urlscan.io logo urlscan.io
SecurityTrails logo

hocgooglenangcao.globaljsc.com Open in urlscan Pro
13.251.251.159  Public Scan

Go To Rescan Add Verdict Report
URL: https://hocgooglenangcao.globaljsc.com/
Submission Tags: @phishunt_io
Submission: On November 19 via api from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 4 countries across 15 domains to perform 59 HTTP transactions. The main IP is 13.251.251.159, located in Singapore, Singapore and belongs to AMAZON-02, US. The main domain is hocgooglenangcao.globaljsc.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 19th 2020. Valid for: 3 months.
This is the only time hocgooglenangcao.globaljsc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    13.251.251.159 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-251-159.ap-southeast-1.compute.amazonaws.com
hocgooglenangcao.globaljsc.com
1    2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2606:4700::6812:c44 (United States)

ASN13335 (CLOUDFLARENET, US)
w.ladicdn.com
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.136.79.231 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-79-231.ap-southeast-1.compute.amazonaws.com
static.ladipage.net
6    2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
12    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2606:4700:3033::6812:2a05 (United States)

ASN13335 (CLOUDFLARENET, US)
uhchat.net
2    104.22.52.65 (United States)

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
1    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
www.googleadservices.com
2    52.77.97.70 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-97-70.ap-southeast-1.compute.amazonaws.com
a.ladipage.com
3    2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2606:4700:10::6816:1883 (United States)

ASN13335 (CLOUDFLARENET, US)
embed.tawk.to
3    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
7    2606:4700:10::6816:1983 (United States)

ASN13335 (CLOUDFLARENET, US)
static-v.tawk.to
va.tawk.to
vsa79.tawk.to
Domain Requested by
18 fonts.gstatic.com fonts.googleapis.com
6 w.ladicdn.com hocgooglenangcao.globaljsc.com
4 vsa79.tawk.to embed.tawk.to
4 fonts.googleapis.com hocgooglenangcao.globaljsc.com
embed.tawk.to
3 cdn.jsdelivr.net embed.tawk.to
3 www.google.de hocgooglenangcao.globaljsc.com
3 www.google.com hocgooglenangcao.globaljsc.com
3 googleads.g.doubleclick.net www.googleadservices.com
3 uhchat.net hocgooglenangcao.globaljsc.com
uhchat.net
2 va.tawk.to embed.tawk.to
2 a.ladipage.com w.ladicdn.com
1 static-v.tawk.to
1 c.statcounter.com www.statcounter.com
1 embed.tawk.to hocgooglenangcao.globaljsc.com
1 www.googleadservices.com www.googletagmanager.com
1 www.statcounter.com hocgooglenangcao.globaljsc.com
1 static.ladipage.net 1 redirects
1 www.googletagmanager.com hocgooglenangcao.globaljsc.com
1 hocgooglenangcao.globaljsc.com
59 19

This site contains links to these domains. Also see Links.

Domain
youtu.be
Subject Issuer Validity Valid
hocgooglenangcao.globaljsc.com
Let's Encrypt Authority X3		 2020-11-19 -
2021-02-17		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh
ladicdn.com
Cloudflare Inc ECC CA-3		 2020-07-13 -
2021-07-13		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-31 -
2021-07-31		 a year crt.sh
us-dallas.statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2020-10-13 -
2021-11-13		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh
a.ladipage.com
Amazon		 2020-07-31 -
2021-08-30		 a year crt.sh
www.google.com
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-26 -
2021-04-17		 6 months crt.sh

This page contains 6 frames:

Primary Page: https://hocgooglenangcao.globaljsc.com/
Frame ID: D415944C0162EE415E4DC4AFC4039DEB
Requests: 50 HTTP requests in this frame

Frame: https://uhchat.net/chat/?f=5fe5c0&title=Kho%C3%A1%20h%E1%BB%8Dc%20m%E1%BB%9Bi%20nh%E1%BA%A5t%20v%E1%BB%81%20Google%20ads%202021&parent=https%3A%2F%2Fhocgooglenangcao.globaljsc.com%2F&ref=
Frame ID: FB1144EC11FAA88A4568BED0318C1ACC
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: AE66BC5D323FE6678D559ECBF08871E4
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: FAA44AF5C6D45D4EF273DF9CF8DE6A4C
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 7225CCDC77DFEFA8D8921D169FB4C92F
Requests: 4 HTTP requests in this frame

Frame: https://static-v.tawk.to/a-v3/images/bubbles/168-r-br.svg
Frame ID: 0397EC78ABF7B9435683A5964F07625D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Page Statistics

59
Requests

98 %
HTTPS

72 %
IPv6

15
Domains

19
Subdomains

18
IPs

4
Countries

728 kB
Transfer

1907 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://static.ladipage.net/source/notify.svg HTTP 301
  • https://w.ladicdn.com/source/notify.svg

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hocgooglenangcao.globaljsc.com/ 		247 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hocgooglenangcao.globaljsc.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.251.159 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-251-159.ap-southeast-1.compute.amazonaws.com
Software
openresty /
Resource Hash
cbe2145e01e8a90ca78cc27e75419df9d1bfc8d97d6cee79e15706deb42596fb

Request headers

:method
GET
:authority
hocgooglenangcao.globaljsc.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
openresty
date
Thu, 19 Nov 2020 15:37:13 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
set-cookie
LADI_CLIENT_ID=1f03b8fd-03e9-4db8-6206-2d61b696d5cd; Expires=Sun, 17 Nov 2030 15:37:13 GMT LADI_PAGE_VIEW=0; Expires=Sun, 17 Nov 2030 15:37:13 GMT LADI_FORM_SUBMIT=0; Expires=Sun, 17 Nov 2030 15:37:13 GMT LADI_PAGE_VIEW=1; Expires=Sun, 17 Nov 2030 15:37:13 GMT LADI_CAMP_ID=; Max-Age=0 LADI_CAMP_NAME=; Max-Age=0 LADI_CAMP_TYPE=; Max-Age=0 LADI_CAMP_ORIGIN_URL=; Max-Age=0 LADI_CAMP_TARGET_URL=; Max-Age=0 LADI_CAMP_PAGE_VIEW=; Max-Age=0 LADI_CAMP_FORM_SUBMIT=; Max-Age=0 LADI_CAMP_BEHAVIOR_PAGE_VIEW=; Max-Age=0 LADI_CAMP_BEHAVIOR_FORMSUBMIT=; Max-Age=0 LADI_CAMP_CONFIG=; Max-Age=0 LADI_FUNNEL_NEXT_URL=; Max-Age=0 LADI_FUNNEL_PREV_URL=; Max-Age=0
statuscode
200
content-encoding
gzip
css
fonts.googleapis.com/ 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Roboto%20Slab:bold,regular|Hepta%20Slab:bold,regular&display=swap
Requested by
Host: hocgooglenangcao.globaljsc.com
URL: https://hocgooglenangcao.globaljsc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0c65f526695f9ca986adb3d0aa810a601a72944a80a4b936ea2c57e0186e77de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://hocgooglenangcao.globaljsc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 19 Nov 2020 15:37:13 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Thu, 19 Nov 2020 15:37:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Thu, 19 Nov 2020 15:37:13 GMT
ladipage.vi.min.js
w.ladicdn.com/v2/source/ 		163 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1605597584352
Requested by
Host: hocgooglenangcao.globaljsc.com
URL: https://hocgooglenangcao.globaljsc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bab2f92331ff5816ffd7c0ff6c8f85f203960385ecb6eb90cc3306a82af3f923

