urlscan.io logo urlscan.io
SecurityTrails logo

www.googledriverkhonggioihan.com Open in urlscan Pro
52.221.6.123  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.googledriverkhonggioihan.com/
Submission Tags: @phishunt_io
Submission: On December 31 via api from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 5 countries across 13 domains to perform 39 HTTP transactions. The main IP is 52.221.6.123, located in Singapore, Singapore and belongs to AMAZON-02, US. The main domain is www.googledriverkhonggioihan.com.
TLS certificate: Issued by R3 on December 30th 2020. Valid for: 3 months.
This is the only time www.googledriverkhonggioihan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    52.221.6.123 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-6-123.ap-southeast-1.compute.amazonaws.com
www.googledriverkhonggioihan.com
1    2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2606:4700::6812:c44 (United States)

ASN13335 (CLOUDFLARENET, US)
w.ladicdn.com
1    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    54.254.168.41 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-254-168-41.ap-southeast-1.compute.amazonaws.com
static.ladipage.net
6    2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
9    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    52.74.211.60 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-211-60.ap-southeast-1.compute.amazonaws.com
a.ladipage.com
1    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
spreadsheets.google.com
2    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh4.googleusercontent.com
1    45.122.220.213 (Viet Nam)

ASN56150 (VHOST-AS-VN Viet Solutions Services Trading Company Limited, VN)
blog.ladipage.vn
Domain Requested by
15 fonts.gstatic.com fonts.googleapis.com
7 w.ladicdn.com www.googledriverkhonggioihan.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.googledriverkhonggioihan.com
2 lh4.googleusercontent.com www.googledriverkhonggioihan.com
2 a.ladipage.com w.ladicdn.com
2 connect.facebook.net www.googledriverkhonggioihan.com
connect.facebook.net
1 blog.ladipage.vn www.googledriverkhonggioihan.com
1 spreadsheets.google.com w.ladicdn.com
1 www.facebook.com www.googledriverkhonggioihan.com
1 static.ladipage.net 1 redirects
1 www.googletagmanager.com www.googledriverkhonggioihan.com
1 fonts.googleapis.com www.googledriverkhonggioihan.com
1 www.googledriverkhonggioihan.com
39 13

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
Subject Issuer Validity Valid
www.googledriverkhonggioihan.com
R3		 2020-12-30 -
2021-03-30		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
ladicdn.com
Cloudflare Inc ECC CA-3		 2020-07-13 -
2021-07-13		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-11-02 -
2021-01-30		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
a.ladipage.com
Amazon		 2020-07-31 -
2021-08-30		 a year crt.sh
*.googleusercontent.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
localhost
localhost		 2016-06-18 -
2043-11-03		 27 years crt.sh

This page contains 1 frames:

Primary Page: https://www.googledriverkhonggioihan.com/
Frame ID: A043A778C8161929B7FEE9C104BD65C0
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

39
Requests

97 %
HTTPS

73 %
IPv6

13
Domains

13
Subdomains

15
IPs

5
Countries

1388 kB
Transfer

2112 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://static.ladipage.net/source/notify.svg HTTP 301
  • https://w.ladicdn.com/source/notify.svg

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.googledriverkhonggioihan.com/ 		162 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googledriverkhonggioihan.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.6.123 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-6-123.ap-southeast-1.compute.amazonaws.com
Software
openresty /
Resource Hash
d4848c5ab805ac72abf9d2d951fd4b686a9521bc5285b31a447cb828e55adac9

Request headers

:method
GET
:authority
www.googledriverkhonggioihan.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
openresty
date
Thu, 31 Dec 2020 03:45:14 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
set-cookie
LADI_CLIENT_ID=47ff34be-fae9-46d5-5621-128dedfd3040; Expires=Sun, 29 Dec 2030 03:45:14 GMT LADI_PAGE_VIEW=0; Expires=Sun, 29 Dec 2030 03:45:14 GMT LADI_FORM_SUBMIT=0; Expires=Sun, 29 Dec 2030 03:45:14 GMT LADI_PAGE_VIEW=1; Expires=Sun, 29 Dec 2030 03:45:14 GMT LADI_CAMP_ID=; Max-Age=0 LADI_CAMP_NAME=; Max-Age=0 LADI_CAMP_TYPE=; Max-Age=0 LADI_CAMP_ORIGIN_URL=; Max-Age=0 LADI_CAMP_TARGET_URL=; Max-Age=0 LADI_CAMP_PAGE_VIEW=; Max-Age=0 LADI_CAMP_FORM_SUBMIT=; Max-Age=0 LADI_CAMP_BEHAVIOR_PAGE_VIEW=; Max-Age=0 LADI_CAMP_BEHAVIOR_FORMSUBMIT=; Max-Age=0 LADI_CAMP_CONFIG=; Max-Age=0 LADI_FUNNEL_NEXT_URL=; Max-Age=0 LADI_FUNNEL_PREV_URL=; Max-Age=0
statuscode
200
content-encoding
gzip
css
fonts.googleapis.com/ 		17 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Quicksand:bold,regular|Roboto%20Slab:bold,regular|Montserrat:bold,regular|K2D:bold,regular|Open%20Sans:bold,regular&display=swap
Requested by
Host: www.googledriverkhonggioihan.com
URL: https://www.googledriverkhonggioihan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5f42b274abf155e3feb792980f89e960e4f93b6623aef3436579e2d85db52019
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.googledriverkhonggioihan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 31 Dec 2020 03:45:14 GMT
server
ESF
date
Thu, 31 Dec 2020 03:45:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 31 Dec 2020 03:45:14 GMT
ladipage.min.js
w.ladicdn.com/v2/source/ 		169 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.ladicdn.com/v2/source/ladipage.min.js?v=1582770283794
Requested by
Host: www.googledriverkhonggioihan.com
URL: https://www.googledriverkhonggioihan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
485adeb6c377bbadcac0b703df2d40ec4a893d2142d737c95b069d0d935b72b3

