urlscan.io logo urlscan.io
SecurityTrails logo

thc-online.com Open in urlscan Pro
96.45.82.110  Public Scan

Go To Rescan Add Verdict Report
URL: http://thc-online.com/
Submission: On March 31 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 2 countries across 16 domains to perform 55 HTTP transactions. The main IP is 96.45.82.110, located in United States and belongs to TIGGEE, US. The main domain is thc-online.com.
This is the only time thc-online.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    96.45.82.110 (United States)

ASN16552 (TIGGEE, US)
PTR: redirection.dnsmadeeasy.com
thc-online.com
1    208.80.120.70 (Ashburn, United States)

ASN16552 (TIGGEE, US)
PTR: systems.tiggee.net
rumjs.rumito.net
27    104.199.115.136 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 136.115.199.104.bc.googleusercontent.com
www.thcmi.com
thcmi.com
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    34.225.110.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-110-192.compute-1.amazonaws.com
ad.ipredictive.com
1    34.197.253.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-253-42.compute-1.amazonaws.com
t.sf14g.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
www.googleadservices.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
5    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
27 thcmi.com
www.thcmi.com
thcmi.com
982 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 5640
1 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 7
1 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
5 KB
3 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 105
16 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70
115 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 99
388 B
2 gstatic.com
www.gstatic.com
22 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 136
115 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
20 KB
1 sf14g.com
t.sf14g.com — Cisco Umbrella Rank: 50637
1 ipredictive.com
ad.ipredictive.com — Cisco Umbrella Rank: 6379
1 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 280
83 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 694
6 KB
1 rumito.net
rumjs.rumito.net — Cisco Umbrella Rank: 700145
3 KB
1 thc-online.com
thc-online.com
1001 B
55 16
Domain Requested by
26 thcmi.com thc-online.com
thcmi.com
5 www.google.de thcmi.com
4 www.google.com 1 redirects thcmi.com
4 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
3 www.googleadservices.com 1 redirects www.googletagmanager.com
www.googleadservices.com
3 www.googletagmanager.com thcmi.com
www.googletagmanager.com
2 www.facebook.com thcmi.com
2 www.gstatic.com www.googletagmanager.com
www.gstatic.com
2 connect.facebook.net thcmi.com
connect.facebook.net
1 www.google-analytics.com www.googletagmanager.com
1 t.sf14g.com thcmi.com
1 ad.ipredictive.com thcmi.com
1 ajax.googleapis.com thcmi.com
1 maxcdn.bootstrapcdn.com thcmi.com
1 www.thcmi.com 1 redirects
1 rumjs.rumito.net thc-online.com
1 thc-online.com
55 17

This site contains no links.

Subject Issuer Validity Valid
*.rumito.net
Sectigo RSA Domain Validation Secure Server CA		 2020-02-20 -
2022-05-24		 2 years crt.sh
thcmi.com
R3		 2022-02-25 -
2022-05-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.ipredictive.com
Amazon		 2021-05-13 -
2022-06-11		 a year crt.sh
t.sf14g.com
Go Daddy Secure Certificate Authority - G2		 2021-07-11 -
2022-08-12		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-01-08 -
2022-04-08		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://thc-online.com/
Frame ID: 4CCC36BBBC3C401FE31A439AF0115265
Requests: 2 HTTP requests in this frame

Frame: https://thcmi.com/
Frame ID: 7A9A22808E95EF6077AB189E3453D201
Requests: 53 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