Request headers

Referer
https://hocgooglenangcao.globaljsc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 19 Nov 2020 15:37:13 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
202170
cf-request-id
0682c021d40000beba4b3f9000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
5f4b02e2ec3ebeba-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 19 Nov 2021 15:37:13 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-489358626
Requested by
Host: hocgooglenangcao.globaljsc.com
URL: https://hocgooglenangcao.globaljsc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
87520ce0a0380147b68df16749a01842e056f1914d5f35fe9e0767c7a203f900
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://hocgooglenangcao.globaljsc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 19 Nov 2020 15:37:13 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38704
x-xss-protection
0
last-modified
Thu, 19 Nov 2020 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 19 Nov 2020 15:37:13 GMT
notify.svg
w.ladicdn.com/source/
Redirect Chain
  • https://static.ladipage.net/source/notify.svg
  • https://w.ladicdn.com/source/notify.svg
2 KB
566 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/source/notify.svg
Requested by
Host: hocgooglenangcao.globaljsc.com
URL: https://hocgooglenangcao.globaljsc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c950f9d8711acbcb718c05c7d12d9297acfd418b228382d45c92c36deab49b12

Request headers

Referer
https://hocgooglenangcao.globaljsc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 19 Nov 2020 15:37:14 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1153954
cf-request-id
0682c024930000beba752e0000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
5f4b02e75f62beba-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 19 Nov 2021 15:37:14 GMT

Redirect headers

location
https://w.ladicdn.com:443/source/notify.svg
date
Thu, 19 Nov 2020 15:37:14 GMT
server
awselb/2.0
content-length
134
content-type
text/html
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Roboto%20Slab:bold,regular|Hepta%20Slab:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hocgooglenangcao.globaljsc.com
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Roboto%20Slab:bold,regular|Hepta%20Slab:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 19:32:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
590688
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Fri, 12 Nov 2021 19:32:25 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Roboto%20Slab:bold,regular|Hepta%20Slab:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hocgooglenangcao.globaljsc.com
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Roboto%20Slab:bold,regular|Hepta%20Slab:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 16:29:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:27 GMT
server
sffe
age
256049
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9080
x-xss-protection
0
expires
Tue, 16 Nov 2021 16:29:44 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Roboto%20Slab:bold,regular|Hepta%20Slab:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hocgooglenangcao.globaljsc.com
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Roboto%20Slab:bold,regular|Hepta%20Slab:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 23:06:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
232257
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Tue, 16 Nov 2021 23:06:16 GMT
BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2
fonts.gstatic.com/s/robotoslab/v12/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v12/BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Roboto%20Slab:bold,regular|Hepta%20Slab:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0e89bf9070896e8016be5d04a290635ea0a95e9c8bc6dbfcd3ee45bc41fc5a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hocgooglenangcao.globaljsc.com
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Roboto%20Slab:bold,regular|Hepta%20Slab:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 17 Nov 2020 09:05:32 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Jun 2020 02:33:54 GMT
server
sffe
age
196301
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30940
x-xss-protection
0
expires
Wed, 17 Nov 2021 09:05:32 GMT
mem8YaGs126MiZpBA-UFW50bf8pkAp6a.woff2
fonts.gstatic.com/s/opensans/v18/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFW50bf8pkAp6a.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Roboto%20Slab:bold,regular|Hepta%20Slab:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6446b6826bb6136c8782e74d99a2ea78cc9cb508cf61f4020fee5415f108c7e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hocgooglenangcao.globaljsc.com
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Roboto%20Slab:bold,regular|Hepta%20Slab:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 17 Nov 2020 11:20:41 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
188192
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7292
x-xss-protection
0
expires
Wed, 17 Nov 2021 11:20:41 GMT
mem5YaGs126MiZpBA-UN7rgOXOhpKKSTj5PW.woff2
fonts.gstatic.com/s/opensans/v18/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOXOhpKKSTj5PW.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Roboto%20Slab:bold,regular|Hepta%20Slab:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35327bcecf226f1e75d221cf9b537d5d8a127dd1e38298cc4596bcf638f6071a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hocgooglenangcao.globaljsc.com
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Roboto%20Slab:bold,regular|Hepta%20Slab:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 17 Nov 2020 11:20:40 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:25 GMT
server
sffe
age
188193
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7208
x-xss-protection
0
expires
Wed, 17 Nov 2021 11:20:40 GMT
KFOlCnqEu92Fr1MmWUlfChc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfChc4AMP6lbBP.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Roboto%20Slab:bold,regular|Hepta%20Slab:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4a0134009f70c36d82c43c77b2a6f0ee48a57beb8d4f9e9ff7c3dd3887212bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hocgooglenangcao.globaljsc.com
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Roboto%20Slab:bold,regular|Hepta%20Slab:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 16:54:57 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
340936
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7924
x-xss-protection
0
expires
Mon, 15 Nov 2021 16:54:57 GMT
BngMUXZYTXPIvIBgJJSb6ufD5qWr4xCCQ_k.woff2
fonts.gstatic.com/s/robotoslab/v12/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v12/BngMUXZYTXPIvIBgJJSb6ufD5qWr4xCCQ_k.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Roboto%20Slab:bold,regular|Hepta%20Slab:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea4a5b318e39599f0f9cc0276ea20b28b06f224d5d850ee079d61fee168e32a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hocgooglenangcao.globaljsc.com
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Roboto%20Slab:bold,regular|Hepta%20Slab:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 17 Nov 2020 11:21:11 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Jun 2020 02:28:46 GMT
server
sffe
age
188162
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19152
x-xss-protection
0
expires
Wed, 17 Nov 2021 11:21:11 GMT
ladipage.min.css
w.ladicdn.com/v2/source/ 		65 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w.ladicdn.com/v2/source/ladipage.min.css?v=1605597584352
Requested by
Host: hocgooglenangcao.globaljsc.com
URL: https://hocgooglenangcao.globaljsc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dd542f56448c468d96d554d8015420ef092debb0eae9ac5adca061cb129887e

