bachtuoc.gaubongonline.vn Open in urlscan Pro
18.142.208.246  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response bachtuoc.gaubongonline.vn/	224 KB 38 KB	844ms 260ms	Document text/html	18.142.208.246 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bachtuoc.gaubongonline.vn/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.142.208.246 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-142-208-246.ap-southeast-1.compute.amazonaws.com Software openresty / Resource Hash eb328dd1de4a834734385de420546f1918d542ffe15271b2d66dd55e36eb6fa4 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0 content-encoding gzip content-type text/html; charset=utf-8 date Tue, 27 Sep 2022 06:23:15 GMT server openresty statuscode 200 vary Accept-Encoding
GET H2	200	css fonts.googleapis.com/	20 KB 2 KB	147ms 60ms	Stylesheet text/css	2a00:1450:400d:804::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:bold,regular|Oswald:bold,regular|Dancing%20Script:bold,regular|Tinos:bold,regular|Open%20Sans:bold,regular&display=swap Requested by Host: bachtuoc.gaubongonline.vn URL: https://bachtuoc.gaubongonline.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash dca86a402f4e1163d29f3d66b966c641b783715fc8a834d86ee9c8d8d9afa547 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://bachtuoc.gaubongonline.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 27 Sep 2022 06:23:15 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Tue, 27 Sep 2022 06:23:15 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 27 Sep 2022 06:23:15 GMT
GET H2	200	ladipage.min.js Show response w.ladicdn.com/v2/source/	334 KB 83 KB	133ms 22ms	Script text/javascript	138.199.37.229 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://w.ladicdn.com/v2/source/ladipage.min.js?v=1600828273560 Requested by Host: bachtuoc.gaubongonline.vn URL: https://bachtuoc.gaubongonline.vn/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-138-199-37-229.datapacket.com Software BunnyCDN-DE-865 / Resource Hash 25070a760f22ddfffaa6c7ad0932133d87c2d40f58279e332568ebbb3c5649bd Request headers accept-language de-DE,de;q=0.9 Referer https://bachtuoc.gaubongonline.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 27 Sep 2022 06:23:15 GMT content-encoding br cdn-edgestorageid 865 perma-cache HIT cdn-storageserver NY-267 cdn-cachedat 09/24/2022 08:14:17 cdn-pullzone 575124 server BunnyCDN-DE-865 last-modified Fri, 09 Sep 2022 20:45:51 GMT cdn-proxyver 1.02 cdn-requestpullcode 200 cdn-fileserver 268 etag W/"631ba5ff-53861" vary Accept-Encoding, Accept-Encoding content-type text/javascript cdn-cache HIT cdn-uid 595f2f5d-bafe-46b1-9efc-ee9b65944aba cache-control public, max-age=31919000 cdn-requestid 80efb0c4f0fb251970714a8670543a15 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	ladi-icons.svg w.ladicdn.com/v2/source/	800 B 1 KB	148ms 58ms	Image image/svg+xml	138.199.37.229 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/v2/source/ladi-icons.svg Requested by Host: bachtuoc.gaubongonline.vn URL: https://bachtuoc.gaubongonline.vn/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-138-199-37-229.datapacket.com Software BunnyCDN-DE-865 / Resource Hash 63d23bf57dcc0b8d2750509399b02799bfc7a35dc962e2e93f818a07de271fe4 Request headers accept-language de-DE,de;q=0.9 Referer https://bachtuoc.gaubongonline.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 27 Sep 2022 06:23:15 GMT content-encoding br cdn-edgestorageid 864 perma-cache HIT cdn-storageserver NY-267 cdn-cachedat 08/20/2022 03:08:42 cdn-pullzone 575124 access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-requestpullcode 200 server BunnyCDN-DE-865 access-control-allow-origin * last-modified Sat, 15 Jan 2022 06:38:26 GMT cdn-proxyver 1.02 cdn-fileserver 265 etag W/"61e26be2-320" vary Accept-Encoding content-type image/svg+xml cdn-cache HIT access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-uid 595f2f5d-bafe-46b1-9efc-ee9b65944aba cdn-requestid 8b983f2b7b3c37eafbc2454a8f95f14d cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	71ms 20ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Oswald:bold,regular|Dancing%20Script:bold,regular|Tinos:bold,regular|Open%20Sans:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bachtuoc.gaubongonline.vn accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 25 Sep 2022 05:29:41 GMT x-content-type-options nosniff age 176014 