Request headers

Referer
https://www.googledriverkhonggioihan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 31 Dec 2020 03:45:14 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
24714
cf-request-id
07587f63fa0000175a3519a000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
60a101b32b2b175a-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 31 Dec 2021 03:45:14 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-148856088-2
Requested by
Host: www.googledriverkhonggioihan.com
URL: https://www.googledriverkhonggioihan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
53fcba8114efd90156f80b8b96608131acf0eb8ce7cc04b5f08fad0fecccd5cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.googledriverkhonggioihan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 31 Dec 2020 03:45:14 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39020
x-xss-protection
0
last-modified
Thu, 31 Dec 2020 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 31 Dec 2020 03:45:14 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.googledriverkhonggioihan.com
URL: https://www.googledriverkhonggioihan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
330f013510cb63e5096f8720859694ad2d578d0a62af203e6d6881d1b5e635ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.googledriverkhonggioihan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
HZMaRIgaSxd0xSnuMxCQ4g==
cross-origin-resource-policy
cross-origin
expires
Thu, 31 Dec 2020 03:54:30 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1780
x-fb-rlafr
0
x-fb-debug
y9weoy92XjqUtcu7z+Fc/6/3Def9LxTceXVP/AC2KRHNUdba+xCao+M72m5fK95tIAML7FVQvnromrdQu5l8vA==
x-fb-trip-id
436667874
x-fb-content-md5
6e90200a74f5255a4586ee59d662e39c
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 31 Dec 2020 03:45:14 GMT
x-frame-options
DENY
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"27de8c006038a395be721c06ecc93f77"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
notify.svg
w.ladicdn.com/source/
Redirect Chain
  • https://static.ladipage.net/source/notify.svg
  • https://w.ladicdn.com/source/notify.svg
2 KB
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/source/notify.svg
Requested by
Host: www.googledriverkhonggioihan.com
URL: https://www.googledriverkhonggioihan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c950f9d8711acbcb718c05c7d12d9297acfd418b228382d45c92c36deab49b12

Request headers

Referer
https://www.googledriverkhonggioihan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 31 Dec 2020 03:45:15 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
431244
cf-request-id
07587f675f0000175addae7000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
60a101b89841175a-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 31 Dec 2021 03:45:15 GMT