Request headers

Referer
https://hocgooglenangcao.globaljsc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 19 Nov 2020 15:37:13 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
202170
cf-request-id
0682c022fd0000beba7427c000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
5f4b02e4cd62beba-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 19 Nov 2021 15:37:13 GMT
mem8YaGs126MiZpBA-UFWp0bf8pkAp6a.woff2
fonts.gstatic.com/s/opensans/v18/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFWp0bf8pkAp6a.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Roboto%20Slab:bold,regular|Hepta%20Slab:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5bc4f2d9e78ed7161722678a992ec9875bd4faaefcb7b692e12b80015cbb1a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hocgooglenangcao.globaljsc.com
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Roboto%20Slab:bold,regular|Hepta%20Slab:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 17 Nov 2020 13:01:11 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:24 GMT
server
sffe
age
182162
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3628
x-xss-protection
0
expires
Wed, 17 Nov 2021 13:01:11 GMT
mem5YaGs126MiZpBA-UN7rgOXehpKKSTj5PW.woff2
fonts.gstatic.com/s/opensans/v18/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOXehpKKSTj5PW.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Roboto%20Slab:bold,regular|Hepta%20Slab:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c21c5b1826e4747f5acd01b837b53e61071a40e24ee7e6d5d00e2b76ef8e69ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hocgooglenangcao.globaljsc.com
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Roboto%20Slab:bold,regular|Hepta%20Slab:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 17 Nov 2020 11:32:10 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:37 GMT
server
sffe
age
187503
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3768
x-xss-protection
0
expires
Wed, 17 Nov 2021 11:32:10 GMT
KFOlCnqEu92Fr1MmWUlfCxc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfCxc4AMP6lbBP.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Roboto%20Slab:bold,regular|Hepta%20Slab:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4efba2511ac7b398ee519551405416b684264c28f052829e9dd86bb836257d90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hocgooglenangcao.globaljsc.com
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Roboto%20Slab:bold,regular|Hepta%20Slab:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 19:59:59 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:00 GMT
server
sffe
age
329834
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3352
x-xss-protection
0
expires
Mon, 15 Nov 2021 19:59:59 GMT
BngMUXZYTXPIvIBgJJSb6ufC5qWr4xCCQ_k.woff2
fonts.gstatic.com/s/robotoslab/v12/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v12/BngMUXZYTXPIvIBgJJSb6ufC5qWr4xCCQ_k.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Roboto%20Slab:bold,regular|Hepta%20Slab:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08eec2be8e1595c7c7610a3c9eb386b720c358bf29e5562138243ef74026757f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hocgooglenangcao.globaljsc.com
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Roboto%20Slab:bold,regular|Hepta%20Slab:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 17 Nov 2020 11:40:26 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Jun 2020 02:09:14 GMT
server
sffe
age
187007
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8484
x-xss-protection
0
expires
Wed, 17 Nov 2021 11:40:26 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Roboto%20Slab:bold,regular|Hepta%20Slab:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hocgooglenangcao.globaljsc.com
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Roboto%20Slab:bold,regular|Hepta%20Slab:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 11:20:35 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
360998
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Mon, 15 Nov 2021 11:20:35 GMT
KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Roboto%20Slab:bold,regular|Hepta%20Slab:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hocgooglenangcao.globaljsc.com
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Roboto%20Slab:bold,regular|Hepta%20Slab:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 08:34:24 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:46 GMT
server
sffe
age
543769
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8024
x-xss-protection
0
expires
Sat, 13 Nov 2021 08:34:24 GMT
vqv3offs20200519072511.jpg
w.ladicdn.com/s750x950/57b167c9ca57d39c18a1c57c/ 		115 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s750x950/57b167c9ca57d39c18a1c57c/vqv3offs20200519072511.jpg
Requested by
Host: hocgooglenangcao.globaljsc.com
URL: https://hocgooglenangcao.globaljsc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cfaf93736e52b757c015538d93925f2a459a89133e8e831ae0a47c9dc6470ab

Request headers

Referer
https://hocgooglenangcao.globaljsc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 19 Nov 2020 15:37:14 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
access-control-max-age
2592000
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
5f4b02e56dc8beba-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cf-request-id
0682c023610000beba74283000000001
expires
Fri, 19 Nov 2021 15:37:14 GMT
background-ladipage-20201116105845.jpg
w.ladicdn.com/s1440x670/5ea2a234965dbc32b290c8a0/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s1440x670/5ea2a234965dbc32b290c8a0/background-ladipage-20201116105845.jpg
Requested by
Host: hocgooglenangcao.globaljsc.com
URL: https://hocgooglenangcao.globaljsc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2c56f19a812deb0dc2e1c8bbab98b7e7c4d69b387667dfa2dd05c3a0672149c

Request headers

Referer
https://hocgooglenangcao.globaljsc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 19 Nov 2020 15:37:15 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
access-control-max-age
2592000
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
5f4b02e56dcabeba-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cf-request-id
0682c023610000beba558be000000001
expires
Fri, 19 Nov 2021 15:37:15 GMT
code.php
uhchat.net/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uhchat.net/code.php?f=5fe5c0
Requested by
Host: hocgooglenangcao.globaljsc.com
URL: https://hocgooglenangcao.globaljsc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6812:2a05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f92451440583a246275c413db511a1d1a73d186702127e89f5a74babfa27d15

Request headers

Referer
https://hocgooglenangcao.globaljsc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-request-id
0682c023830000dfcb139e6000000001
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
date
Thu, 19 Nov 2020 15:37:14 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3NCpr3gXMcSGmI4yar2WcbIP1cT7HuZgOXfygk8Bqk9CA6szBKoUxv23M0MrcuOtMleoEtJ%2B8QToWelwxwCVl%2B3rTQ9bEO6LhRRsSQM7roQCnmthtNyG"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
5f4b02e59902dfcb-FRA
counter.js
www.statcounter.com/counter/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: hocgooglenangcao.globaljsc.com
URL: https://hocgooglenangcao.globaljsc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63b40948b9bf8ba49be3961b8fbc2e96a1d31952970749631e47966e1df74c71