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 25 Sep 2023 05:29:41 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2 fonts.gstatic.com/s/roboto/v30/	12 KB 12 KB	107ms 56ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Oswald:bold,regular|Dancing%20Script:bold,regular|Tinos:bold,regular|Open%20Sans:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bachtuoc.gaubongonline.vn accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 17:04:23 GMT x-content-type-options nosniff age 47932 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11824 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:43 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 26 Sep 2023 17:04:23 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 15 KB	73ms 25ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Oswald:bold,regular|Dancing%20Script:bold,regular|Tinos:bold,regular|Open%20Sans:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bachtuoc.gaubongonline.vn accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 22 Sep 2022 08:01:51 GMT x-content-type-options nosniff age 426084 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 22 Sep 2023 08:01:51 GMT
GET H2	200	If2RXTr6YS-zF4S-kcSWSVi_szLgiuE.woff2 fonts.gstatic.com/s/dancingscript/v24/	41 KB 42 KB	98ms 61ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/dancingscript/v24/If2RXTr6YS-zF4S-kcSWSVi_szLgiuE.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Oswald:bold,regular|Dancing%20Script:bold,regular|Tinos:bold,regular|Open%20Sans:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 44f79d6564067d847cea0ab32624f0db3a4a3a4a0daedee4e5efbad531c88fac Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bachtuoc.gaubongonline.vn accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 20 Sep 2022 07:54:02 GMT x-content-type-options nosniff age 599353 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42404 x-xss-protection 0 last-modified Mon, 11 Jul 2022 20:34:29 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 20 Sep 2023 07:54:02 GMT
GET H2	200	If2RXTr6YS-zF4S-kcSWSVi_szLuiuEViw.woff2 fonts.gstatic.com/s/dancingscript/v24/	22 KB 22 KB	86ms 49ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/dancingscript/v24/If2RXTr6YS-zF4S-kcSWSVi_szLuiuEViw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Oswald:bold,regular|Dancing%20Script:bold,regular|Tinos:bold,regular|Open%20Sans:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d1b7889978944d05819617952ff47a24a1cb5afa9d4c076d4109e63b76d06b02 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bachtuoc.gaubongonline.vn accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Wed, 21 Sep 2022 18:45:05 GMT x-content-type-options nosniff age 473890 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 22208 x-xss-protection 0 last-modified Mon, 11 Jul 2022 20:28:52 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 21 Sep 2023 18:45:05 GMT
GET H2	200	buE4poGnedXvwjX7fmQ.woff2 fonts.gstatic.com/s/tinos/v24/	27 KB 28 KB	73ms 39ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/tinos/v24/buE4poGnedXvwjX7fmQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Oswald:bold,regular|Dancing%20Script:bold,regular|Tinos:bold,regular|Open%20Sans:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c8e3b03a30279836255de18c24e692e9d1d90a6be03d6ca3c3ec6ef41e146454 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bachtuoc.gaubongonline.vn accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 20 Sep 2022 22:20:20 GMT x-content-type-options nosniff age 547375 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28080 x-xss-protection 0 last-modified Tue, 19 Apr 2022 18:53:09 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 20 Sep 2023 22:20:20 GMT
GET H2	200	TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 fonts.gstatic.com/s/oswald/v49/	17 KB 18 KB	99ms 69ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Oswald:bold,regular|Dancing%20Script:bold,regular|Tinos:bold,regular|Open%20Sans:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bachtuoc.gaubongonline.vn accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 21:06:11 GMT x-content-type-options nosniff age 33424 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17908 x-xss-protection 0 last-modified Mon, 18 Jul 2022 19:23:34 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 26 Sep 2023 21:06:11 GMT
