urlscan.io logo urlscan.io
SecurityTrails logo

www.thivien.net Open in urlscan Pro
222.252.4.155  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.thivien.net//
Effective URL: https://www.thivien.net//
Submission: On September 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 14 domains to perform 44 HTTP transactions. The main IP is 222.252.4.155, located in Hanoi, Viet Nam and belongs to VNPT-AS-VN VNPT Corp, VN. The main domain is www.thivien.net.
TLS certificate: Issued by R11 on August 2nd 2024. Valid for: 3 months.
This is the only time www.thivien.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    222.252.4.155 (Hanoi, Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: static.vnpt-hanoi.com.vn
www.thivien.net
4    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2606:4700:3034::6815:3ef0 (United States)

ASN13335 (CLOUDFLARENET, US)
ajsc.yodimedia.com
1    2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
3    2a00:1450:400c:c1f::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
8    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:3037::ac43:8ca0 (United States)

ASN13335 (CLOUDFLARENET, US)
imgs2.yodimedia.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
2    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
10 thivien.net
www.thivien.net
148 KB
8 gstatic.com
fonts.gstatic.com
484 KB
5 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4054
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 688
130 KB
4 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
222 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
17 KB
3 yodimedia.com
ajsc.yodimedia.com — Cisco Umbrella Rank: 255200
imgs2.yodimedia.com — Cisco Umbrella Rank: 242736
308 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1134
83 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 178
83 KB
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 46
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
6 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 10137
63 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 808
29 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
100 KB
44 14
Domain Requested by
10 www.thivien.net www.thivien.net
8 fonts.gstatic.com www.thivien.net
4 fundingchoicesmessages.google.com pagead2.googlesyndication.com
4 pagead2.googlesyndication.com www.thivien.net
pagead2.googlesyndication.com
3 stats.g.doubleclick.net www.thivien.net
www.googletagmanager.com
2 www.facebook.com connect.facebook.net
2 maxcdn.bootstrapcdn.com www.thivien.net
maxcdn.bootstrapcdn.com
2 ajsc.yodimedia.com www.thivien.net
2 connect.facebook.net www.thivien.net
connect.facebook.net
1 lh3.googleusercontent.com www.thivien.net
1 fonts.googleapis.com
1 www.google.de www.thivien.net
1 region1.analytics.google.com www.googletagmanager.com
1 imgs2.yodimedia.com www.thivien.net
1 code.jquery.com www.thivien.net
1 www.googletagmanager.com www.thivien.net
44 16

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
pinterest.com
www.tumblr.com
hvdic.thivien.net
s.shopee.vn
Subject Issuer Validity Valid
hvdic.thivien.net
R11		 2024-08-02 -
2024-10-31		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-06-28 -
2024-09-26		 3 months crt.sh
yodimedia.com
WE1		 2024-07-24 -
2024-10-22		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
bootstrapcdn.com
WE1		 2024-07-23 -
2024-10-21		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.google.de
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.googleusercontent.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.thivien.net//
Frame ID: 705AA364B7E41DA159F0116F3E8F26E2
Requests: 43 HTTP requests in this frame

Frame: https://www.facebook.com/v19.0/plugins/like.php?action=like&app_id=456842347781417&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df93cb7972de4c1024%26domain%3Dwww.thivien.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.thivien.net%252Ff9fd03dcb3ecb0d5a%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fthivien.net&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=false&width=440
Frame ID: 819BA3A96CC2AC2B8C227262CD2E8D65
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Thi Viện

Page URL History Show full URLs

  1. http://www.thivien.net// HTTP 307
    https://www.thivien.net// Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

44
Requests

100 %
HTTPS

94 %
IPv6

14
Domains

16
Subdomains

16
IPs

4
Countries

1614 kB
Transfer

3480 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.thivien.net// HTTP 307
    https://www.thivien.net// Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.thivien.net//
Redirect Chain
  • http://www.thivien.net//
  • https://www.thivien.net//
68 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.thivien.net//
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
222.252.4.155 Hanoi, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt-hanoi.com.vn
Software
Apache / PHP/8.1.27
Resource Hash
1d5e7acf92732a6e0101ebec494d2c415433c3537bc61f722564630fbb327e60

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control
private, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
20653
Content-Type
text/html; charset=UTF-8
Date
Thu, 19 Sep 2024 09:04:38 GMT
Expires
Thu, 19 Sep 2024 09:04:38 GMT
Keep-Alive
timeout=5, max=100
Last-Modified
Thu, 19 Sep 2024 09:04:38 GMT
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
X-Powered-By
PHP/8.1.27

Redirect headers

Location
https://www.thivien.net//
Non-Authoritative-Reason
HttpsUpgrades
thivien-bootstrap.min.1713626541.css
www.thivien.net/lib/bootstrap/dist/css/ 		134 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thivien.net/lib/bootstrap/dist/css/thivien-bootstrap.min.1713626541.css
Requested by
Host: www.thivien.net
URL: https://www.thivien.net//
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
222.252.4.155 Hanoi, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt-hanoi.com.vn
Software
Apache /
Resource Hash
a9ec0ea56681b1ce3bba8f539fef5b6ef132b9c5d366e56e462302b6e7ea3c62

