ORIGIN_URL
LADI_FORM_SUBMIT
0
LADI_CAMP_ID
LADI_CAMP_FORM_SUBMIT
0
Accept-Language
en-SG,en;q=0.9;q=0.9
LADI_CAMP_TYPE
sec-ch-ua-platform
"Win32"
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
LADI_CAMP_NAME
Content-Type
application/json
Referer
https://ads.duongtamob.com/
LADI_CAMP_TARGET_URL
LADI_CAMP_PAGE_VIEW
0
LADI_PAGE_VIEW
1

Response headers

date
Fri, 28 Jun 2024 17:13:24 GMT
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-max-age
2592000
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
x-xss-protection
0
dtob-main-01-removebg-preview-20240617071535-dr5gl.png
w.ladicdn.com/5cd129bdc2076e52d083acfe/
Redirect Chain
  • https://static.ladipage.net/5cd129bdc2076e52d083acfe/dtob-main-01-removebg-preview-20240617071535-dr5gl.png
  • https://w.ladicdn.com/5cd129bdc2076e52d083acfe/dtob-main-01-removebg-preview-20240617071535-dr5gl.png
204 KB
203 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://w.ladicdn.com/5cd129bdc2076e52d083acfe/dtob-main-01-removebg-preview-20240617071535-dr5gl.png
Protocol
H2
Server
2600:9000:223b:a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e93b700a3ae20a6c2e74a7b7bb2b5e35584b14996769a47c747f0aeda1e66962

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Referer
https://ads.duongtamob.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 26 Jun 2024 08:32:37 GMT
content-encoding
gzip
via
1.1 2da7d450deef501f4b6eb466e3a79f4a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
204048
x-cache
Hit from cloudfront
server
nginx
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id
Kv1CavPLuZBy-vUC6wQUtxaDOdopnw7K0fsKlRIrikpBJWEye2rKZA==
expires
Thu, 26 Jun 2025 08:32:37 GMT

Redirect headers

location
https://w.ladicdn.com:443/5cd129bdc2076e52d083acfe/dtob-main-01-removebg-preview-20240617071535-dr5gl.png
date
Fri, 28 Jun 2024 17:13:24 GMT
server
awselb/2.0
content-length
134
content-type
text/html
dtob-main-01-removebg-preview-20240617071535-dr5gl.png
w.ladicdn.com/5cd129bdc2076e52d083acfe/
Redirect Chain
  • https://static.ladipage.net/5cd129bdc2076e52d083acfe/dtob-main-01-removebg-preview-20240617071535-dr5gl.png
  • https://w.ladicdn.com/5cd129bdc2076e52d083acfe/dtob-main-01-removebg-preview-20240617071535-dr5gl.png
204 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://w.ladicdn.com/5cd129bdc2076e52d083acfe/dtob-main-01-removebg-preview-20240617071535-dr5gl.png
Protocol
H2
Server
2600:9000:223b:a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e93b700a3ae20a6c2e74a7b7bb2b5e35584b14996769a47c747f0aeda1e66962

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Referer
https://ads.duongtamob.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 26 Jun 2024 08:32:37 GMT
content-encoding
gzip
via
1.1 2da7d450deef501f4b6eb466e3a79f4a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
204048
x-cache
Hit from cloudfront
server
nginx
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id
Kv1CavPLuZBy-vUC6wQUtxaDOdopnw7K0fsKlRIrikpBJWEye2rKZA==
expires
Thu, 26 Jun 2025 08:32:37 GMT

Redirect headers

location
https://w.ladicdn.com:443/5cd129bdc2076e52d083acfe/dtob-main-01-removebg-preview-20240617071535-dr5gl.png
date
Fri, 28 Jun 2024 17:13:24 GMT
server
awselb/2.0
content-length
134
content-type
text/html