GET H2	200	TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlYHYjedg.woff2 fonts.gstatic.com/s/oswald/v49/	14 KB 14 KB	88ms 59ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlYHYjedg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Oswald:bold,regular|Dancing%20Script:bold,regular|Tinos:bold,regular|Open%20Sans:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ff49193961823042609f9a392dda2d1eb41f751f567ba54413f21a837b07c725 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bachtuoc.gaubongonline.vn accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 21:20:36 GMT x-content-type-options nosniff age 32559 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14156 x-xss-protection 0 last-modified Mon, 18 Jul 2022 19:38:43 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 26 Sep 2023 21:20:36 GMT
GET H2	200	KFOmCnqEu92Fr1Mu7GxKOzY.woff2 fonts.gstatic.com/s/roboto/v30/	12 KB 12 KB	95ms 74ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Oswald:bold,regular|Dancing%20Script:bold,regular|Tinos:bold,regular|Open%20Sans:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bachtuoc.gaubongonline.vn accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 20:41:06 GMT x-content-type-options nosniff age 34929 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11872 x-xss-protection 0 last-modified Wed, 11 May 2022 19:25:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 26 Sep 2023 20:41:06 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v34/	44 KB 44 KB	87ms 79ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Oswald:bold,regular|Dancing%20Script:bold,regular|Tinos:bold,regular|Open%20Sans:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bachtuoc.gaubongonline.vn accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 18:50:34 GMT x-content-type-options nosniff age 41561 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44856 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:20:18 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 26 Sep 2023 18:50:34 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 fonts.gstatic.com/s/opensans/v34/	31 KB 31 KB	83ms 76ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Oswald:bold,regular|Dancing%20Script:bold,regular|Tinos:bold,regular|Open%20Sans:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bachtuoc.gaubongonline.vn accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 19:00:06 GMT x-content-type-options nosniff age 40989 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31320 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:11:37 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 26 Sep 2023 19:00:06 GMT
GET H2	200	gaubongonline_vn_watermark_horizontal-20200919044201.png w.ladicdn.com/s550x350/5d23fbf3f61f2351bed84e65/	55 KB 56 KB	24ms 22ms	Image image/png	138.199.37.229 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s550x350/5d23fbf3f61f2351bed84e65/gaubongonline_vn_watermark_horizontal-20200919044201.png Requested by Host: bachtuoc.gaubongonline.vn URL: https://bachtuoc.gaubongonline.vn/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-138-199-37-229.datapacket.com Software BunnyCDN-DE-865 / Resource Hash 65bf302764b54ad390ca4b8840e353b877ec5df96260c828fced213e5f1e970f Request headers accept-language de-DE,de;q=0.9 Referer https://bachtuoc.gaubongonline.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 27 Sep 2022 06:23:15 GMT cdn-edgestorageid 874 perma-cache HIT cdn-storageserver NY-354 cdn-cachedat 09/27/2022 06:21:54 cdn-pullzone 575124 access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match content-length 56164 server BunnyCDN-DE-865 access-control-allow-origin * last-modified Tue, 18 Jan 2022 17:46:04 GMT cdn-proxyver 1.02 cdn-fileserver 264 etag "61e6fcdc-db64" content-type image/png cdn-cache HIT access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-uid 595f2f5d-bafe-46b1-9efc-ee9b65944aba cdn-requestpullcode 200 cdn-requestid c2a15e10c9e12473a3a69cedc2a083eb accept-ranges bytes cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	background12143-20200801033953.png w.ladicdn.com/s1440x600/5c7362c6c417ab07e5196b05/	653 KB 655 KB	32ms 30ms	Image image/png	138.199.37.229 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s1440x600/5c7362c6c417ab07e5196b05/background12143-20200801033953.png Requested by Host: bachtuoc.gaubongonline.vn URL: https://bachtuoc.gaubongonline.vn/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-138-199-37-229.datapacket.com Software BunnyCDN-DE-865 / Resource Hash 6219454cc35933b4614fa21bfb08fb54e3677355c25a8f0f426dfc631c695185 Request headers accept-language de-DE,de;q=0.9 Referer https://bachtuoc.gaubongonline.