Redirect headers

location
https://w.ladicdn.com:443/source/notify.svg
date
Thu, 31 Dec 2020 03:45:15 GMT
server
awselb/2.0
content-length
134
content-type
text/html
6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
fonts.gstatic.com/s/quicksand/v21/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v21/6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand:bold,regular|Roboto%20Slab:bold,regular|Montserrat:bold,regular|K2D:bold,regular|Open%20Sans:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b47478ebfad192488b281cb20b85ef93444ff24c547c4a03511e400defb38aa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.googledriverkhonggioihan.com
Referer
https://fonts.googleapis.com/css?family=Quicksand:bold,regular|Roboto%20Slab:bold,regular|Montserrat:bold,regular|K2D:bold,regular|Open%20Sans:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 06:00:51 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Jun 2020 02:43:58 GMT
server
sffe
age
510263
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26160
x-xss-protection
0
expires
Sat, 25 Dec 2021 06:00:51 GMT
BngMUXZYTXPIvIBgJJSb6ufD5qWr4xCCQ_k.woff2
fonts.gstatic.com/s/robotoslab/v12/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v12/BngMUXZYTXPIvIBgJJSb6ufD5qWr4xCCQ_k.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand:bold,regular|Roboto%20Slab:bold,regular|Montserrat:bold,regular|K2D:bold,regular|Open%20Sans:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea4a5b318e39599f0f9cc0276ea20b28b06f224d5d850ee079d61fee168e32a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.googledriverkhonggioihan.com
Referer
https://fonts.googleapis.com/css?family=Quicksand:bold,regular|Roboto%20Slab:bold,regular|Montserrat:bold,regular|K2D:bold,regular|Open%20Sans:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 11:00:48 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Jun 2020 02:28:46 GMT
server
sffe
age
492266
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19152
x-xss-protection
0
expires
Sat, 25 Dec 2021 11:00:48 GMT
J7aenpF2V0Ery4A5k5Y9xJlCGg.woff2
fonts.gstatic.com/s/k2d/v4/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/k2d/v4/J7aenpF2V0Ery4A5k5Y9xJlCGg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand:bold,regular|Roboto%20Slab:bold,regular|Montserrat:bold,regular|K2D:bold,regular|Open%20Sans:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed22eb83dd9f1da5bd30870a6b8f220969abb377f5bd3e48965bb5d290066b5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.googledriverkhonggioihan.com
Referer
https://fonts.googleapis.com/css?family=Quicksand:bold,regular|Roboto%20Slab:bold,regular|Montserrat:bold,regular|K2D:bold,regular|Open%20Sans:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 01:27:52 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Jul 2020 19:40:49 GMT
server
sffe
age
526642
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13416
x-xss-protection
0
expires
Sat, 25 Dec 2021 01:27:52 GMT
BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2
fonts.gstatic.com/s/robotoslab/v12/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v12/BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand:bold,regular|Roboto%20Slab:bold,regular|Montserrat:bold,regular|K2D:bold,regular|Open%20Sans:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0e89bf9070896e8016be5d04a290635ea0a95e9c8bc6dbfcd3ee45bc41fc5a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.googledriverkhonggioihan.com
Referer
https://fonts.googleapis.com/css?family=Quicksand:bold,regular|Roboto%20Slab:bold,regular|Montserrat:bold,regular|K2D:bold,regular|Open%20Sans:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 05:54:49 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Jun 2020 02:33:54 GMT
server
sffe
age
510625
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30940
x-xss-protection
0
expires
Sat, 25 Dec 2021 05:54:49 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand:bold,regular|Roboto%20Slab:bold,regular|Montserrat:bold,regular|K2D:bold,regular|Open%20Sans:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.googledriverkhonggioihan.com
Referer
https://fonts.googleapis.com/css?family=Quicksand:bold,regular|Roboto%20Slab:bold,regular|Montserrat:bold,regular|K2D:bold,regular|Open%20Sans:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 16:31:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
472449
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Sat, 25 Dec 2021 16:31:05 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand:bold,regular|Roboto%20Slab:bold,regular|Montserrat:bold,regular|K2D:bold,regular|Open%20Sans:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.googledriverkhonggioihan.com
Referer
https://fonts.googleapis.com/css?family=Quicksand:bold,regular|Roboto%20Slab:bold,regular|Montserrat:bold,regular|K2D:bold,regular|Open%20Sans:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 11:36:52 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:27 GMT
server
sffe
age
490102
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9080
x-xss-protection
0
expires
Sat, 25 Dec 2021 11:36:52 GMT
6xKtdSZaM9iE8KbpRA_hJVQNYuDyP7bh.woff2
fonts.gstatic.com/s/quicksand/v21/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v21/6xKtdSZaM9iE8KbpRA_hJVQNYuDyP7bh.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand:bold,regular|Roboto%20Slab:bold,regular|Montserrat:bold,regular|K2D:bold,regular|Open%20Sans:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
463481f89055f6e1601dd7b220a6a67d9af3fb6300372bef408431f7a6070948
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.googledriverkhonggioihan.com
Referer
https://fonts.googleapis.com/css?family=Quicksand:bold,regular|Roboto%20Slab:bold,regular|Montserrat:bold,regular|K2D:bold,regular|Open%20Sans:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 04:13:26 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Jun 2020 02:45:57 GMT
server
sffe
age
516708
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22364
x-xss-protection
0
expires
Sat, 25 Dec 2021 04:13:26 GMT
J7aenpF2V0Ery4A5nZY9xJlCGgAa.woff2
fonts.gstatic.com/s/k2d/v4/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/k2d/v4/J7aenpF2V0Ery4A5nZY9xJlCGgAa.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand:bold,regular|Roboto%20Slab:bold,regular|Montserrat:bold,regular|K2D:bold,regular|Open%20Sans:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41a46d1c59f1d14df647ad1c1c5bb5a9f80814cd9463f86db29b06916707165
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.googledriverkhonggioihan.com
Referer
https://fonts.googleapis.com/css?family=Quicksand:bold,regular|Roboto%20Slab:bold,regular|Montserrat:bold,regular|K2D:bold,regular|Open%20Sans:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Dec 2020 01:38:47 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Jul 2020 19:41:29 GMT
server
sffe
age
439588
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10656
x-xss-protection
0
expires
Sun, 26 Dec 2021 01:38:47 GMT
mem5YaGs126MiZpBA-UN7rgOXOhpKKSTj5PW.woff2
fonts.gstatic.com/s/opensans/v18/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOXOhpKKSTj5PW.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand:bold,regular|Roboto%20Slab:bold,regular|Montserrat:bold,regular|K2D:bold,regular|Open%20Sans:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35327bcecf226f1e75d221cf9b537d5d8a127dd1e38298cc4596bcf638f6071a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.googledriverkhonggioihan.com
Referer
https://fonts.googleapis.com/css?family=Quicksand:bold,regular|Roboto%20Slab:bold,regular|Montserrat:bold,regular|K2D:bold,regular|Open%20Sans:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 10:44:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:25 GMT
server
sffe
age
234037
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7208
x-xss-protection
0
expires
Tue, 28 Dec 2021 10:44:38 GMT
ladipage.min.css
w.ladicdn.com/v2/source/ 		65 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w.ladicdn.com/v2/source/ladipage.min.css?v=1582770283794
Requested by
Host: www.googledriverkhonggioihan.com
URL: https://www.googledriverkhonggioihan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dd542f56448c468d96d554d8015420ef092debb0eae9ac5adca061cb129887e