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.thivien.net//

Response headers

Cache-Control
max-age=2592000
Content-Encoding
gzip
ETag
"2163f-61688c54ecec4-gzip"
Connection
Keep-Alive
Expires
Sat, 19 Oct 2024 09:04:40 GMT
Accept-Ranges
bytes
Content-Length
23764
Keep-Alive
timeout=5, max=99
Date
Thu, 19 Sep 2024 09:04:40 GMT
Last-Modified
Sat, 20 Apr 2024 15:22:21 GMT
Content-Type
text/css
Server
Apache
Vary
Accept-Encoding
head.load.min-1.0.3.js
www.thivien.net/lib/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thivien.net/lib/head.load.min-1.0.3.js
Requested by
Host: www.thivien.net
URL: https://www.thivien.net//
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
222.252.4.155 Hanoi, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt-hanoi.com.vn
Software
Apache /
Resource Hash
2241b389694144e159b8bbade5246c605ad9fbbfd3b53235c84682057130ae4f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.thivien.net//

Response headers

Cache-Control
max-age=2592000
ETag
"1201-6107c576e08c0"
Connection
Keep-Alive
Expires
Sat, 19 Oct 2024 09:04:40 GMT
Accept-Ranges
bytes
Content-Length
4609
Keep-Alive
timeout=5, max=100
Date
Thu, 19 Sep 2024 09:04:40 GMT
Last-Modified
Sat, 03 Feb 2024 16:01:29 GMT
Content-Type
text/javascript
Server
Apache
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		153 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5466764586357052
Requested by
Host: www.thivien.net
URL: https://www.thivien.net//
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75f26aa8fe7e12a7172c108de8254fbfb4b72c19c4de7929cedc460e89e1f35b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.thivien.net
Referer
https://www.thivien.net/

Response headers

content-encoding
br
etag
4329690922219631032
x-content-type-options
nosniff
expires
Thu, 19 Sep 2024 09:04:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 19 Sep 2024 09:04:40 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
52536
x-xss-protection
0
server
cafe
js
www.googletagmanager.com/gtag/ 		297 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-S77X7GFNH7
Requested by
Host: www.thivien.net
URL: https://www.thivien.net//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f84564beec4f54cc444a01dcc01eb08bc578d0b322e44a83ba1355ba524b8f90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.thivien.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
br
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Thu, 19 Sep 2024 09:04:40 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
102409
date
Thu, 19 Sep 2024 09:04:40 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.thivien.net
URL: https://www.thivien.net//
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dcdb7f84a3ada5c33b409d6e0d5ada3572e14d214460964c76e33bd334cef64c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.thivien.net
Referer
https://www.thivien.net/

Response headers

content-md5
400g6MKbzYXWnFTFEfx7Cg==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"e6a88f3d082026c6e1622f6be48a3dab"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Thu, 19 Sep 2024 09:20:50 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=1200s
date
Thu, 19 Sep 2024 09:04:40 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
4241b7c4fd752cc77a6d0ad6be57bcbd
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=11, rtx=0, c=23, mss=1232, tbw=4442, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug
5wbrwHDo4RJG/f3PK8Xcuew2sivPazowmEOxwFiGa1uY8q40qsTQgd4vGRUWSdCtZYZeKbwMGpeGKge+NIXTsQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
1687
origin-agent-cluster
?0
950a4152c2b4aa3ad78bdd6b366cc179.js
ajsc.yodimedia.com/code/9/5/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajsc.yodimedia.com/code/9/5/950a4152c2b4aa3ad78bdd6b366cc179.js
Requested by
Host: www.thivien.net
URL: https://www.thivien.net//
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3ef0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ad6439ab1af0563d76dc9533688ad1dfbc55cd322c687289a77aba6b003318d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.thivien.net
Referer
https://www.thivien.net/

Response headers

cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66abac72-1c9d"
age
3690
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K%2F1C3a%2BUQDBlS1G3rgzcD6L4Esdk4rMg4%2Beuy1EzpkyDq0haNikSFcnmZ2yoEIIYGbJRzOFoFJPeU7gdOE5agXwOTbREhosvPKSqaAMUcpu0tR%2FS6ryJbGeD%2FvUlw33lJw%2F50BMEPubxJhjvUe%2B7bPo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8c5868df8dde2bf1-FRA
access-control-allow-origin
*
date
Thu, 19 Sep 2024 09:04:40 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 01 Aug 2024 15:40:34 GMT
vary
Accept-Encoding
server
cloudflare
158f3069a435b314a80bdcb024f8e422.js
ajsc.yodimedia.com/code/1/5/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajsc.yodimedia.com/code/1/5/158f3069a435b314a80bdcb024f8e422.js
Requested by
Host: www.thivien.net
URL: https://www.thivien.net//
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3ef0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c03f364ce810ce979193204f3b8650cdc795ff5a52577fac42a89ea9c643ed8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.thivien.net
Referer
https://www.thivien.net/

Response headers

cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66abb977-128c"
age
3690
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dXng3tu0WcSHPaXePEgLtyJY9UE%2BGbg1WfIAGUuz6yj%2F6RA1pKqqnEQMKTZ8VdnmhlrVi%2Bgw9DIIoKfmHB5zG5F4H9s5dk0hmHMYkbB3acsy%2F8UDf5lCVGRqrUeFoGN9OOIpsM2UDAe0xTHsSTs8mnU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8c5868df8ddc2bf1-FRA
access-control-allow-origin
*
date
Thu, 19 Sep 2024 09:04:40 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 01 Aug 2024 16:36:07 GMT
vary
Accept-Encoding
server
cloudflare
facebook-logo.png
www.thivien.net/image/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thivien.net/image/facebook-logo.png
Requested by
Host: www.thivien.net
URL: https://www.thivien.net//
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
222.252.4.155 Hanoi, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt-hanoi.com.vn
Software
Apache /
Resource Hash
dad893597cee2d49406c054380f9c338d1838db41083896ded6ccc6f26d8ef6a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.thivien.net//