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 27 Sep 2022 06:23:15 GMT cdn-edgestorageid 723 perma-cache HIT cdn-storageserver NY-267 cdn-cachedat 09/27/2022 06:21:54 cdn-pullzone 575124 access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match content-length 668908 server BunnyCDN-DE-865 access-control-allow-origin * last-modified Tue, 25 Jan 2022 08:00:10 GMT cdn-proxyver 1.02 cdn-fileserver 261 etag "61efae0a-a34ec" content-type image/png cdn-cache HIT access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-uid 595f2f5d-bafe-46b1-9efc-ee9b65944aba cdn-requestpullcode 200 cdn-requestid ee2bdff454974ff25f06f6f6fd883866 accept-ranges bytes cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	4-20200921051335.jpg w.ladicdn.com/s550x550/5d23fbf3f61f2351bed84e65/	66 KB 67 KB	44ms 42ms	Image image/jpeg	138.199.37.229 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s550x550/5d23fbf3f61f2351bed84e65/4-20200921051335.jpg Requested by Host: bachtuoc.gaubongonline.vn URL: https://bachtuoc.gaubongonline.vn/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-138-199-37-229.datapacket.com Software BunnyCDN-DE-865 / Resource Hash 6b104dbcc7ce216ae08e4812f798cff8fd7f51cec19409e5970b8b38ed67b2cb Request headers accept-language de-DE,de;q=0.9 Referer https://bachtuoc.gaubongonline.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 27 Sep 2022 06:23:15 GMT cdn-edgestorageid 863 perma-cache HIT cdn-storageserver NY-267 cdn-cachedat 09/27/2022 06:21:54 cdn-pullzone 575124 access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match content-length 67433 server BunnyCDN-DE-865 access-control-allow-origin * last-modified Tue, 25 Jan 2022 07:59:36 GMT cdn-proxyver 1.02 cdn-fileserver 217 etag "61efade8-10769" content-type image/jpeg cdn-cache HIT access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-uid 595f2f5d-bafe-46b1-9efc-ee9b65944aba cdn-requestpullcode 200 cdn-requestid d016b87793ab0aad7312a91193fde6b3 accept-ranges bytes cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	5-20200921051349.jpg w.ladicdn.com/s550x550/5d23fbf3f61f2351bed84e65/	71 KB 72 KB	43ms 42ms	Image image/jpeg	138.199.37.229 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s550x550/5d23fbf3f61f2351bed84e65/5-20200921051349.jpg Requested by Host: bachtuoc.gaubongonline.vn URL: https://bachtuoc.gaubongonline.vn/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-138-199-37-229.datapacket.com Software BunnyCDN-DE-865 / Resource Hash 6db30d71ca7165c2637419a4a5e6907e76bc2fcf44a4856b7af0606b7f2c4b89 Request headers accept-language de-DE,de;q=0.9 Referer https://bachtuoc.gaubongonline.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 27 Sep 2022 06:23:15 GMT cdn-edgestorageid 865 perma-cache HIT cdn-storageserver NY-354 cdn-cachedat 09/27/2022 06:21:54 cdn-pullzone 575124 access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match content-length 72868 server BunnyCDN-DE-865 access-control-allow-origin * last-modified Tue, 25 Jan 2022 07:59:40 GMT cdn-proxyver 1.02 cdn-fileserver 205 etag "61efadec-11ca4" content-type image/jpeg cdn-cache HIT access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-uid 595f2f5d-bafe-46b1-9efc-ee9b65944aba cdn-requestpullcode 200 cdn-requestid 9d0eba1e377fa01f27eb81b3ed38147e accept-ranges bytes cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	lat-mat-20200921091743.gif w.ladicdn.com/5d23fbf3f61f2351bed84e65/	91 KB 92 KB	182ms 181ms	Image image/gif	138.199.37.229 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/5d23fbf3f61f2351bed84e65/lat-mat-20200921091743.gif Requested by Host: bachtuoc.gaubongonline.vn URL: https://bachtuoc.gaubongonline.vn/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-138-199-37-229.datapacket.com Software BunnyCDN-DE-865 / Resource Hash 4e3cfa092227dd6afc436adb10e4304497dde4850c6d59b774bd031f64a0cf99 Request headers accept-language de-DE,de;q=0.9 Referer https://bachtuoc.gaubongonline.