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| ladi_viewport boolean| ladi_is_desktop function| ladi_fbq function| ladi_ttq function| lazyload_run function| equalsLadiPage function| isObjectLadiPage function| isArrayLadiPage function| isFunctionLadiPage function| isBooleanLadiPage function| isStringLadiPage function| isEmptyLadiPage function| isNullLadiPage function| parseFloatLadiPage function| decodeURIComponentLadiPage function| formatNumber function| textToNumber function| formatNumberComma function| textToNumberComma function| formatNumberDot function| textToNumberDot object| Base64 function| LadiPageScriptV2 object| LadiPageScript object| LadiFormulaData object| LadiFormApi object| LadiPageCommand object| LadiPageLocation object| LadiPageShopping object| LadiPageFormData object| LadiPageQueueCommandList object| LadiPageQueueCommand function| lightbox_run function| lightbox_iframe function| lightbox_image function| lightbox_video function| language_set function| LadiPageLibraryV2 function| ladi function| ladi_api_fbq function| ladi_api_ttq function| LadiPageAppV2 function| sha256 function| sha224 object| LadiPageApp

6 Cookies

Domain/Path Name / Value
ads.duongtamob.com/ Name: LADI_DNS_CHECK
Value: "2024-06-28 17:13:23.3677844 +0000 UTC m=+145911.374383228"
ads.duongtamob.com/ Name: LADI_CLIENT_ID
Value: 34cfade0-9782-43ff-4a9a-f60a48f21613
ads.duongtamob.com/ Name: LADI_FORM_SUBMIT
Value: 0
ads.duongtamob.com/ Name: LADI_PAGE_VIEW
Value: 1
ads.duongtamob.com/ Name: _timenow
Value: 1719594803882
ads.duongtamob.com/ Name: LADI_UNIQUE_ID
Value: c36817f8-c303-4675-b528-59bfb5af13c5

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ladipage.com
ads.duongtamob.com
fonts.googleapis.com
fonts.gstatic.com
static.ladipage.net
w.ladicdn.com
13.228.81.39
18.140.111.49
2404:6800:4003:c00::5e
2404:6800:4003:c01::5f
2600:9000:223b:a00:11:52e1:b680:93a1
52.221.176.50
0e496e63c6bf0b62376d3b18c81a6038a73cc3145b084297eb7a8abc9a0eb929
0e8766356e7b8f563df27d4e7928077709065f892850c9089cb42d922530fc7f
2d2a678b33ff2cfa12d8fbf9841c1c994717943999d804eeaf1ba30cdde3243f
35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4e2e32d71d3d13fb4b2a5ece0a5415a91b093ead0234ce54487390ca5d4275cb
5daced26d6cf24a34a2d40fe4d7300ab3a15b8948340ea29c97d9d94a150cd72
5e94967ad640f7e238ed785cad8af319c4823ee952839be4dca4c796fcc36e22
60ef2fb4347e5179701217fd70c218671c5736ea8a50fc4ce87303272638a088
686b6180ce69e5810a870340c4d3091b6b18cf1d60c7a88927a71dcee12806de
78130380420952a1939f25d0e95ceed4263c3048106b1783a587642c5562eca7
8c877aac44c70cf7437db7d5cdb382edc8afc64f21d9b56657bf8483f93ab9f6
92abb906ec46045377504faeb773712dd12fd5954b29d674eec20196bed2a3e6
93b6f3a390932b3f0a95b5784967c97c18208e0e607267031437e6d1d35183cf
a18560f9a3fb6e847c9b9511120877161772e54f8be2e6d55f7c9d5c9cbe73d7
a29a97013ad393d493acb1e33515d103c2f6a2cf6634250faf7cc176720a6135
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
bc3e3a7956aa6fc833d3f1072c093c07e3c3deaffc93774278c0f333760cc6a3
cb3c477d9640afc21834187a4c71ecc0d47a4ca68c616a0cf173919416fdbb78
e93b700a3ae20a6c2e74a7b7bb2b5e35584b14996769a47c747f0aeda1e66962
ef4b57cf9256912900a69e544759c514a246c9c8d66982e9f58498de304115db
f34b77358f7b7402a9e6431f955d6f1f02752ccf93afb028075f608fb940cede
ff33373773d556c24be58d5e9d6b4dee09e858c5bccea39853c68e37e840f66a
ff55cc6988ab591daa31ddb28a81f02060f8e5e271ed574683beef68de638669