Response headers

Cache-Control
max-age=2592000
ETag
"2367-6107c576a3705"
Connection
Keep-Alive
Expires
Sat, 19 Oct 2024 09:04:40 GMT
Accept-Ranges
bytes
Content-Length
9063
Keep-Alive
timeout=5, max=100
Date
Thu, 19 Sep 2024 09:04:40 GMT
Last-Modified
Sat, 03 Feb 2024 16:01:28 GMT
Content-Type
image/png
Server
Apache
jquery-2.2.4.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.4.min.js
Requested by
Host: www.thivien.net
URL: https://www.thivien.net/lib/head.load.min-1.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.thivien.net/

Response headers

content-encoding
gzip
etag
W/"28feccc0-14e4a"
age
3206896
x-cache
MISS, HIT
date
Thu, 19 Sep 2024 09:04:40 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-cache-hits
0, 138016
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-served-by
cache-lga21935-LGA, cache-fra-eddf8230125-FRA
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1726736681.884327,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
29811
server
nginx
thivien-bootstrap-theme.min.1713626541.css
www.thivien.net/lib/bootstrap/dist/css/ 		17 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thivien.net/lib/bootstrap/dist/css/thivien-bootstrap-theme.min.1713626541.css
Requested by
Host: www.thivien.net
URL: https://www.thivien.net/lib/head.load.min-1.0.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
222.252.4.155 Hanoi, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt-hanoi.com.vn
Software
Apache /
Resource Hash
b774f9aed6fedf4b4421dad8f0a3bd6415fd5cb2d31ea925005767a48b33da1c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.thivien.net//

Response headers

Cache-Control
max-age=2592000
Content-Encoding
gzip
ETag
"4236-61688c54f3d43-gzip"
Connection
Keep-Alive
Expires
Sat, 19 Oct 2024 09:04:40 GMT
Accept-Ranges
bytes
Content-Length
1999
Keep-Alive
timeout=5, max=99
Date
Thu, 19 Sep 2024 09:04:40 GMT
Last-Modified
Sat, 20 Apr 2024 15:22:21 GMT
Content-Type
text/css
Server
Apache
Vary
Accept-Encoding
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.thivien.net
URL: https://www.thivien.net/lib/head.load.min-1.0.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.thivien.net/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
HIT
etag
W/"269550530cc127b6aa5a35925a7de6ce"
age
11869417
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 09:04:40 GMT
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
03/18/2024 12:28:12
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
7a1c9dbc32c16186eedda7c8c11c4540
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8c5868df48d41c01-FRA
access-control-allow-origin
*
cdn-edgestorageid
1078
server
cloudflare
cdn-requestcountrycode
DE
dc.js
stats.g.doubleclick.net/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: www.thivien.net
URL: https://www.thivien.net//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1f::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.thivien.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
content-encoding
gzip
age
6010
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 19 Sep 2024 09:24:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17093
date
Thu, 19 Sep 2024 07:24:30 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
server
Golfe2
vary
Accept-Encoding
bullet_novelty.png
www.thivien.net/image/ 		142 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thivien.net/image/bullet_novelty.png
Requested by
Host: www.thivien.net
URL: https://www.thivien.net/lib/bootstrap/dist/css/thivien-bootstrap.min.1713626541.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
222.252.4.155 Hanoi, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt-hanoi.com.vn
Software
Apache /
Resource Hash
76dfc7a91c655476ad47819d7c2ce497cabf6ab461f7c71f2f2a32afeb02fb06

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.thivien.net/lib/bootstrap/dist/css/thivien-bootstrap.min.1713626541.css

Response headers

Cache-Control
max-age=2592000
ETag
"8e-6107c5769bce5"
Connection
Keep-Alive
Expires
Sat, 19 Oct 2024 09:04:40 GMT
Accept-Ranges
bytes
Content-Length
142
Keep-Alive
timeout=5, max=98
Date
Thu, 19 Sep 2024 09:04:40 GMT
Last-Modified
Sat, 03 Feb 2024 16:01:28 GMT
Content-Type
image/png
Server
Apache
icon_new.gif
www.thivien.net/image/ 		111 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thivien.net/image/icon_new.gif
Requested by
Host: www.thivien.net
URL: https://www.thivien.net/lib/bootstrap/dist/css/thivien-bootstrap.min.1713626541.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
222.252.4.155 Hanoi, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt-hanoi.com.vn
Software
Apache /
Resource Hash
95b336f43efe86a337daa463a0b08d32a90ff906faeb598b9697b3355fe9be1b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.thivien.net/lib/bootstrap/dist/css/thivien-bootstrap.min.1713626541.css

Response headers

Cache-Control
max-age=2592000
ETag
"6f-6107c576a3705"
Connection
Keep-Alive
Expires
Sat, 19 Oct 2024 09:04:40 GMT
Accept-Ranges
bytes
Content-Length
111
Keep-Alive
timeout=5, max=100
Date
Thu, 19 Sep 2024 09:04:40 GMT
Last-Modified
Sat, 03 Feb 2024 16:01:28 GMT
Content-Type
image/gif
Server
Apache
BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoa4OWaA.ttf
fonts.gstatic.com/s/robotoslab/v34/ 		100 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v34/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoa4OWaA.ttf
Requested by
Host: www.thivien.net
URL: https://www.thivien.net/lib/bootstrap/dist/css/thivien-bootstrap.min.1713626541.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc478eaf970e3e9c386238eefeddd5babcdb46ace8beca5848237b1f3eeec59d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.thivien.net
Referer
https://www.thivien.net/