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 27 Sep 2022 06:23:15 GMT cdn-edgestorageid 632 perma-cache HIT cdn-storageserver NY-346 cdn-cachedat 09/27/2022 06:23:15 cdn-pullzone 575124 access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match content-length 93452 server BunnyCDN-DE-865 access-control-allow-origin * last-modified Tue, 25 Jan 2022 07:59:37 GMT cdn-proxyver 1.02 cdn-fileserver 217 etag "61efade9-16d0c" content-type image/gif cdn-cache MISS access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-uid 595f2f5d-bafe-46b1-9efc-ee9b65944aba cdn-requestpullcode 200 cdn-requestid 091b49100739075a0089a30c271a2e08 accept-ranges bytes cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	4-20200921051335.jpg w.ladicdn.com/s800x900/5d23fbf3f61f2351bed84e65/	66 KB 67 KB	573ms 571ms	Image image/jpeg	138.199.37.229 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s800x900/5d23fbf3f61f2351bed84e65/4-20200921051335.jpg Requested by Host: bachtuoc.gaubongonline.vn URL: https://bachtuoc.gaubongonline.vn/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-138-199-37-229.datapacket.com Software BunnyCDN-DE-865 / Resource Hash 6b104dbcc7ce216ae08e4812f798cff8fd7f51cec19409e5970b8b38ed67b2cb Request headers accept-language de-DE,de;q=0.9 Referer https://bachtuoc.gaubongonline.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 27 Sep 2022 06:23:16 GMT cdn-edgestorageid 565 perma-cache HIT cdn-storageserver NY-346 cdn-cachedat 09/27/2022 06:23:16 cdn-pullzone 575124 access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match content-length 67433 server BunnyCDN-DE-865 access-control-allow-origin * last-modified Tue, 25 Jan 2022 09:31:05 GMT cdn-proxyver 1.02 cdn-fileserver 268 etag "61efc359-10769" content-type image/jpeg cdn-cache MISS access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-uid 595f2f5d-bafe-46b1-9efc-ee9b65944aba cdn-requestpullcode 200 cdn-requestid f1df6090ad3e81b3a7c8de6c57079f50 accept-ranges bytes cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	untitled-1-20200921064250.gif w.ladicdn.com/5d23fbf3f61f2351bed84e65/	12 KB 12 KB	43ms 42ms	Image image/gif	138.199.37.229 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/5d23fbf3f61f2351bed84e65/untitled-1-20200921064250.gif Requested by Host: bachtuoc.gaubongonline.vn URL: https://bachtuoc.gaubongonline.vn/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-138-199-37-229.datapacket.com Software BunnyCDN-DE-865 / Resource Hash d9ce56534df0b3a49cb7f8d8fecdd05831b90fc1c58462ea6066ba5af2393faa Request headers accept-language de-DE,de;q=0.9 Referer https://bachtuoc.gaubongonline.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 27 Sep 2022 06:23:15 GMT cdn-edgestorageid 752 perma-cache HIT cdn-storageserver NY-266 cdn-cachedat 09/27/2022 06:21:54 cdn-pullzone 575124 access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match content-length 11886 server BunnyCDN-DE-865 access-control-allow-origin * last-modified Tue, 25 Jan 2022 09:31:06 GMT cdn-proxyver 1.02 cdn-fileserver 268 etag "61efc35a-2e6e" content-type image/gif cdn-cache HIT access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-uid 595f2f5d-bafe-46b1-9efc-ee9b65944aba cdn-requestpullcode 200 cdn-requestid f146c479b33f5dd4c759a4ffbf56e833 accept-ranges bytes cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	ladipage.min.css w.ladicdn.com/v2/source/	66 KB 9 KB	42ms 42ms	Stylesheet text/css	138.199.37.229 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://w.ladicdn.com/v2/source/ladipage.min.css?v=1600828273560 Requested by Host: bachtuoc.gaubongonline.vn URL: https://bachtuoc.gaubongonline.vn/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-138-199-37-229.datapacket.com Software BunnyCDN-DE-865 / Resource Hash cdf280f70a1b4ee57e3451e5aecb0d56269e5feec54513bed76598df05acabdf Request headers accept-language de-DE,de;q=0.9 Referer https://bachtuoc.gaubongonline.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 27 Sep 2022 06:23:15 GMT content-encoding br cdn-edgestorageid 860 perma-cache HIT cdn-storageserver NY-266 cdn-cachedat 09/24/2022 08:14:17 cdn-pullzone 575124 access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-requestpullcode 200 server BunnyCDN-DE-865 access-control-allow-origin * last-modified Fri, 14 Jan 2022 06:25:15 GMT cdn-proxyver 1.02 cdn-fileserver 262 etag W/"61e1174b-1071b" vary Accept-Encoding, Accept-Encoding content-type text/css cdn-cache HIT access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-uid 595f2f5d-bafe-46b1-9efc-ee9b65944aba cdn-requestid 8c6d41f47d2da0a9b5470697a5d9f3f8 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	