Request headers

Referer
https://hocgooglenangcao.globaljsc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 19 Nov 2020 15:37:13 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Nov 2020 09:14:05 GMT
server
cloudflare
age
22381
etag
W/"5fa9085d-9109"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=43200
cf-ray
5f4b02e5ce1f0b57-AMS
cf-request-id
0682c0239d00000b57d637a000000001
expires
Thu, 19 Nov 2020 21:24:12 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-489358626
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
30b509528a09195b7a7080345419048fd35269803cdfeab438a98c2176a1d9d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hocgooglenangcao.globaljsc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 19 Nov 2020 15:37:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
11761
x-xss-protection
0
server
cafe
etag
8854462785499610041
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 19 Nov 2020 15:37:13 GMT
event
a.ladipage.com/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://a.ladipage.com/event
Protocol
H2
Server
52.77.97.70 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-97-70.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,ladi_camp_form_submit,ladi_camp_form_submit_daily,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_page_view_daily,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_form_submit_daily,ladi_page_view,ladi_page_view_daily
Origin
https://hocgooglenangcao.globaljsc.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 19 Nov 2020 15:37:14 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
x-xss-protection
0
x-content-type-options
nosniff
x-download-options
noopen
access-control-allow-origin
*
access-control-allow-methods
POST, OPTIONS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
access-control-max-age
0
vary
Accept-Encoding
content-encoding
gzip
KFOmCnqEu92Fr1Mu7WxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu7WxKKTU1Kvnz.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Roboto%20Slab:bold,regular|Hepta%20Slab:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6742ec1271dff587e859a90ce7e4bee26cfd60625f5bb95325650c6b04afda8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hocgooglenangcao.globaljsc.com
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Roboto%20Slab:bold,regular|Hepta%20Slab:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 20:29:15 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:45 GMT
server
sffe
age
500878
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3384
x-xss-protection
0
expires
Sat, 13 Nov 2021 20:29:15 GMT
event
a.ladipage.com/ 		34 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ladipage.com/event
Requested by
Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1605597584352
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.97.70 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-97-70.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
287605fd293c9635d7edce4f9fd1b96e6977ec05607aad46a891daa82d2c6e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

LADI_CLIENT_ID
1f03b8fd-03e9-4db8-6206-2d61b696d5cd
LADI_PAGE_VIEW_DAILY
0
LADI_CAMP_ORIGIN_URL
LADI_FORM_SUBMIT_DAILY
0
LADI_CAMP_ID
LADI_CAMP_FORM_SUBMIT
0
LADI_CAMP_TYPE
LADI_CAMP_FORM_SUBMIT_DAILY
0
LADI_CAMP_PAGE_VIEW_DAILY
0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
LADI_FORM_SUBMIT
0
LADI_CAMP_NAME
Content-Type
application/json
Referer
https://hocgooglenangcao.globaljsc.com/
LADI_CAMP_TARGET_URL
LADI_CAMP_PAGE_VIEW
0
LADI_PAGE_VIEW
1

Response headers

date
Thu, 19 Nov 2020 15:37:14 GMT
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-max-age
0
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/489358626/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/489358626/?random=1605800233977&cv=9&fst=1605800233977&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fhocgooglenangcao.globaljsc.com%2F&tiba=Kho%C3%A1%20h%E1%BB%8Dc%20m%E1%BB%9Bi%20nh%E1%BA%A5t%20v%E1%BB%81%20Google%20ads%202021&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c5425b1921c0d1d233bee0b283b56caf33134367678b7e012d3d26f40cf6578
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hocgooglenangcao.globaljsc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Nov 2020 15:37:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1070
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/489358626/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/489358626/?random=1605800234109&cv=9&fst=1605800234109&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&ig=1&data=event%3DScrollDepth_25_percent%3Bevent_category%3DLadiPageScrollDepth%3Bevent_label%3Dhocgooglenangcao.globaljsc.com%2F%3Bnon_interaction%3Dtrue&frm=0&url=https%3A%2F%2Fhocgooglenangcao.globaljsc.com%2F&tiba=Kho%C3%A1%20h%E1%BB%8Dc%20m%E1%BB%9Bi%20nh%E1%BA%A5t%20v%E1%BB%81%20Google%20ads%202021&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
caba29787b01be528e16fb456cd7d44958a9cc0385fae39d6792684034514ce8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hocgooglenangcao.globaljsc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Nov 2020 15:37:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1123
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/489358626/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/489358626/?random=1605800233977&cv=9&fst=1605798000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fhocgooglenangcao.globaljsc.com%2F&tiba=Kho%C3%A1%20h%E1%BB%8Dc%20m%E1%BB%9Bi%20nh%E1%BA%A5t%20v%E1%BB%81%20Google%20ads%202021&async=1&fmt=3&is_vtc=1&random=3073597148&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: hocgooglenangcao.globaljsc.com
URL: https://hocgooglenangcao.globaljsc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hocgooglenangcao.globaljsc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Nov 2020 15:37:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/489358626/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/489358626/?random=1605800233977&cv=9&fst=1605798000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fhocgooglenangcao.globaljsc.com%2F&tiba=Kho%C3%A1%20h%E1%BB%8Dc%20m%E1%BB%9Bi%20nh%E1%BA%A5t%20v%E1%BB%81%20Google%20ads%202021&async=1&fmt=3&is_vtc=1&random=3073597148&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: hocgooglenangcao.globaljsc.com
URL: https://hocgooglenangcao.globaljsc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hocgooglenangcao.globaljsc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Nov 2020 15:37:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/489358626/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/489358626/?random=1605800234109&cv=9&fst=1605798000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3DScrollDepth_25_percent%3Bevent_category%3DLadiPageScrollDepth%3Bevent_label%3Dhocgooglenangcao.globaljsc.com%2F%3Bnon_interaction%3Dtrue&frm=0&url=https%3A%2F%2Fhocgooglenangcao.globaljsc.com%2F&tiba=Kho%C3%A1%20h%E1%BB%8Dc%20m%E1%BB%9Bi%20nh%E1%BA%A5t%20v%E1%BB%81%20Google%20ads%202021&async=1&fmt=3&is_vtc=1&random=2227619056&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: hocgooglenangcao.globaljsc.com
URL: https://hocgooglenangcao.globaljsc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hocgooglenangcao.globaljsc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Nov 2020 15:37:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/489358626/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/489358626/?random=1605800234109&cv=9&fst=1605798000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3DScrollDepth_25_percent%3Bevent_category%3DLadiPageScrollDepth%3Bevent_label%3Dhocgooglenangcao.globaljsc.com%2F%3Bnon_interaction%3Dtrue&frm=0&url=https%3A%2F%2Fhocgooglenangcao.globaljsc.com%2F&tiba=Kho%C3%A1%20h%E1%BB%8Dc%20m%E1%BB%9Bi%20nh%E1%BA%A5t%20v%E1%BB%81%20Google%20ads%202021&async=1&fmt=3&is_vtc=1&random=2227619056&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: hocgooglenangcao.globaljsc.com
URL: https://hocgooglenangcao.globaljsc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hocgooglenangcao.globaljsc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Nov 2020 15:37:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
uhchat.net/chat/ Frame FB11 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://uhchat.net/chat/?f=5fe5c0&title=Kho%C3%A1%20h%E1%BB%8Dc%20m%E1%BB%9Bi%20nh%E1%BA%A5t%20v%E1%BB%81%20Google%20ads%202021&parent=https%3A%2F%2Fhocgooglenangcao.globaljsc.com%2F&ref=
Requested by
Host: uhchat.net
URL: https://uhchat.net/code.php?f=5fe5c0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6812:2a05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
uhchat.net
:scheme
https
:path
/chat/?f=5fe5c0&title=Kho%C3%A1%20h%E1%BB%8Dc%20m%E1%BB%9Bi%20nh%E1%BA%A5t%20v%E1%BB%81%20Google%20ads%202021&parent=https%3A%2F%2Fhocgooglenangcao.globaljsc.com%2F&ref=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hocgooglenangcao.globaljsc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cf_bm=54bbc30ac12f4ea355892716775f4406371c9f12-1605800234-1800-AY+K4qkfRgUvrY9wTILPg3u7GdE58LJHRB0H+rf1IgdwFNfILP+yxF8lyRZap3KvqOkhbQT4NMejyt58o8uuGHc=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://hocgooglenangcao.globaljsc.com/