Request headers

Referer
https://www.googledriverkhonggioihan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 31 Dec 2020 03:45:15 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
cf-request-id
07587f65790000175a0a254000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
60a101b58d23175a-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 31 Dec 2021 03:45:15 GMT
6xKtdSZaM9iE8KbpRA_hJFQNYuDyP7bh.woff2
fonts.gstatic.com/s/quicksand/v21/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v21/6xKtdSZaM9iE8KbpRA_hJFQNYuDyP7bh.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand:bold,regular|Roboto%20Slab:bold,regular|Montserrat:bold,regular|K2D:bold,regular|Open%20Sans:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd4f181e1f9d2bd79d633aaa7c9960880c555909fff8464c4fb6362361c654ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.googledriverkhonggioihan.com
Referer
https://fonts.googleapis.com/css?family=Quicksand:bold,regular|Roboto%20Slab:bold,regular|Montserrat:bold,regular|K2D:bold,regular|Open%20Sans:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 22:59:06 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Jun 2020 02:08:44 GMT
server
sffe
age
189969
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7148
x-xss-protection
0
expires
Tue, 28 Dec 2021 22:59:06 GMT
BngMUXZYTXPIvIBgJJSb6ufC5qWr4xCCQ_k.woff2
fonts.gstatic.com/s/robotoslab/v12/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v12/BngMUXZYTXPIvIBgJJSb6ufC5qWr4xCCQ_k.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand:bold,regular|Roboto%20Slab:bold,regular|Montserrat:bold,regular|K2D:bold,regular|Open%20Sans:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08eec2be8e1595c7c7610a3c9eb386b720c358bf29e5562138243ef74026757f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.googledriverkhonggioihan.com
Referer
https://fonts.googleapis.com/css?family=Quicksand:bold,regular|Roboto%20Slab:bold,regular|Montserrat:bold,regular|K2D:bold,regular|Open%20Sans:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 19:47:44 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Jun 2020 02:09:14 GMT
server
sffe
age
201451
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8484
x-xss-protection
0
expires
Tue, 28 Dec 2021 19:47:44 GMT
J7aenpF2V0Ery4A5nJY9xJlCGgAa.woff2
fonts.gstatic.com/s/k2d/v4/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/k2d/v4/J7aenpF2V0Ery4A5nJY9xJlCGgAa.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand:bold,regular|Roboto%20Slab:bold,regular|Montserrat:bold,regular|K2D:bold,regular|Open%20Sans:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e270b545a7111845a3a8d918ff2efe5a2fd574feae181d76a6cfacb52d04672
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.googledriverkhonggioihan.com
Referer
https://fonts.googleapis.com/css?family=Quicksand:bold,regular|Roboto%20Slab:bold,regular|Montserrat:bold,regular|K2D:bold,regular|Open%20Sans:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Dec 2020 22:45:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Jul 2020 19:47:03 GMT
server
sffe
age
536415
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4000
x-xss-protection
0
expires
Fri, 24 Dec 2021 22:45:00 GMT
mem5YaGs126MiZpBA-UN7rgOXehpKKSTj5PW.woff2
fonts.gstatic.com/s/opensans/v18/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOXehpKKSTj5PW.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand:bold,regular|Roboto%20Slab:bold,regular|Montserrat:bold,regular|K2D:bold,regular|Open%20Sans:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c21c5b1826e4747f5acd01b837b53e61071a40e24ee7e6d5d00e2b76ef8e69ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.googledriverkhonggioihan.com
Referer
https://fonts.googleapis.com/css?family=Quicksand:bold,regular|Roboto%20Slab:bold,regular|Montserrat:bold,regular|K2D:bold,regular|Open%20Sans:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Dec 2020 21:09:13 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:37 GMT
server
sffe
age
542162
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3768
x-xss-protection
0
expires
Fri, 24 Dec 2021 21:09:13 GMT
mem8YaGs126MiZpBA-UFW50bf8pkAp6a.woff2
fonts.gstatic.com/s/opensans/v18/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFW50bf8pkAp6a.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand:bold,regular|Roboto%20Slab:bold,regular|Montserrat:bold,regular|K2D:bold,regular|Open%20Sans:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6446b6826bb6136c8782e74d99a2ea78cc9cb508cf61f4020fee5415f108c7e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.googledriverkhonggioihan.com
Referer
https://fonts.googleapis.com/css?family=Quicksand:bold,regular|Roboto%20Slab:bold,regular|Montserrat:bold,regular|K2D:bold,regular|Open%20Sans:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Dec 2020 09:58:33 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
236802
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7292
x-xss-protection
0
expires
Tue, 28 Dec 2021 09:58:33 GMT
8-20191216134040.jpg
w.ladicdn.com/s1440x781/591e72e19d9be2016ec579a9/ 		433 KB
433 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s1440x781/591e72e19d9be2016ec579a9/8-20191216134040.jpg
Requested by
Host: www.googledriverkhonggioihan.com
URL: https://www.googledriverkhonggioihan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d036e33f36f84e883c6a12bc3b7529fc1cdb35776ce8924d9e08ba6f53f85f4