Response headers

content-encoding
gzip
age
156490
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Sep 2025 13:36:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Sep 2024 13:36:31 GMT
last-modified
Tue, 24 Oct 2023 01:47:47 GMT
content-type
font/ttf
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
60251
x-xss-protection
0
server
sffe
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1y4n.ttf
fonts.gstatic.com/s/opensans/v40/ 		119 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1y4n.ttf
Requested by
Host: www.thivien.net
URL: https://www.thivien.net/lib/bootstrap/dist/css/thivien-bootstrap.min.1713626541.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da27a0eae69aed206938fe96efb314c945b93ae78132f3523efeabc0fc0d16e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.thivien.net
Referer
https://www.thivien.net/

Response headers

content-encoding
gzip
age
80537
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 18 Sep 2025 10:42:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Sep 2024 10:42:24 GMT
last-modified
Thu, 14 Dec 2023 01:59:56 GMT
content-type
font/ttf
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
72582
x-xss-protection
0
server
sffe
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0C4n.ttf
fonts.gstatic.com/s/opensans/v40/ 		119 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0C4n.ttf
Requested by
Host: www.thivien.net
URL: https://www.thivien.net/lib/bootstrap/dist/css/thivien-bootstrap.min.1713626541.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2198095545f17425103f8ec489403081e3b0225bd1abc90574406e88b766c5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.thivien.net
Referer
https://www.thivien.net/

Response headers

content-encoding
gzip
age
80644
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 18 Sep 2025 10:40:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Sep 2024 10:40:37 GMT
last-modified
Thu, 14 Dec 2023 02:49:51 GMT
content-type
font/ttf
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
74878
x-xss-protection
0
server
sffe
BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISWaA.ttf
fonts.gstatic.com/s/robotoslab/v34/ 		99 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v34/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISWaA.ttf
Requested by
Host: www.thivien.net
URL: https://www.thivien.net/lib/bootstrap/dist/css/thivien-bootstrap.min.1713626541.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02c09ed5af7e053cced948b362c9ad35e9a2a349f9bc39bec1d459397be2da36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.thivien.net
Referer
https://www.thivien.net/

Response headers

content-encoding
gzip
age
90473
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 18 Sep 2025 07:56:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Sep 2024 07:56:48 GMT
last-modified
Tue, 24 Oct 2023 02:10:03 GMT
content-type
font/ttf
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
57964
x-xss-protection
0
server
sffe
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.thivien.net
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Response headers

cdn-status
200
cf-cache-status
HIT
etag
"af7ae505a9eed503f8b8e6982036873e"
age
2001797
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 09:04:40 GMT
content-type
font/woff2
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat
10/31/2023 19:21:45
cdn-cache
HIT
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
f8c5502d6e17556bb1f5174202902966
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8c5868e02ce1d2a1-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
77160
cdn-edgestorageid
1029
server
cloudflare
cdn-requestcountrycode
US
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409120101/ 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409120101/slotcar_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5466764586357052
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f0c0ae2913324dc791ffd2b062d11153c6643528761132b72c99a1ffc58d938
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.thivien.net/

Response headers

content-encoding
br
etag
10751564258738334012
x-content-type-options
nosniff
expires
Thu, 19 Sep 2024 09:04:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 19 Sep 2024 09:04:41 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
31618
x-xss-protection
0
server
cafe
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409120101/ 		416 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5466764586357052&plah=www.thivien.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5466764586357052
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a7febc59589fcd277cd5e552ce7b497c6eabcae72af7f1695ec3e35b4854f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.thivien.net/

Response headers

content-encoding
br
etag
7896493795919002983
x-content-type-options
nosniff
expires
Thu, 19 Sep 2024 09:04:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 19 Sep 2024 09:04:41 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
142906
x-xss-protection
0
server
cafe
sdk.js
connect.facebook.net/en_US/ 		283 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=a4b6486927ad3bb27640fa536f21f25b
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
83b9fe9d8132f175d3af9102dd7ca6c5fc436f3e689dac0b902878ed617651ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.thivien.net
Referer
https://www.thivien.net/

Response headers

content-md5
u6dPVkr+iOZVk0YnuddRIA==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"907aeb255eec6441c90115273b0c45bd"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Fri, 19 Sep 2025 07:33:03 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 09:04:41 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
80393d2dfaad7e4f96a610083b0ee0bb
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=26, mss=1232, tbw=8346, tp=15, tpl=0, uplat=0, ullat=-1
x-fb-debug
PoypnPiCyKQxx9+H2mODWnhnaY9UxBvVnwJaIWIupbQ0b/GVZcdDat2Li6iHRdBq7xahNl3Wjri3GEvQwYTjbQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
82569
origin-agent-cluster
?0
ERdC15oZI6ufT1zd9mRIXjXsjG2KSDZbfAxF9ADt.jpg
imgs2.yodimedia.com/shopee_img/2024/05/28/ 		302 KB
302 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs2.yodimedia.com/shopee_img/2024/05/28/ERdC15oZI6ufT1zd9mRIXjXsjG2KSDZbfAxF9ADt.jpg
Requested by
Host: www.thivien.net
URL: https://www.thivien.net//
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8ca0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c881ccadb23cb3396f86229daef50bd08e5b2c9c31260f46397a06593141c01e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.thivien.net/