Response headers

date
Thu, 19 Nov 2020 15:37:14 GMT
content-type
text/html
set-cookie
__cfduid=d3f2326f3f89d1667e2606db03c86caee1605800234; expires=Sat, 19-Dec-20 15:37:14 GMT; path=/; domain=.uhchat.net; HttpOnly; SameSite=Lax thoigianvao5fe5c0=1605800234; expires=Fri, 20-Nov-2020 15:37:14 GMT; path=/chat; SameSite=None; Secure chattudong5fe5c0=1605800234; expires=Thu, 19-Nov-2020 16:37:14 GMT; path=/chat; SameSite=None; Secure
expires
Sat, 01 Jan 2005 00:00:00 GMT
last-modified
Thu, 19 Nov 2020 15:37:14GMT
cache-control
no-cache, must-revalidate
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
0682c025610000dfcb4513b000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FbVvXj5%2BPw4dIRKj9lUBxsXR4MBIW4B4sbkTuugBAr%2FwgeJ7%2F%2FiW7FSPOEb%2Bl4FrGxdKt6bhhB9oZcMTJTWfWL3EarGbIWBI0bWZOUYDLSLqxm7%2FSu2n"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5f4b02e89f70dfcb-FRA
content-encoding
br
default
embed.tawk.to/5fb5f08fa1d54c18d8eb18d1/ 		507 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/5fb5f08fa1d54c18d8eb18d1/default
Requested by
Host: hocgooglenangcao.globaljsc.com
URL: https://hocgooglenangcao.globaljsc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
459449594527f609751f9bd3e1cbff6d9a549b6b8d8b17b60a8f6597d497005a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://hocgooglenangcao.globaljsc.com
Referer
https://hocgooglenangcao.globaljsc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 19 Nov 2020 15:37:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
server
cloudflare
etag
W/"fulls6950"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, s-maxage=3600
strict-transport-security
max-age=0; includeSubDomains; preload
cf-ray
5f4b02e8bb00178e-FRA
cf-request-id
0682c0256f0000178eb211d000000001
chat-11.png
uhchat.net/themes/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uhchat.net/themes/chat-11.png
Requested by
Host: hocgooglenangcao.globaljsc.com
URL: https://hocgooglenangcao.globaljsc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6812:2a05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2454d27adafe5b2e2d50f17466ea8ca384780db7b847eabf71c74bcceedb19a

Request headers

Referer
https://hocgooglenangcao.globaljsc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 19 Nov 2020 15:37:14 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1420706
content-length
7784
cf-request-id
0682c025610000dfcbf910d000000001
last-modified
Mon, 18 Jul 2016 03:54:30 GMT
server
cloudflare
etag
"578c52f6-1e68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IrJ8ysOW1%2FpmFUmkRNqq3P4y4Mv6ZjI0mLyygjGilsxuuKX1dJzU90CFD2hCA4C7ni2r8dYQpXHty%2FwaZ96AQJb8zSsBAucxJDlA1k7LiZgidIUYbXib"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5f4b02e89f76dfcb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
t.php
c.statcounter.com/ 		162 B
716 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12432065&java=1&security=a1be085b&u1=C292C4CB17C04F250E18A78B45CB4A86&sc_rum_f_s=0&sc_rum_f_e=1104&sc_rum_e_s=1527&sc_rum_e_e=1532&sc_random=0.7771830138870179&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//hocgooglenangcao.globaljsc.com/&t=Kho%C3%A1%20h%E1%BB%8Dc%20m%E1%BB%9Bi%20nh%E1%BA%A5t%20v%E1%BB%81%20Google%20ads%202021&rcat=d&rdom=d&rdomg=new&bb=1&sc_snum=1&sess=6ea6fa&p=0&invisible=1&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0564d20c6662fa83c89b22ef3e1185cede3d6e4dfbc1525e936930e8ea58fb13