If2RXTr6YS-zF4S-kcSWSVi_szLviuEViw.woff2 fonts.gstatic.com/s/dancingscript/v24/	7 KB 7 KB	25ms 25ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/dancingscript/v24/If2RXTr6YS-zF4S-kcSWSVi_szLviuEViw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Oswald:bold,regular|Dancing%20Script:bold,regular|Tinos:bold,regular|Open%20Sans:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3bbb408727c2554198f81abd63e4283ebe8e9da39e2541482bab9013e1a3fde1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bachtuoc.gaubongonline.vn accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 27 Sep 2022 02:20:07 GMT x-content-type-options nosniff age 14588 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7408 x-xss-protection 0 last-modified Mon, 11 Jul 2022 20:34:53 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 27 Sep 2023 02:20:07 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 fonts.gstatic.com/s/roboto/v30/	5 KB 6 KB	19ms 19ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Oswald:bold,regular|Dancing%20Script:bold,regular|Tinos:bold,regular|Open%20Sans:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bachtuoc.gaubongonline.vn accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 13:17:31 GMT x-content-type-options nosniff age 61544 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5548 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 26 Sep 2023 13:17:31 GMT
GET H2	200	TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlZHYjedg.woff2 fonts.gstatic.com/s/oswald/v49/	4 KB 5 KB	19ms 19ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlZHYjedg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Oswald:bold,regular|Dancing%20Script:bold,regular|Tinos:bold,regular|Open%20Sans:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9ded0bb5abaface50de91235f0efb29bb16541560b0c71458d49a740777808a2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bachtuoc.gaubongonline.vn accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 22 Sep 2022 07:52:02 GMT x-content-type-options nosniff age 426673 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4552 x-xss-protection 0 last-modified Mon, 18 Jul 2022 19:46:41 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 22 Sep 2023 07:52:02 GMT
GET H2	200	KFOmCnqEu92Fr1Mu7WxKOzY.woff2 fonts.gstatic.com/s/roboto/v30/	5 KB 6 KB	19ms 18ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Oswald:bold,regular|Dancing%20Script:bold,regular|Tinos:bold,regular|Open%20Sans:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bachtuoc.gaubongonline.vn accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 23:10:20 GMT x-content-type-options nosniff age 25975 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5560 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:41 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 26 Sep 2023 23:10:20 GMT
GET H3	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 fonts.gstatic.com/s/opensans/v34/	14 KB 14 KB	20ms 20ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Oswald:bold,regular|Dancing%20Script:bold,regular|Tinos:bold,regular|Open%20Sans:bold,regular&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 84197a92671b7b7c8715220cea35354699c6221113c0ff531ff087ab8a8aa9e6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bachtuoc.gaubongonline.vn accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 26 Sep 2022 19:16:40 GMT x-content-type-options nosniff age 39995 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14040 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:14:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 26 Sep 2023 19:16:40 GMT
OPTIONS H2	200	event a.ladipage.com/	0 0	799ms 255ms	Preflight application/json	18.142.153.230 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://a.ladipage.com/event Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.142.153.230 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-142-153-230.ap-southeast-1.compute.amazonaws.com Software / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,ladi_camp_form_submit,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_page_view Access-Control-Request-Method POST Origin https://bachtuoc.gaubongonline.vn Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily access-control-allow-methods POST, OPTIONS access-control-allow-origin * access-control-max-age 2592000 content-encoding gzip content-type application/json; charset=utf-8 date Tue, 27 Sep 2022 06:23:16 GMT vary Accept-Encoding x-content-type-options nosniff x-download-options noopen x-frame-options SAMEORIGIN x-xss-protection 0