Response headers

cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
etag
"66559a50-4b78c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pffq0BAzTP6b16eue5%2FTv5ZdhubXNE9QV1BZjrmJVsQq6NlXkPVT9ZGohL%2BjkyolvukuSnz8KtpS4b3DKHYZi8Nf31iGzFhyBsbhp9JZywjSrUX7ll8Y%2F40qNYfLsJBavP3zIqQVJYKJWik%2BAcrj22ak"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8c5868e15eb7d369-FRA
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
309132
date
Thu, 19 Sep 2024 09:04:41 GMT
content-type
image/jpeg
last-modified
Tue, 28 May 2024 08:48:16 GMT
vary
Accept-Encoding
server
cloudflare
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-S77X7GFNH7&gtm=45je49h0v872157470za200&_p=1726736680801&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1013205233.1726736681&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1726736681&sct=1&seg=0&dl=https%3A%2F%2Fwww.thivien.net%2F%2F&dt=Thi%20Vi%E1%BB%87n&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2998
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S77X7GFNH7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.thivien.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.thivien.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 19 Sep 2024 09:04:41 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
171 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-S77X7GFNH7&cid=1013205233.1726736681&gtm=45je49h0v872157470za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S77X7GFNH7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1f::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.thivien.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.thivien.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 19 Sep 2024 09:04:41 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-S77X7GFNH7&cid=1013205233.1726736681&gtm=45je49h0v872157470za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=658020299
Requested by
Host: www.thivien.net
URL: https://www.thivien.net//
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.thivien.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 19 Sep 2024 09:04:41 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
__utm.gif
stats.g.doubleclick.net/r/ 		35 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1781632384&utmhn=www.thivien.net&utme=8(Section*LoggedIn*Mobile)9(Home*No*No)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=de-de&utmje=0&utmfl=-&utmdt=Thi%20Vi%E1%BB%87n&utmhid=1496075583&utmr=-&utmp=%2F%2F&utmht=1726736681198&utmac=UA-31319182-1&utmcc=__utma%3D150790643.1013205233.1726736681.1726736681.1726736681.1%3B%2B__utmz%3D150790643.1726736681.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1936326828&utmredir=3&utmu=qQAAAAAAAAAAAAAAAAABAAAE~
Requested by
Host: www.thivien.net
URL: https://www.thivien.net//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1f::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.thivien.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
date
Thu, 19 Sep 2024 09:04:41 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
server
Golfe2
thivien-bootstrap.min.1707985913.js
www.thivien.net/lib/bootstrap/dist/js/ 		35 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thivien.net/lib/bootstrap/dist/js/thivien-bootstrap.min.1707985913.js
Requested by
Host: www.thivien.net
URL: https://www.thivien.net/lib/head.load.min-1.0.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
222.252.4.155 Hanoi, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt-hanoi.com.vn
Software
Apache /
Resource Hash
a7c4110155a3f061c37d1468692bb077d10d113009c30fff5da92bf7554c559c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.thivien.net//

Response headers

Cache-Control
max-age=2592000
ETag
"8a08-6116775a71fdf"
Connection
Keep-Alive
Expires
Sat, 19 Oct 2024 09:04:41 GMT
Accept-Ranges
bytes
Content-Length
35336
Keep-Alive
timeout=5, max=99
Date
Thu, 19 Sep 2024 09:04:41 GMT
Last-Modified
Thu, 15 Feb 2024 08:31:53 GMT
Content-Type
text/javascript
Server
Apache
thivien.1725334043.js
www.thivien.net/ 		49 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thivien.net/thivien.1725334043.js
Requested by
Host: www.thivien.net
URL: https://www.thivien.net/lib/head.load.min-1.0.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
222.252.4.155 Hanoi, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt-hanoi.com.vn
Software
Apache /
Resource Hash
327c4199b37f76cd7bc8b61629df7e68014dfa8c4872c4265eb44773df1c97eb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.thivien.net//

Response headers

Cache-Control
max-age=2592000
ETag
"c538-6212ea2c90796"
Connection
Keep-Alive
Expires
Sat, 19 Oct 2024 09:04:41 GMT
Accept-Ranges
bytes
Content-Length
50488
Keep-Alive
timeout=5, max=97
Date
Thu, 19 Sep 2024 09:04:41 GMT
Last-Modified
Tue, 03 Sep 2024 03:27:23 GMT
Content-Type
text/javascript
Server
Apache
ca-pub-5466764586357052
fundingchoicesmessages.google.com/i/ 		208 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-5466764586357052?href=https%3A%2F%2Fwww.thivien.net%2F&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5466764586357052&plah=www.thivien.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
37854b14f1812af6270d9baf6289646c34e639918439a0dc1e448b311734ef0f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vdcQEzLhVhAHPvvoN0Cm0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.thivien.net/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Sep 2024 09:04:41 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtHikmLw1ZBiWMy_i-m80x2m60As8fUlkwYQO6XPYA0C4tab51inAnHSv_OsRUDsrnWR1R-Il0RcZD2UeJHVUOESqyMIF11i9QRi1Z5LrKZAfH_dJdbnQLz34yXWo0BcJHGFtQmIhXg4Vl5av51N4MTGFWsZlTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMLA3N9QxM4wsMAD4LRjI"
content-security-policy
script-src 'report-sample' 'nonce-vdcQEzLhVhAHPvvoN0Cm0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5466764586357052
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.thivien.net/