Request headers

Referer
https://hocgooglenangcao.globaljsc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 19 Nov 2020 15:37:14 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
5f4b02e8bd1c0b57-AMS
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin
https://hocgooglenangcao.globaljsc.com
access-control-allow-credentials
true
content-type
application/json
cf-request-id
0682c0256e00000b5729280000000001
expires
Mon, 26 Jul 1997 05:00:00 GMT
css
fonts.googleapis.com/ Frame AE66 		7 KB
1004 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5fb5f08fa1d54c18d8eb18d1/default
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8fe68a79ff7e8b9ccdce4e20adb572b32db90aad5e1b3b1bcb290ab357bb88c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://hocgooglenangcao.globaljsc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 19 Nov 2020 14:49:22 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Thu, 19 Nov 2020 15:37:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Thu, 19 Nov 2020 15:37:15 GMT
css
fonts.googleapis.com/ Frame FAA4 		7 KB
619 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5fb5f08fa1d54c18d8eb18d1/default
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8fe68a79ff7e8b9ccdce4e20adb572b32db90aad5e1b3b1bcb290ab357bb88c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://hocgooglenangcao.globaljsc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 19 Nov 2020 14:48:21 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Thu, 19 Nov 2020 15:37:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Thu, 19 Nov 2020 15:37:15 GMT
css
fonts.googleapis.com/ Frame 7225 		7 KB
619 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5fb5f08fa1d54c18d8eb18d1/default
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8fe68a79ff7e8b9ccdce4e20adb572b32db90aad5e1b3b1bcb290ab357bb88c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://hocgooglenangcao.globaljsc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 19 Nov 2020 14:52:18 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Thu, 19 Nov 2020 15:37:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Thu, 19 Nov 2020 15:37:15 GMT
emojione.min.css
cdn.jsdelivr.net/emojione/2.2.7/assets/css/ Frame 7225 		192 B
275 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/assets/css/emojione.min.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5fb5f08fa1d54c18d8eb18d1/default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hocgooglenangcao.globaljsc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
1884227
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
152
etag
W/"c0-akPwBVON2fKdb1Kdc8vjvcdyWY0"
x-served-by
cache-fra19174-FRA, cache-hhn4052-HHN
date
Thu, 19 Nov 2020 15:37:15 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ Frame 7225 		295 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5fb5f08fa1d54c18d8eb18d1/default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hocgooglenangcao.globaljsc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
1427655
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
53889
etag
W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
x-served-by
cache-fra19168-FRA, cache-hhn4052-HHN
date
Thu, 19 Nov 2020 15:37:15 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
168-r-br.svg
static-v.tawk.to/a-v3/images/bubbles/ Frame 0397 		22 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-v.tawk.to/a-v3/images/bubbles/168-r-br.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c6f118535c5bbca36246754dacad64fdbd01a7ce156f43a5438c63227cc1a32
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hocgooglenangcao.globaljsc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 19 Nov 2020 15:37:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1419680
vary
Accept-Encoding
cf-request-id
0682c02a460000c2b8c132f000000001
pragma
public
last-modified
Mon, 15 Jul 2019 17:38:55 GMT
server
cloudflare
etag
W/"5d2cba2f-57ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=315360000, must-revalidate, proxy-revalidate
cf-ray
5f4b02f0780ec2b8-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
1605800235581
va.tawk.to/register/ 		689 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/register/1605800235581
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5fb5f08fa1d54c18d8eb18d1/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
107bca31f346689acb2f5ec88e99c230ecac13501c6a430790c8c70f556c861d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hocgooglenangcao.globaljsc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 19 Nov 2020 15:37:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
vary
Accept-Encoding
cf-request-id
0682c02a4f000005f175271000000001
x-served-by
visitor-application-preemptive-b4mz
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://hocgooglenangcao.globaljsc.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
5f4b02f07d3b05f1-FRA
access-control-allow-headers
origin, content-type
/
vsa79.tawk.to/s/ 		101 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsa79.tawk.to/s/?k=5fb6912b93e25d6f7cb3d9d4&u=xm2IosT0T0PTHhLiStNSSkrx%2BzRAk6IrVYPNEKTGgoiDLXlxmFmRAsqp%2FXjnNVi0&uv=2&a=5fb5f08fa1d54c18d8eb18d1&cver=0&pop=false&jv=695&asver=34&ust=false&EIO=3&transport=polling&__t=NNX9nFt
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5fb5f08fa1d54c18d8eb18d1/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53c2156c7adfab65137b38ea2ffc6ab489106dfd7ec99f3b852271546ce71aee
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hocgooglenangcao.globaljsc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 19 Nov 2020 15:37:16 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://hocgooglenangcao.globaljsc.com
access-control-allow-credentials
true
cf-ray
5f4b02f33e5cc2b8-FRA
content-length
101
cf-request-id
0682c02c030000c2b83086a000000001
26a1.png
cdn.jsdelivr.net/emojione/assets/png/ Frame 7225 		413 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/emojione/assets/png/26a1.png?v=2.2.7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hocgooglenangcao.globaljsc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
age
1884227
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
413
etag
W/"19d-NgetWBBUGNU0Su9xItAjaREfnb0"
x-served-by
cache-fra19127-FRA, cache-hhn4052-HHN
date
Thu, 19 Nov 2020 15:37:16 GMT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
/
vsa79.tawk.to/s/ 		77 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsa79.tawk.to/s/?k=5fb6912b93e25d6f7cb3d9d4&u=xm2IosT0T0PTHhLiStNSSkrx%2BzRAk6IrVYPNEKTGgoiDLXlxmFmRAsqp%2FXjnNVi0&uv=2&a=5fb5f08fa1d54c18d8eb18d1&cver=0&pop=false&jv=695&asver=34&ust=false&EIO=3&transport=polling&__t=NNX9nJc.0&sid=y7uS-xEAnkXivkaKLzbe
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5fb5f08fa1d54c18d8eb18d1/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb17977c56825863324ae09a3ae5eeccc1a2522ef65ae002f4ea5e123609078f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hocgooglenangcao.globaljsc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 19 Nov 2020 15:37:16 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://hocgooglenangcao.globaljsc.com
access-control-allow-credentials
true
cf-ray
5f4b02f4a9c8c2b8-FRA
content-length
77
cf-request-id
0682c02cf00000c2b8a8ad6000000001
v3
va.tawk.to/log-performance/ 		5 B
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/log-performance/v3
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5fb5f08fa1d54c18d8eb18d1/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hocgooglenangcao.globaljsc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 19 Nov 2020 15:37:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
vary
Accept-Encoding
cf-request-id
0682c02d9e000005f11fb49000000001
x-served-by
visitor-application-preemptive-rgl2
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST
content-type
text/html; charset=utf-8
access-control-allow-origin
https://hocgooglenangcao.globaljsc.com
access-control-allow-credentials
true
cf-ray
5f4b02f5cd3705f1-FRA
access-control-allow-headers
origin, content-type
/
vsa79.tawk.to/s/ 		455 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsa79.tawk.to/s/?k=5fb6912b93e25d6f7cb3d9d4&u=xm2IosT0T0PTHhLiStNSSkrx%2BzRAk6IrVYPNEKTGgoiDLXlxmFmRAsqp%2FXjnNVi0&uv=2&a=5fb5f08fa1d54c18d8eb18d1&cver=0&pop=false&jv=695&asver=34&ust=false&EIO=3&transport=polling&__t=NNX9nMS&sid=y7uS-xEAnkXivkaKLzbe
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5fb5f08fa1d54c18d8eb18d1/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02603d9f9f7c5e5d8b273a238caaee41b2e9a44d604a2bc95fdfe4326ca22b9f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hocgooglenangcao.globaljsc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 19 Nov 2020 15:37:17 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://hocgooglenangcao.globaljsc.com
access-control-allow-credentials
true
cf-ray
5f4b02f5cc91c2b8-FRA
content-length
455
cf-request-id
0682c02d9e0000c2b80e25f000000001
/
vsa79.tawk.to/s/ 		2 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsa79.tawk.to/s/?k=5fb6912b93e25d6f7cb3d9d4&u=xm2IosT0T0PTHhLiStNSSkrx%2BzRAk6IrVYPNEKTGgoiDLXlxmFmRAsqp%2FXjnNVi0&uv=2&a=5fb5f08fa1d54c18d8eb18d1&cver=0&pop=false&jv=695&asver=34&ust=false&EIO=3&transport=polling&__t=NNX9nUH&sid=y7uS-xEAnkXivkaKLzbe
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5fb5f08fa1d54c18d8eb18d1/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hocgooglenangcao.globaljsc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
text/plain;charset=UTF-8