Request headers

Referer
https://www.googledriverkhonggioihan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 31 Dec 2020 03:45:15 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
access-control-max-age
2592000
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
60a101b60db0175a-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cf-request-id
07587f65c40000175a04384000000001
expires
Fri, 31 Dec 2021 03:45:15 GMT
5a64450874df215-20191216134928.png
w.ladicdn.com/s550x550/591e72e19d9be2016ec579a9/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s550x550/591e72e19d9be2016ec579a9/5a64450874df215-20191216134928.png
Requested by
Host: www.googledriverkhonggioihan.com
URL: https://www.googledriverkhonggioihan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
436eea189f9ca573b9238c4f78887b9d6cb6109282eda8f69f0a067502ade266

Request headers

Referer
https://www.googledriverkhonggioihan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 31 Dec 2020 03:45:15 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
access-control-max-age
2592000
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
60a101b60db2175a-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cf-request-id
07587f65c20000175a2c160000000001
expires
Fri, 31 Dec 2021 03:45:15 GMT
2020-20191221072147.png
w.ladicdn.com/s650x550/591e72e19d9be2016ec579a9/ 		341 KB
341 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s650x550/591e72e19d9be2016ec579a9/2020-20191221072147.png
Requested by
Host: www.googledriverkhonggioihan.com
URL: https://www.googledriverkhonggioihan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b067af96b884ecb8d72be60a091ed2c3a2f5e623bc7a1b8d24f1c4c85d72f3ef

Request headers

Referer
https://www.googledriverkhonggioihan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 31 Dec 2020 03:45:15 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
access-control-max-age
2592000
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
60a101b60db4175a-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cf-request-id
07587f65c20000175aff333000000001
expires
Fri, 31 Dec 2021 03:45:15 GMT
google-2-20200213024402.jpg
w.ladicdn.com/s600x500/5d81e0b320d6dc5d5c0e5781/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s600x500/5d81e0b320d6dc5d5c0e5781/google-2-20200213024402.jpg
Requested by
Host: www.googledriverkhonggioihan.com
URL: https://www.googledriverkhonggioihan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86955cbac55535682f0cea986279aed0a7b6e7f327557178eabe29fb1a8fee3c

Request headers

Referer
https://www.googledriverkhonggioihan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 31 Dec 2020 03:45:15 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
access-control-max-age
2592000
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
60a101b60db5175a-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cf-request-id
07587f65c20000175afaadd000000001
expires
Fri, 31 Dec 2021 03:45:15 GMT
truncated
/ 		603 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db54079d651ca19740d206708f00f7eaf73a8995bff792846712165278799ccb