55
Requests

95 %
HTTPS

63 %
IPv6

16
Domains

17
Subdomains

16
IPs

2
Countries

1370 kB
Transfer

2512 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://www.thcmi.com/ HTTP 301
  • https://thcmi.com/
Request Chain 45
  • https://www.googleadservices.com/pagead/conversion/976818556/wcm?cc=ZZ&dn=2485937423&cl=IMH7CPnPzs4BEPyi5NED&ref=http%3A%2F%2Fthc-online.com%2F&ct_eid=2 HTTP 302
  • https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=2485937423&cl=IMH7CPnPzs4BEPyi5NED
Request Chain 46
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/976818556/?random=1142616670&cv=9&fst=1648753744185&num=1&label=-ZGLCLK5vs4BEPyi5NED&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3u0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Fthcmi.com%2F&ref=http%3A%2F%2Fthc-online.com%2F&tiba=Total%20Health%20Care&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=UPxFYtn3DsyBb47Eg-gO&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/976818556/?random=1142616670&cv=9&fst=1648753744185&num=1&label=-ZGLCLK5vs4BEPyi5NED&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3u0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Fthcmi.com%2F&ref=http%3A%2F%2Fthc-online.com%2F&tiba=Total%20Health%20Care&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=UPxFYtn3DsyBb47Eg-gO&random=139450569&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/976818556/?random=1142616670&cv=9&fst=1648753744185&num=1&label=-ZGLCLK5vs4BEPyi5NED&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3u0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Fthcmi.com%2F&ref=http%3A%2F%2Fthc-online.com%2F&tiba=Total%20Health%20Care&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=UPxFYtn3DsyBb47Eg-gO&random=139450569&resp=GooglemKTybQhCsO&ipr=y&prhg=0

55 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
thc-online.com/ 		829 B
1001 B 		Document
General
Check archive.org
Download Go to
Full URL
http://thc-online.com/
Protocol
HTTP/1.1
Server
96.45.82.110 , United States, ASN16552 (TIGGEE, US),
Reverse DNS
redirection.dnsmadeeasy.com
Software
DNSME HTTP Redirection /
Resource Hash
858efeea7b2512928d58ba400401b6580ba2b89d2e41ff75c11d8a8922ecef49

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Connection
close
Content-Length
829
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 31 Mar 2022 19:09:01 GMT
Server
DNSME HTTP Redirection
56441
rumjs.rumito.net/rumjs/script/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumjs.rumito.net/rumjs/script/56441
Requested by
Host: thc-online.com
URL: http://thc-online.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.80.120.70 Ashburn, United States, ASN16552 (TIGGEE, US),
Reverse DNS
systems.tiggee.net
Software
/
Resource Hash
d8c22c6621adb5693e735359aef4e9f82620ad238dfa90ba31947ce2ef64e2b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://thc-online.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Thu, 31 Mar 2022 19:09:02 GMT
Connection
keep-alive
Content-Length
2519
Content-Type
text/javascript
/
thcmi.com/ Frame 7A9A
Redirect Chain
  • https://www.thcmi.com/
  • https://thcmi.com/
44 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thcmi.com/
Requested by
Host: thc-online.com
URL: http://thc-online.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.115.136 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
136.115.199.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
9c1df91628fc175e771a6912795d63eb8d230ad9ba64d62765bd12cb375fa2a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://thc-online.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
max-age=600, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 31 Mar 2022 19:09:03 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://thcmi.com/wp-json/>; rel="https://api.w.org/"
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
nginx
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 1
x-cache-group
normal
x-cacheable
SHORT
x-powered-by
WP Engine