Response headers

date
Thu, 19 Nov 2020 15:37:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
text/html
access-control-allow-origin
https://hocgooglenangcao.globaljsc.com
access-control-allow-credentials
true
cf-ray
5f4b02f8ebc0c2b8-FRA
cf-request-id
0682c02f930000c2b8e134e000000001
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/489358626/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/489358626/?random=1605800243931&cv=9&fst=1605800243931&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&ig=1&data=event%3DTimeOnPage_10_seconds%3Bevent_category%3DLadiPageTimeOnPage%3Bevent_label%3Dhocgooglenangcao.globaljsc.com%2F%3Bnon_interaction%3Dtrue&frm=0&url=https%3A%2F%2Fhocgooglenangcao.globaljsc.com%2F&tiba=Kho%C3%A1%20h%E1%BB%8Dc%20m%E1%BB%9Bi%20nh%E1%BA%A5t%20v%E1%BB%81%20Google%20ads%202021&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b1e22b3cd6c7a41d79643015c5f3445e5accf278a036ad64002ae3444c313c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hocgooglenangcao.globaljsc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Nov 2020 15:37:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1126
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/489358626/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/489358626/?random=1605800243931&cv=9&fst=1605798000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3DTimeOnPage_10_seconds%3Bevent_category%3DLadiPageTimeOnPage%3Bevent_label%3Dhocgooglenangcao.globaljsc.com%2F%3Bnon_interaction%3Dtrue&frm=0&url=https%3A%2F%2Fhocgooglenangcao.globaljsc.com%2F&tiba=Kho%C3%A1%20h%E1%BB%8Dc%20m%E1%BB%9Bi%20nh%E1%BA%A5t%20v%E1%BB%81%20Google%20ads%202021&async=1&fmt=3&is_vtc=1&random=2363434761&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hocgooglenangcao.globaljsc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Nov 2020 15:37:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/489358626/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/489358626/?random=1605800243931&cv=9&fst=1605798000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3DTimeOnPage_10_seconds%3Bevent_category%3DLadiPageTimeOnPage%3Bevent_label%3Dhocgooglenangcao.globaljsc.com%2F%3Bnon_interaction%3Dtrue&frm=0&url=https%3A%2F%2Fhocgooglenangcao.globaljsc.com%2F&tiba=Kho%C3%A1%20h%E1%BB%8Dc%20m%E1%BB%9Bi%20nh%E1%BA%A5t%20v%E1%BB%81%20Google%20ads%202021&async=1&fmt=3&is_vtc=1&random=2363434761&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hocgooglenangcao.globaljsc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Nov 2020 15:37:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bg-282977.png
w.ladicdn.com/s850x750/57b167c9ca57d39c18a1c57c/ 		0
0
ea8cadoyU_jkHdalebHv42dlhHCXA3CUHw.woff2
fonts.gstatic.com/s/heptaslab/v8/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/heptaslab/v8/ea8cadoyU_jkHdalebHv42dlhHCXA3CUHw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Roboto%20Slab:bold,regular|Hepta%20Slab:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e25706da02fda4091b81eebf592e91a9d164ec78ff1ac86ac461b6c3ad76c6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hocgooglenangcao.globaljsc.com
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Roboto%20Slab:bold,regular|Hepta%20Slab:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 19 Nov 2020 05:30:53 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Jun 2020 02:53:50 GMT
server
sffe
age
36392
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40892
x-xss-protection
0
expires
Fri, 19 Nov 2021 05:30:53 GMT
ea8cadoyU_jkHdalebHv42llhHCXA3A.woff2
fonts.gstatic.com/s/heptaslab/v8/ 		61 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/heptaslab/v8/ea8cadoyU_jkHdalebHv42llhHCXA3A.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Roboto%20Slab:bold,regular|Hepta%20Slab:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d96f2b271ece0153a95dd68ea4c1c3ae614daf20c7cc8d0a5aae37fbee4e3b45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hocgooglenangcao.globaljsc.com
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Roboto%20Slab:bold,regular|Hepta%20Slab:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 17 Nov 2020 10:32:06 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Jun 2020 02:47:39 GMT
server
sffe
age
191119
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62568
x-xss-protection
0
expires
Wed, 17 Nov 2021 10:32:06 GMT
ladi-icons.svg
w.ladicdn.com/v2/source/ 		800 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/v2/source/ladi-icons.svg
Requested by
Host: hocgooglenangcao.globaljsc.com
URL: https://hocgooglenangcao.globaljsc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63d23bf57dcc0b8d2750509399b02799bfc7a35dc962e2e93f818a07de271fe4

Request headers

Referer
https://hocgooglenangcao.globaljsc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 19 Nov 2020 15:37:25 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1429833
cf-request-id
0682c052ae0000beba443e1000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
5f4b03311aa5beba-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 19 Nov 2021 15:37:25 GMT
ea8cadoyU_jkHdalebHv42ZlhHCXA3CUHw.woff2
fonts.gstatic.com/s/heptaslab/v8/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/heptaslab/v8/ea8cadoyU_jkHdalebHv42ZlhHCXA3CUHw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Roboto%20Slab:bold,regular|Hepta%20Slab:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b915f30efdae7c2e9a9054650fe9819d0870a460ad3cf913a3d48aacd40acfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hocgooglenangcao.globaljsc.com
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Roboto%20Slab:bold,regular|Hepta%20Slab:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 17 Nov 2020 16:12:57 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Jun 2020 03:08:36 GMT
server
sffe
age
170668
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12024
x-xss-protection
0
expires
Wed, 17 Nov 2021 16:12:57 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
w.ladicdn.com
URL
https://w.ladicdn.com/s850x750/57b167c9ca57d39c18a1c57c/bg-282977.png

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| ladi_viewport boolean| ladi_is_desktop function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| LadiPageScriptV2 object| Base64 object| LadiPageScript object| LadiFormApi function| parseFloatLadiPage function| lightbox_run function| lightbox_iframe function| lightbox_image function| lightbox_video function| LadiPageLibraryV2 function| LadiPageAppV2 function| ladi object| LadiPageApp function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| getuhchatCookie function| setuhchatCookie number| vitridau function| uhchatClick boolean| uhchatduplicate number| sc_project number| sc_invisible string| sc_security number| sc_https object| Tawk_API object| Tawk_LoadStart function| _statcounter string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| $_Tawk_LoadStart function| TawkClass object| Inheritance_Manager string| messagePreviewRadius string| bottomBorderRadius string| topBorderRadius number| minWidth number| minHeight string| bodyClassName