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
sdk.js
connect.facebook.net/en_US/ 		195 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=7af66c9ada39bdc5381f34e247f45a5d&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
56d093902a26b6d8e96b04bf6f20f2d9b313857ceed5359b86d87b0ed2812927
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.googledriverkhonggioihan.com
Referer
https://www.googledriverkhonggioihan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
j6Ldss53Nef7IHyTPYrQog==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
60129
x-fb-rlafr
0
x-fb-debug
e/2K0wrSXkr2bBB5qJT/eV9ljchItOut+kN6M7yXjT40Wc7uZrUwIDsg9r5TD7cH7FQ6qWpT1C9hhkUc3aCIgQ==
x-fb-trip-id
436667874
x-fb-content-md5
ebca104af5aecb946bc09226f6522ae5
x-frame-options
DENY
date
Thu, 31 Dec 2020 03:45:15 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"b94f2e02f40cc6bfff2759dd6536e093"
timing-allow-origin
*
expires
Fri, 31 Dec 2021 03:29:11 GMT
mem8YaGs126MiZpBA-UFWp0bf8pkAp6a.woff2
fonts.gstatic.com/s/opensans/v18/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFWp0bf8pkAp6a.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand:bold,regular|Roboto%20Slab:bold,regular|Montserrat:bold,regular|K2D:bold,regular|Open%20Sans:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5bc4f2d9e78ed7161722678a992ec9875bd4faaefcb7b692e12b80015cbb1a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.googledriverkhonggioihan.com
Referer
https://fonts.googleapis.com/css?family=Quicksand:bold,regular|Roboto%20Slab:bold,regular|Montserrat:bold,regular|K2D:bold,regular|Open%20Sans:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Dec 2020 09:16:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:24 GMT
server
sffe
age
412152
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3628
x-xss-protection
0
expires
Sun, 26 Dec 2021 09:16:03 GMT
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-148856088-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.googledriverkhonggioihan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
3308
date
Thu, 31 Dec 2020 02:50:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Thu, 31 Dec 2020 04:50:07 GMT
/
www.facebook.com/tr/ 		44 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=820041625115607&ev=fb_page_view&dl=https%3A%2F%2Fwww.googledriverkhonggioihan.com%2F&rl=&if=false&ts=1609386315263&sw=1600&sh=1200&at=
Requested by
Host: www.googledriverkhonggioihan.com
URL: https://www.googledriverkhonggioihan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.googledriverkhonggioihan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 31 Dec 2020 03:45:15 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 31 Dec 2020 03:45:15 GMT
collect
www.google-analytics.com/j/ 		1 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1538966365&t=pageview&_s=1&dl=https%3A%2F%2Fwww.googledriverkhonggioihan.com%2F&ul=en-us&de=UTF-8&dt=%C6%AFu%20%C4%90%C3%A3i%20Gi%E1%BA%A3m%20Gi%C3%A1%20Google%20Drive%20Unlimited&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=2061481512&gjid=948144179&cid=1209696800.1609386315&tid=UA-148856088-2&_gid=1030105671.1609386315&_r=1&gtm=2oubu0&z=1332650696
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.googledriverkhonggioihan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Dec 2020 03:45:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.googledriverkhonggioihan.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
a.ladipage.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://a.ladipage.com/event
Protocol
H2
Server
52.74.211.60 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-211-60.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,ladi_camp_form_submit,ladi_camp_form_submit_daily,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_page_view_daily,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_form_submit_daily,ladi_page_view,ladi_page_view_daily
Origin
https://www.googledriverkhonggioihan.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 31 Dec 2020 03:45:15 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
x-xss-protection
0
x-content-type-options
nosniff
x-download-options
noopen
access-control-allow-origin
*
access-control-allow-methods
POST, OPTIONS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
access-control-max-age
2592000
vary
Accept-Encoding
content-encoding
gzip
values
spreadsheets.google.com/feeds/list/1x8ygWhgDkvbNApIkFlmq-6DeLuWCzB7_EutjIAy_fPE/1/public/ 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://spreadsheets.google.com/feeds/list/1x8ygWhgDkvbNApIkFlmq-6DeLuWCzB7_EutjIAy_fPE/1/public/values?alt=json
Requested by
Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipage.min.js?v=1582770283794
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
20e93f57730382e2577caca90a532d4d5384f0f6bc1e947c582c9ec886f08a47
Security Headers
Name Value
Content-Security-Policy base-uri 'self';object-src 'self';report-uri https://docs.google.com/spreadsheets/cspreport;script-src 'report-sample' 'nonce-oZ5BL9qwbCaCKRYXT/XItA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.googledriverkhonggioihan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 31 Dec 2020 03:45:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
1; mode=block
last-modified
Thu, 31 Dec 2020 03:45:16 GMT
server
GSE
x-frame-options
SAMEORIGIN
vary
Accept, X-GData-Authorization, GData-Version
gdata-version
1.0
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.googledriverkhonggioihan.com
access-control-expose-headers
Cache-Control,Content-Encoding,Content-Length,Content-Type,Date,Expires,Last-Modified,Server,Transfer-Encoding,Vary
cache-control
private, max-age=0, must-revalidate, no-transform
content-security-policy
base-uri 'self';object-src 'self';report-uri https://docs.google.com/spreadsheets/cspreport;script-src 'report-sample' 'nonce-oZ5BL9qwbCaCKRYXT/XItA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self'
x-robots-tag
noindex, nofollow, nosnippet
expires
Thu, 31 Dec 2020 03:45:16 GMT
event
a.ladipage.com/ 		34 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ladipage.com/event
Requested by
Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipage.min.js?v=1582770283794
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.211.60 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-211-60.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
287605fd293c9635d7edce4f9fd1b96e6977ec05607aad46a891daa82d2c6e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

LADI_CLIENT_ID
47ff34be-fae9-46d5-5621-128dedfd3040
LADI_PAGE_VIEW_DAILY
0
LADI_CAMP_ORIGIN_URL
LADI_FORM_SUBMIT_DAILY
0
LADI_CAMP_ID
LADI_CAMP_FORM_SUBMIT
0
LADI_CAMP_TYPE
LADI_CAMP_FORM_SUBMIT_DAILY
0
LADI_CAMP_PAGE_VIEW_DAILY
0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
LADI_FORM_SUBMIT
0
LADI_CAMP_NAME
Content-Type
application/json
Referer
https://www.googledriverkhonggioihan.com/
LADI_CAMP_TARGET_URL
LADI_CAMP_PAGE_VIEW
0
LADI_PAGE_VIEW
1