Response headers
AGSKWxXbLhkQowPYPb2xHYvm9KrwVdEFPNbkV2mmAxSes6ErTHZEytk9-tywUEYDJ61ttMltt4EAtCVQbGhvNpKsPheZl3bUfOfLS_nQ5Gc8gSAP2H3h_iciLIGJrURud_QZRACm9rxVRw==
fundingchoicesmessages.google.com/f/ 		393 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXbLhkQowPYPb2xHYvm9KrwVdEFPNbkV2mmAxSes6ErTHZEytk9-tywUEYDJ61ttMltt4EAtCVQbGhvNpKsPheZl3bUfOfLS_nQ5Gc8gSAP2H3h_iciLIGJrURud_QZRACm9rxVRw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI2NzM2NjgxLDQzMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cudGhpdmllbi5uZXQvLyIsbnVsbCxbWzgsIjJ4MlFhVDBhWjFFIl0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.2x2QaT0aZ1E.es5.O/am=KBg/d=1/rs=AJlcJMx84eG-DiSPD3WUcGlNy-qvrsmQww/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
64c0f682f9c1baa42e423596c2f727a9bea1f56b336acf1d106fe11c9e1135a0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XYRi6d_Zv3KvXqEZL_3gGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.thivien.net/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Sep 2024 09:04:41 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw0pBiOO90h-k6EEt8fcmkAcRO6TNYg4C49eY51qlAnPTvPGsRELtrXWT1B-IlERdZDyVeZDVUuMTqCMJFl1g9gVi15xKrKRDfX3eJ9TkQ7_14ifUoEBdJXGFtAmIhHo6Vl9ZvZxPoaN78llFJIym_MD45P6-kKDOptCS_KC05LbU4tagstSjeyMDIxMDS0FzPwDS-wAAAQ_hEmg"
content-security-policy
script-src 'report-sample' 'nonce-XYRi6d_Zv3KvXqEZL_3gGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/ 		109 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.2x2QaT0aZ1E.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwA8c2z5LShv9GK_G_4d9uWoxJbYQ/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fd3090687e1d99f2bf2ec597b58d68f93ef721f6be2faf30f4dbbe76160781b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.thivien.net/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 19 Sep 2024 09:04:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Sep 2024 09:04:41 GMT
content-type
text/css; charset=utf-8
last-modified
Thu, 19 Sep 2024 09:04:41 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
36G0Z4jxVOJOmthzHVoHQzEfzAHPVgvicIkrrDXrcXJMUcFrALXLGU7pkrw2stKpjAHUddAJH2izhauLK6HKv4PugxuKPeGQCfeGYHGpvSJnRFpqGqtdxA=h60
lh3.googleusercontent.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/36G0Z4jxVOJOmthzHVoHQzEfzAHPVgvicIkrrDXrcXJMUcFrALXLGU7pkrw2stKpjAHUddAJH2izhauLK6HKv4PugxuKPeGQCfeGYHGpvSJnRFpqGqtdxA=h60
Requested by
Host: www.thivien.net
URL: https://www.thivien.net//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f8752ca70c4a31428f388b8eb45d338e911bc1431d651bc9401793d16c5077ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.thivien.net/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
1172
x-content-type-options
nosniff
expires
Fri, 20 Sep 2024 08:45:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Sep 2024 08:45:09 GMT
content-disposition
inline;filename="unnamed.png"
content-type
image/png
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
2156
x-xss-protection
0
server
fife
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: www.thivien.net
URL: https://www.thivien.net//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.thivien.net
Referer
https://www.thivien.net/

Response headers

age
385401
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 14 Sep 2025 22:01:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Sep 2024 22:01:20 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
Requested by
Host: www.thivien.net
URL: https://www.thivien.net//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.thivien.net
Referer
https://www.thivien.net/

Response headers

age
162970
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Sep 2025 11:48:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Sep 2024 11:48:31 GMT
last-modified
Thu, 14 Dec 2023 02:00:45 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
35328
x-xss-protection
0
server
sffe
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
Requested by
Host: www.thivien.net
URL: https://www.thivien.net//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.thivien.net
Referer
https://www.thivien.net/

Response headers

age
161677
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Sep 2025 12:10:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Sep 2024 12:10:04 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
16552
x-xss-protection
0
server
sffe
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: www.thivien.net
URL: https://www.thivien.net//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.thivien.net
Referer
https://www.thivien.net/