10 Cookies

Domain/Path Name / Value
uhchat.net/chat Name: chattudong5fe5c0
Value: 1605800234
uhchat.net/chat Name: thoigianvao5fe5c0
Value: 1605800234
hocgooglenangcao.globaljsc.com/ Name: TawkConnectionTime
Value: 1605800235580
.uhchat.net/ Name: __cf_bm
Value: 54bbc30ac12f4ea355892716775f4406371c9f12-1605800234-1800-AY+K4qkfRgUvrY9wTILPg3u7GdE58LJHRB0H+rf1IgdwFNfILP+yxF8lyRZap3KvqOkhbQT4NMejyt58o8uuGHc=
.hocgooglenangcao.globaljsc.com/ Name: sc_is_visitor_unique
Value: rx12432065.1605800234.C292C4CB17C04F250E18A78B45CB4A86.1.1.1.1.1.1.1.1.1
hocgooglenangcao.globaljsc.com/ Name: uhchatrelock
Value: 0
hocgooglenangcao.globaljsc.com/ Name: _timenow
Value: 1605800233892
hocgooglenangcao.globaljsc.com/ Name: LADI_PAGE_VIEW
Value: 1
hocgooglenangcao.globaljsc.com/ Name: LADI_FORM_SUBMIT
Value: 0
hocgooglenangcao.globaljsc.com/ Name: LADI_CLIENT_ID
Value: 1f03b8fd-03e9-4db8-6206-2d61b696d5cd

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ladipage.com
c.statcounter.com
cdn.jsdelivr.net
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hocgooglenangcao.globaljsc.com
static-v.tawk.to
static.ladipage.net
uhchat.net
va.tawk.to
vsa79.tawk.to
w.ladicdn.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.statcounter.com
w.ladicdn.com
104.22.52.65
13.251.251.159
18.136.79.231
216.58.212.162
2606:4700:10::6816:1883
2606:4700:10::6816:1983
2606:4700:3033::6812:2a05
2606:4700::6812:c44
2a00:1450:4001:802::2004
2a00:1450:4001:806::2008
2a00:1450:4001:808::200a
2a00:1450:4001:814::2003
2a00:1450:4001:817::2003
2a00:1450:4001:818::2002
2a00:1450:4001:819::2003
2a00:1450:4001:820::200a
2a04:4e42:1b::621
52.77.97.70
02603d9f9f7c5e5d8b273a238caaee41b2e9a44d604a2bc95fdfe4326ca22b9f
0564d20c6662fa83c89b22ef3e1185cede3d6e4dfbc1525e936930e8ea58fb13
08eec2be8e1595c7c7610a3c9eb386b720c358bf29e5562138243ef74026757f
0c65f526695f9ca986adb3d0aa810a601a72944a80a4b936ea2c57e0186e77de
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0dd542f56448c468d96d554d8015420ef092debb0eae9ac5adca061cb129887e
107bca31f346689acb2f5ec88e99c230ecac13501c6a430790c8c70f556c861d
1b915f30efdae7c2e9a9054650fe9819d0870a460ad3cf913a3d48aacd40acfc
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
287605fd293c9635d7edce4f9fd1b96e6977ec05607aad46a891daa82d2c6e23
2e25706da02fda4091b81eebf592e91a9d164ec78ff1ac86ac461b6c3ad76c6d
30b509528a09195b7a7080345419048fd35269803cdfeab438a98c2176a1d9d0
35327bcecf226f1e75d221cf9b537d5d8a127dd1e38298cc4596bcf638f6071a
459449594527f609751f9bd3e1cbff6d9a549b6b8d8b17b60a8f6597d497005a
4efba2511ac7b398ee519551405416b684264c28f052829e9dd86bb836257d90
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
53c2156c7adfab65137b38ea2ffc6ab489106dfd7ec99f3b852271546ce71aee
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
63b40948b9bf8ba49be3961b8fbc2e96a1d31952970749631e47966e1df74c71
63d23bf57dcc0b8d2750509399b02799bfc7a35dc962e2e93f818a07de271fe4
6446b6826bb6136c8782e74d99a2ea78cc9cb508cf61f4020fee5415f108c7e1
6742ec1271dff587e859a90ce7e4bee26cfd60625f5bb95325650c6b04afda8d
7c5425b1921c0d1d233bee0b283b56caf33134367678b7e012d3d26f40cf6578
7c6f118535c5bbca36246754dacad64fdbd01a7ce156f43a5438c63227cc1a32
87520ce0a0380147b68df16749a01842e056f1914d5f35fe9e0767c7a203f900
8cfaf93736e52b757c015538d93925f2a459a89133e8e831ae0a47c9dc6470ab
8f92451440583a246275c413db511a1d1a73d186702127e89f5a74babfa27d15
8fe68a79ff7e8b9ccdce4e20adb572b32db90aad5e1b3b1bcb290ab357bb88c1
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
a0e89bf9070896e8016be5d04a290635ea0a95e9c8bc6dbfcd3ee45bc41fc5a0
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a9b1e22b3cd6c7a41d79643015c5f3445e5accf278a036ad64002ae3444c313c
b5bc4f2d9e78ed7161722678a992ec9875bd4faaefcb7b692e12b80015cbb1a5
bab2f92331ff5816ffd7c0ff6c8f85f203960385ecb6eb90cc3306a82af3f923
c21c5b1826e4747f5acd01b837b53e61071a40e24ee7e6d5d00e2b76ef8e69ff
c2454d27adafe5b2e2d50f17466ea8ca384780db7b847eabf71c74bcceedb19a
c2c56f19a812deb0dc2e1c8bbab98b7e7c4d69b387667dfa2dd05c3a0672149c
c950f9d8711acbcb718c05c7d12d9297acfd418b228382d45c92c36deab49b12
caba29787b01be528e16fb456cd7d44958a9cc0385fae39d6792684034514ce8
cb17977c56825863324ae09a3ae5eeccc1a2522ef65ae002f4ea5e123609078f
cbe2145e01e8a90ca78cc27e75419df9d1bfc8d97d6cee79e15706deb42596fb
d4a0134009f70c36d82c43c77b2a6f0ee48a57beb8d4f9e9ff7c3dd3887212bc
d96f2b271ece0153a95dd68ea4c1c3ae614daf20c7cc8d0a5aae37fbee4e3b45
ea4a5b318e39599f0f9cc0276ea20b28b06f224d5d850ee079d61fee168e32a1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b