Response headers

date
Thu, 31 Dec 2020 03:45:16 GMT
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-max-age
2592000
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
x-xss-protection
0
collect
www.google-analytics.com/ 		35 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&a=1538966365&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.googledriverkhonggioihan.com%2F&ul=en-us&de=UTF-8&dt=%C6%AFu%20%C4%90%C3%A3i%20Gi%E1%BA%A3m%20Gi%C3%A1%20Google%20Drive%20Unlimited&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=LadiPageScrollDepth&ea=ScrollDepth_50_percent&el=www.googledriverkhonggioihan.com%2F&_u=KEBAAUABAAAAAC~&jid=&gjid=&cid=1209696800.1609386315&tid=UA-148856088-2&_gid=1030105671.1609386315&gtm=2oubu0&z=1096866139
Requested by
Host: www.googledriverkhonggioihan.com
URL: https://www.googledriverkhonggioihan.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.googledriverkhonggioihan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Dec 2020 07:07:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
74237
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
tet1.png
lh4.googleusercontent.com/-HXBsyeylNsk/XDQOO3VSvjI/AAAAAAAACm0/mN6mv1PCfgc8o3PrRm_kvBWN7KmMjsPqQCLcBGAs/s1600/ 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh4.googleusercontent.com/-HXBsyeylNsk/XDQOO3VSvjI/AAAAAAAACm0/mN6mv1PCfgc8o3PrRm_kvBWN7KmMjsPqQCLcBGAs/s1600/tet1.png
Requested by
Host: www.googledriverkhonggioihan.com
URL: https://www.googledriverkhonggioihan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8429ab93ea128b4a71fc8da1260a81420a66bcddfe56a75c198990a06c996468
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.googledriverkhonggioihan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 31 Dec 2020 03:45:15 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="tet1.png"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87501
x-xss-protection
0
server
fife
etag
"va6e"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 21 Dec 2020 04:32:20 GMT
tet2.png
lh4.googleusercontent.com/-tlsSRiDAay8/XDQOjlNI5uI/AAAAAAAACm8/66f7Unvw1J039PCBEUX9q-gFOfUw8JoGgCLcBGAs/s1600/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh4.googleusercontent.com/-tlsSRiDAay8/XDQOjlNI5uI/AAAAAAAACm8/66f7Unvw1J039PCBEUX9q-gFOfUw8JoGgCLcBGAs/s1600/tet2.png
Requested by
Host: www.googledriverkhonggioihan.com
URL: https://www.googledriverkhonggioihan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ab5c489d02d1e227188b4bdf8fac81652e1916974051a719e7098e169f1ab938
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.googledriverkhonggioihan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 31 Dec 2020 03:45:15 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="tet2.png"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100246
x-xss-protection
0
server
fife
etag
"va70"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 28 Dec 2020 09:29:43 GMT
chuc-tet-to-ny.mp3
blog.ladipage.vn/wp-content/uploads/2019/12/ 		160 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://blog.ladipage.vn/wp-content/uploads/2019/12/chuc-tet-to-ny.mp3
Requested by
Host: www.googledriverkhonggioihan.com
URL: https://www.googledriverkhonggioihan.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.122.220.213 , Viet Nam, ASN56150 (VHOST-AS-VN Viet Solutions Services Trading Company Limited, VN),
Reverse DNS
Software
Apache/2 /
Resource Hash

Request headers

Referer
https://www.googledriverkhonggioihan.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

Date
Thu, 31 Dec 2020 03:43:46 GMT
Last-Modified
Mon, 16 Dec 2019 06:44:03 GMT
Server
Apache/2
ETag
"486791-599cc898b7f01"
Content-Type
audio/mpeg
Content-Range
bytes 0-4745104/4745105
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=100
Content-Length
4745105
collect
www.google-analytics.com/ 		35 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&a=1538966365&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.googledriverkhonggioihan.com%2F&ul=en-us&de=UTF-8&dt=%C6%AFu%20%C4%90%C3%A3i%20Gi%E1%BA%A3m%20Gi%C3%A1%20Google%20Drive%20Unlimited&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=LadiPageTimeOnPage&ea=TimeOnPage_10_seconds&el=www.googledriverkhonggioihan.com%2F&_u=KEBAAUABAAAAAC~&jid=&gjid=&cid=1209696800.1609386315&tid=UA-148856088-2&_gid=1030105671.1609386315&gtm=2oubu0&z=187394038
Requested by
Host: www.googledriverkhonggioihan.com
URL: https://www.googledriverkhonggioihan.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.googledriverkhonggioihan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Dec 2020 07:07:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
74247
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1538966365&t=event&ni=1&_s=4&dl=https%3A%2F%2Fwww.googledriverkhonggioihan.com%2F&ul=en-us&de=UTF-8&dt=%C6%AFu%20%C4%90%C3%A3i%20Gi%E1%BA%A3m%20Gi%C3%A1%20Google%20Drive%20Unlimited&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=LadiPageTimeOnPage&ea=TimeOnPage_30_seconds&el=www.googledriverkhonggioihan.com%2F&_u=KEBAAUABAAAAAC~&jid=1299742484&gjid=644838124&cid=1209696800.1609386315&tid=UA-148856088-2&_gid=1030105671.1609386315&_r=1&gtm=2oubu0&z=1428026736
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.googledriverkhonggioihan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Dec 2020 03:45:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.googledriverkhonggioihan.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| ladi_viewport boolean| ladi_is_desktop function| gtag object| dataLayer function| fbAsyncInit object| FB object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| LadiPageScriptV2 object| Base64 object| LadiPageScript object| LadiFormApi function| parseFloatLadiPage function| lightbox_run function| lightbox_iframe function| lightbox_image function| lightbox_video function| LadiPageLibraryV2 function| LadiPageAppV2 function| ladi object| LadiPageApp function| getCoupon function| NhanCoupon function| DisplayCoupon number| lastScroll