POST H2	200	event Show response a.ladipage.com/	106 B 632 B	258ms 258ms	XHR text/plain	18.142.153.230 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://a.ladipage.com/event Requested by Host: w.ladicdn.com URL: https://w.ladicdn.com/v2/source/ladipage.min.js?v=1600828273560 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.142.153.230 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-142-153-230.ap-southeast-1.compute.amazonaws.com Software / Resource Hash 4fa02c92c32cd79f96f6032cd26baa89f69748297451280bde4851c486b4c843 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers LADI_CLIENT_ID 0d448138-022c-442d-589a-a149b1045d9c LADI_CAMP_ORIGIN_URL LADI_CAMP_ID accept-language de-DE,de;q=0.9 LADI_CAMP_FORM_SUBMIT 0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 LADI_FORM_SUBMIT 0 LADI_CAMP_NAME Content-Type application/json Referer https://bachtuoc.gaubongonline.vn/ LADI_CAMP_TARGET_URL LADI_CAMP_PAGE_VIEW 0 LADI_PAGE_VIEW 1 LADI_CAMP_TYPE Response headers date Tue, 27 Sep 2022 06:23:16 GMT x-content-type-options nosniff x-download-options noopen x-frame-options SAMEORIGIN access-control-allow-methods POST, OPTIONS content-type text/plain; charset=utf-8 access-control-allow-origin * access-control-max-age 2592000 access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily x-xss-protection 0

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| ladi_viewport boolean| ladi_is_desktop function| LadiPageScriptV2 object| Base64 object| LadiPageScript object| LadiFormApi function| parseFloatLadiPage function| decodeURIComponentLadiPage function| lightbox_run function| lightbox_iframe function| lightbox_image function| lightbox_video function| LadiPageLibraryV2 function| LadiPageAppV2 function| ladi function| ladi_fbq object| LadiPageApp

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			bachtuoc.gaubongonline.vn/	1970-01-20 15:53:39	Name: LADI_DNS_CHECK Value: "2022-09-27 06:23:15.191813054 +0000 UTC m=+440860.860927166"
			bachtuoc.gaubongonline.vn/	1970-01-20 15:53:39	Name: LADI_CLIENT_ID Value: 0d448138-022c-442d-589a-a149b1045d9c
			bachtuoc.gaubongonline.vn/	1970-01-20 15:53:39	Name: LADI_FORM_SUBMIT Value: 0
			bachtuoc.gaubongonline.vn/	1970-01-20 15:53:39	Name: LADI_PAGE_VIEW Value: 1
			bachtuoc.gaubongonline.vn/	1970-01-20 06:19:06	Name: _timenow Value: 1664259795919

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ladipage.com
bachtuoc.gaubongonline.vn
fonts.googleapis.com
fonts.gstatic.com
w.ladicdn.com
138.199.37.229
18.142.153.230
18.142.208.246
2a00:1450:4001:80e::2003
2a00:1450:400d:804::200a
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95
25070a760f22ddfffaa6c7ad0932133d87c2d40f58279e332568ebbb3c5649bd
3bbb408727c2554198f81abd63e4283ebe8e9da39e2541482bab9013e1a3fde1
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
44f79d6564067d847cea0ab32624f0db3a4a3a4a0daedee4e5efbad531c88fac
4e3cfa092227dd6afc436adb10e4304497dde4850c6d59b774bd031f64a0cf99
4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9
4fa02c92c32cd79f96f6032cd26baa89f69748297451280bde4851c486b4c843
6219454cc35933b4614fa21bfb08fb54e3677355c25a8f0f426dfc631c695185
63d23bf57dcc0b8d2750509399b02799bfc7a35dc962e2e93f818a07de271fe4
65bf302764b54ad390ca4b8840e353b877ec5df96260c828fced213e5f1e970f
6b104dbcc7ce216ae08e4812f798cff8fd7f51cec19409e5970b8b38ed67b2cb
6db30d71ca7165c2637419a4a5e6907e76bc2fcf44a4856b7af0606b7f2c4b89
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
84197a92671b7b7c8715220cea35354699c6221113c0ff531ff087ab8a8aa9e6
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
9ded0bb5abaface50de91235f0efb29bb16541560b0c71458d49a740777808a2
c8e3b03a30279836255de18c24e692e9d1d90a6be03d6ca3c3ec6ef41e146454
cdf280f70a1b4ee57e3451e5aecb0d56269e5feec54513bed76598df05acabdf
d1b7889978944d05819617952ff47a24a1cb5afa9d4c076d4109e63b76d06b02
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
d9ce56534df0b3a49cb7f8d8fecdd05831b90fc1c58462ea6066ba5af2393faa
dca86a402f4e1163d29f3d66b966c641b783715fc8a834d86ee9c8d8d9afa547
eb328dd1de4a834734385de420546f1918d542ffe15271b2d66dd55e36eb6fa4
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
ff49193961823042609f9a392dda2d1eb41f751f567ba54413f21a837b07c725