Response headers

age
160850
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Sep 2025 12:23:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Sep 2024 12:23:51 GMT
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
128352
x-xss-protection
0
server
sffe
AGSKWxUYSAVch1b50Pz5to28wHPCAcRrLMjOwm8jONh-UjI0gPYTZKP_-q0iswfga0rfNSDOhaykG3dDNkjPBTvova7Pzo78eaC7OtFQ942nVF8cn9YOW9PswtW0lWjIKBOY6paJirTktw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUYSAVch1b50Pz5to28wHPCAcRrLMjOwm8jONh-UjI0gPYTZKP_-q0iswfga0rfNSDOhaykG3dDNkjPBTvova7Pzo78eaC7OtFQ942nVF8cn9YOW9PswtW0lWjIKBOY6paJirTktw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.2x2QaT0aZ1E.es5.O/am=KBg/d=1/rs=AJlcJMx84eG-DiSPD3WUcGlNy-qvrsmQww/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tQ3fh6ZfsYVw1VxNIrStxw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.thivien.net/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Sep 2024 09:04:41 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw05BicEqfwRoAxO5aF1n9gXhJxEXWA4kXWfd-vMR6FIiFeDhWXlq_nU1gRseR5UxKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTA0tBcz8AsvsAAAEf4LeM"
content-security-policy
script-src 'report-sample' 'nonce-tQ3fh6ZfsYVw1VxNIrStxw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.thivien.net
content-length
0
x-xss-protection
0
server
ESF
AGSKWxUYSAVch1b50Pz5to28wHPCAcRrLMjOwm8jONh-UjI0gPYTZKP_-q0iswfga0rfNSDOhaykG3dDNkjPBTvova7Pzo78eaC7OtFQ942nVF8cn9YOW9PswtW0lWjIKBOY6paJirTktw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUYSAVch1b50Pz5to28wHPCAcRrLMjOwm8jONh-UjI0gPYTZKP_-q0iswfga0rfNSDOhaykG3dDNkjPBTvova7Pzo78eaC7OtFQ942nVF8cn9YOW9PswtW0lWjIKBOY6paJirTktw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.2x2QaT0aZ1E.es5.O/am=KBg/d=1/rs=AJlcJMx84eG-DiSPD3WUcGlNy-qvrsmQww/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-7o5Hr5KApfjCtPrUSb94VA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.thivien.net/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Sep 2024 09:04:41 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0JBicEqfwRoAxO5aF1n9gXhJxEXWA4kXWfd-vMR6FIiFeDhWXlq_nU1gwelZS5iUXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmBpaG5noFZfIEBAE4MLfs"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-7o5Hr5KApfjCtPrUSb94VA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.thivien.net
content-length
0
x-xss-protection
0
server
ESF
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=456842347781417&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.thivien.net%2F%2F&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=a4b6486927ad3bb27640fa536f21f25b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.thivien.net/

Response headers

access-control-expose-headers
fb-s
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7416277575331858904"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 09:04:41 GMT
content-type
text/plain; charset=UTF-8
x-fb-debug
dkzSg/7/D1LVIus5KYa8rLXRIfuSqTVE5+/1wbGL1z1MuBKPueVjznb4Gi9oHuXRkCf19uooCVNS6lNebydREw==
strict-transport-security
max-age=15552000; preload
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7416277575331858904", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
cache-control
private, no-cache, no-store, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1328, tbw=2759, tp=-1, tpl=-1, uplat=31, ullat=0
pragma
no-cache
fb-s
unknown
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
https://www.thivien.net
content-length
0
origin-agent-cluster
?0
like.php
www.facebook.com/v19.0/plugins/ Frame 819B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v19.0/plugins/like.php?action=like&app_id=456842347781417&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df93cb7972de4c1024%26domain%3Dwww.thivien.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.thivien.net%252Ff9fd03dcb3ecb0d5a%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fthivien.net&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=false&width=440
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=a4b6486927ad3bb27640fa536f21f25b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thivien.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
date
Thu, 19 Sep 2024 09:04:42 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7416277578651027614"}]}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7416277578651027614"
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2761, tp=-1, tpl=-1, uplat=30, ullat=0
x-fb-debug
QWDaiYMNn4f6KmughF/I7MiPWsQkooGsZBU2vlSU5da6Jl+YGOMgMf6wxrnA+oYwSFvWlGk790c9ObWh1Iusig==
x-xss-protection
0
favicon-32x32.png
www.thivien.net/image/favicon/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.thivien.net/image/favicon/favicon-32x32.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
222.252.4.155 Hanoi, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt-hanoi.com.vn
Software
Apache /
Resource Hash
7ab01828ac9c1d53c2f24047c545b6b9d1e4aee836a9502601d8b7dd077dbaa8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.thivien.net//

Response headers

Cache-Control
max-age=2592000
ETag
"80d-6107c576a3705"
Connection
Keep-Alive
Expires
Sat, 19 Oct 2024 09:04:42 GMT
Accept-Ranges
bytes
Content-Length
2061
Keep-Alive
timeout=5, max=98
Date
Thu, 19 Sep 2024 09:04:42 GMT
Last-Modified
Sat, 03 Feb 2024 16:01:28 GMT
Content-Type
image/png
Server
Apache