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ladipage.com
blog.ladipage.vn
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
lh4.googleusercontent.com
spreadsheets.google.com
static.ladipage.net
w.ladicdn.com
www.facebook.com
www.google-analytics.com
www.googledriverkhonggioihan.com
www.googletagmanager.com
2606:4700::6812:c44
2a00:1450:4001:801::200e
2a00:1450:4001:809::2008
2a00:1450:4001:809::200e
2a00:1450:4001:81c::2001
2a00:1450:4001:81d::200a
2a00:1450:4001:81e::2003
2a00:1450:4001:820::200e
2a00:1450:4001:825::2003
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
45.122.220.213
52.221.6.123
52.74.211.60
54.254.168.41
08eec2be8e1595c7c7610a3c9eb386b720c358bf29e5562138243ef74026757f
0dd542f56448c468d96d554d8015420ef092debb0eae9ac5adca061cb129887e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1e270b545a7111845a3a8d918ff2efe5a2fd574feae181d76a6cfacb52d04672
20e93f57730382e2577caca90a532d4d5384f0f6bc1e947c582c9ec886f08a47
287605fd293c9635d7edce4f9fd1b96e6977ec05607aad46a891daa82d2c6e23
330f013510cb63e5096f8720859694ad2d578d0a62af203e6d6881d1b5e635ff
35327bcecf226f1e75d221cf9b537d5d8a127dd1e38298cc4596bcf638f6071a
3d036e33f36f84e883c6a12bc3b7529fc1cdb35776ce8924d9e08ba6f53f85f4
436eea189f9ca573b9238c4f78887b9d6cb6109282eda8f69f0a067502ade266
463481f89055f6e1601dd7b220a6a67d9af3fb6300372bef408431f7a6070948
485adeb6c377bbadcac0b703df2d40ec4a893d2142d737c95b069d0d935b72b3
53fcba8114efd90156f80b8b96608131acf0eb8ce7cc04b5f08fad0fecccd5cf
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
56d093902a26b6d8e96b04bf6f20f2d9b313857ceed5359b86d87b0ed2812927
5f42b274abf155e3feb792980f89e960e4f93b6623aef3436579e2d85db52019
6446b6826bb6136c8782e74d99a2ea78cc9cb508cf61f4020fee5415f108c7e1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8429ab93ea128b4a71fc8da1260a81420a66bcddfe56a75c198990a06c996468
86955cbac55535682f0cea986279aed0a7b6e7f327557178eabe29fb1a8fee3c
a0e89bf9070896e8016be5d04a290635ea0a95e9c8bc6dbfcd3ee45bc41fc5a0
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
ab5c489d02d1e227188b4bdf8fac81652e1916974051a719e7098e169f1ab938
b067af96b884ecb8d72be60a091ed2c3a2f5e623bc7a1b8d24f1c4c85d72f3ef
b47478ebfad192488b281cb20b85ef93444ff24c547c4a03511e400defb38aa5
b5bc4f2d9e78ed7161722678a992ec9875bd4faaefcb7b692e12b80015cbb1a5
bd4f181e1f9d2bd79d633aaa7c9960880c555909fff8464c4fb6362361c654ab
c21c5b1826e4747f5acd01b837b53e61071a40e24ee7e6d5d00e2b76ef8e69ff
c950f9d8711acbcb718c05c7d12d9297acfd418b228382d45c92c36deab49b12
d4848c5ab805ac72abf9d2d951fd4b686a9521bc5285b31a447cb828e55adac9
db54079d651ca19740d206708f00f7eaf73a8995bff792846712165278799ccb
e41a46d1c59f1d14df647ad1c1c5bb5a9f80814cd9463f86db29b06916707165
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ea4a5b318e39599f0f9cc0276ea20b28b06f224d5d850ee079d61fee168e32a1
ed22eb83dd9f1da5bd30870a6b8f220969abb377f5bd3e48965bb5d290066b5b