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| head boolean| _UrlRewrite string| _UrlBase boolean| _FacebookIntegration string| _FacebookAppID number| _VNTypingMode object| adsbygoogle function| gtag object| dataLayer object| _gaq object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue object| google_ad_modifications object| ggeac object| google_tag_data object| google_reactive_ads_global_state object| google_llp object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| google_tag_manager object| FB object| gnshbrequest string| google_user_agent_client_hint object| googletag function| onYouTubeIframeAPIReady object| gaGlobal object| _gat function| $ function| jQuery function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator object| __buffer function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| N2E0NWVjZDMzNzgwNDYzZmxvYWRlcl9qcw== string| N2E0NWVjZDMzNzgwNDYzZmNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| AVIMGlobalConfig object| AVIMAutoConfig function| AVIM function| AVIMInit function| AVIMAJAXFix function| AddSelectOption function| replaceContent function| RelURL2Abs function| ScrollTo function| OnAnchorScroll function| InitialAnchorScroll function| kajax function| setCookie function| getCookie function| notify function| OpenModifyMemberTitlePopup function| OpenBrowseAvatarGalleryPopup function| OpenUploadAvatarPopup function| ShowHideOnClick number| POPUP_POS_BELOW_LEFT number| POPUP_POS_BELOW_RIGHT object| PopupList number| PopupIndex function| PopupWindowIn function| PopupWindowOut function| PopupInit function| PopupWindowOnPopup function| QSearch_Show function| QS_QuickResult function| QS_SearchResult function| QS_UseGoogle function| QS_OnClose function| ShowLikeInfo function| SendRating function| BoundWithHVDic function| CJKRegexClass function| Chinese2Links function| Chinese2Simplified function| SwitchPoemView function| Navbar_and_Scroll function| Facebook_Init function| UpdateFBShareCount function| ShareOnFacebook function| ShareOnFacebook_Content function| SwitchViewMode function| SetVNTypingMode function| ToggleVNTypingMode number| attachmentKeyInc object| attachmentInfo function| activeSlideAttInfIndex function| activeSlideAttInf function| manageAttachments function| manageAttachments_message function| manageAttachments_add_edit function| manageAttachments_delete function| staticAttachmentCarousel function| setupPlyr object| AVIMObj function| fbAsyncInit

8 Cookies

Domain/Path Name / Value
www.thivien.net/ Name: PHPSESSID
Value: 66j8ilv5vdcovj0ob8483k1f4f
.thivien.net/ Name: _ga_S77X7GFNH7
Value: GS1.1.1726736681.1.0.1726736681.60.0.0
.thivien.net/ Name: _ga
Value: GA1.1.1013205233.1726736681
.thivien.net/ Name: __utma
Value: 150790643.1013205233.1726736681.1726736681.1726736681.1
.thivien.net/ Name: __utmc
Value: 150790643
.thivien.net/ Name: __utmz
Value: 150790643.1726736681.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.thivien.net/ Name: __utmt
Value: 1
.thivien.net/ Name: __utmb
Value: 150790643.1.10.1726736681

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://www.thivien.net//
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajsc.yodimedia.com
code.jquery.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
imgs2.yodimedia.com
lh3.googleusercontent.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
region1.analytics.google.com
stats.g.doubleclick.net
www.facebook.com
www.google.de
www.googletagmanager.com
www.thivien.net
2001:4860:4802:32::36
222.252.4.155
2606:4700:3034::6815:3ef0
2606:4700:3037::ac43:8ca0
2606:4700::6812:bcf
2a00:1450:4001:801::2003
2a00:1450:4001:803::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:81c::2008
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:82f::200a
2a00:1450:400c:c1f::9b
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:600::649
02c09ed5af7e053cced948b362c9ad35e9a2a349f9bc39bec1d459397be2da36
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
1d5e7acf92732a6e0101ebec494d2c415433c3537bc61f722564630fbb327e60
2241b389694144e159b8bbade5246c605ad9fbbfd3b53235c84682057130ae4f
2a7febc59589fcd277cd5e552ce7b497c6eabcae72af7f1695ec3e35b4854f79
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
327c4199b37f76cd7bc8b61629df7e68014dfa8c4872c4265eb44773df1c97eb
35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406
37854b14f1812af6270d9baf6289646c34e639918439a0dc1e448b311734ef0f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
5ad6439ab1af0563d76dc9533688ad1dfbc55cd322c687289a77aba6b003318d
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
64c0f682f9c1baa42e423596c2f727a9bea1f56b336acf1d106fe11c9e1135a0
6c03f364ce810ce979193204f3b8650cdc795ff5a52577fac42a89ea9c643ed8
75f26aa8fe7e12a7172c108de8254fbfb4b72c19c4de7929cedc460e89e1f35b
76dfc7a91c655476ad47819d7c2ce497cabf6ab461f7c71f2f2a32afeb02fb06
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ab01828ac9c1d53c2f24047c545b6b9d1e4aee836a9502601d8b7dd077dbaa8
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b9fe9d8132f175d3af9102dd7ca6c5fc436f3e689dac0b902878ed617651ab
8f0c0ae2913324dc791ffd2b062d11153c6643528761132b72c99a1ffc58d938
95b336f43efe86a337daa463a0b08d32a90ff906faeb598b9697b3355fe9be1b
a7c4110155a3f061c37d1468692bb077d10d113009c30fff5da92bf7554c559c
a9ec0ea56681b1ce3bba8f539fef5b6ef132b9c5d366e56e462302b6e7ea3c62
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
b774f9aed6fedf4b4421dad8f0a3bd6415fd5cb2d31ea925005767a48b33da1c
c881ccadb23cb3396f86229daef50bd08e5b2c9c31260f46397a06593141c01e
cc478eaf970e3e9c386238eefeddd5babcdb46ace8beca5848237b1f3eeec59d
da27a0eae69aed206938fe96efb314c945b93ae78132f3523efeabc0fc0d16e3
dad893597cee2d49406c054380f9c338d1838db41083896ded6ccc6f26d8ef6a
dcdb7f84a3ada5c33b409d6e0d5ada3572e14d214460964c76e33bd334cef64c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2198095545f17425103f8ec489403081e3b0225bd1abc90574406e88b766c5a
f84564beec4f54cc444a01dcc01eb08bc578d0b322e44a83ba1355ba524b8f90
f8752ca70c4a31428f388b8eb45d338e911bc1431d651bc9401793d16c5077ab
fd3090687e1d99f2bf2ec597b58d68f93ef721f6be2faf30f4dbbe76160781b6