Redirect headers

cache-control
max-age=600, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 31 Mar 2022 19:09:02 GMT
expires
Thu, 31 Mar 2022 16:42:50 GMT
location
https://thcmi.com/
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
nginx
x-cache
HIT: 2
x-cache-group
normal
x-cacheable
non200
x-powered-by
WP Engine
x-redirect-by
WordPress
bootstrap.min.css
thcmi.com/wp-content/themes/thcmi2015-merged/css/ Frame 7A9A 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thcmi.com/wp-content/themes/thcmi2015-merged/css/bootstrap.min.css
Requested by
Host: thcmi.com
URL: https://thcmi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.115.136 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
136.115.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 19:09:03 GMT
content-encoding
br
last-modified
Wed, 02 Mar 2022 12:11:20 GMT
server
nginx
etag
W/"621f5ee8-1d970"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
bootstrap-theme.min.css
thcmi.com/wp-content/themes/thcmi2015-merged/css/ Frame 7A9A 		23 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thcmi.com/wp-content/themes/thcmi2015-merged/css/bootstrap-theme.min.css
Requested by
Host: thcmi.com
URL: https://thcmi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.115.136 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
136.115.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 19:09:03 GMT
content-encoding
br
last-modified
Wed, 02 Mar 2022 12:11:20 GMT
server
nginx
etag
W/"621f5ee8-5b71"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
all.css
thcmi.com/wp-content/themes/thcmi2015-merged/ Frame 7A9A 		103 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thcmi.com/wp-content/themes/thcmi2015-merged/all.css
Requested by
Host: thcmi.com
URL: https://thcmi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.115.136 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
136.115.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
98f8ec00415d8b04f967f791ff9eca72c02466735f80384c3a9b5084a4ed3e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 19:09:03 GMT
content-encoding
br
last-modified
Wed, 02 Mar 2022 12:11:18 GMT
server
nginx
etag
W/"621f5ee6-19c7c"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
thcmi.com/wp-content/themes/thcmi2015-merged/ Frame 7A9A 		103 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thcmi.com/wp-content/themes/thcmi2015-merged/style.css
Requested by
Host: thcmi.com
URL: https://thcmi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.115.136 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
136.115.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
9022a1a9927f0a8394e65335cac7cae4f6b02d2c131967e335f15354299dff0a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 19:09:03 GMT
content-encoding
br
last-modified
Wed, 02 Mar 2022 12:11:18 GMT
server
nginx
etag
W/"621f5ee6-19b4c"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ Frame 7A9A 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Requested by
Host: thcmi.com
URL: https://thcmi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 19:09:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
617, 617
age
5656439
cdn-cachedat
2021-04-13 02:48:33
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
3e4766ad0ddfa4bdecb1b0dc22b73ef7
cf-ray
6f4b60925b8f915e-FRA
cdn-requestcountrycode
US
cdn-requestpullsuccess
True
style.min.css
thcmi.com/wp-includes/css/dist/block-library/ Frame 7A9A 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thcmi.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.2
Requested by
Host: thcmi.com
URL: https://thcmi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.115.136 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
136.115.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 19:09:03 GMT
content-encoding
br
last-modified
Thu, 17 Feb 2022 19:42:26 GMT
server
nginx
etag
W/"620ea522-145a9"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
font-awesome.min.css
thcmi.com/wp-content/plugins/easy-accordion-pro/public/assets/css/ Frame 7A9A 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thcmi.com/wp-content/plugins/easy-accordion-pro/public/assets/css/font-awesome.min.css?ver=2.0.15
Requested by
Host: thcmi.com
URL: https://thcmi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.115.136 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
136.115.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 19:09:03 GMT
content-encoding
br
last-modified
Wed, 02 Mar 2022 12:11:22 GMT
server
nginx
etag
W/"621f5eea-7918"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
animate.min.css
thcmi.com/wp-content/plugins/easy-accordion-pro/public/assets/css/ Frame 7A9A 		59 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thcmi.com/wp-content/plugins/easy-accordion-pro/public/assets/css/animate.min.css?ver=2.0.15
Requested by
Host: thcmi.com
URL: https://thcmi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.115.136 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
136.115.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
65dd6889d365fae9da48f682478473eafbd5b43fad51d047cfd8503517f895ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 19:09:03 GMT
content-encoding
br
last-modified
Wed, 02 Mar 2022 12:11:22 GMT
server
nginx
etag
W/"621f5eea-ebb9"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
ea-style.min.css
thcmi.com/wp-content/plugins/easy-accordion-pro/public/assets/css/ Frame 7A9A 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thcmi.com/wp-content/plugins/easy-accordion-pro/public/assets/css/ea-style.min.css?ver=2.0.15
Requested by
Host: thcmi.com
URL: https://thcmi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.115.136 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
136.115.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
5e5aa8eefe233c70ee38c9459efb44e92a5490c10801e3a99d0b8e3eb7aadbe0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 19:09:03 GMT
content-encoding
br
last-modified
Wed, 02 Mar 2022 12:11:22 GMT
server
nginx
etag
W/"621f5eea-2bdf"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ Frame 7A9A 		82 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js?ver=5.9.2
Requested by
Host: thcmi.com
URL: https://thcmi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 05:31:25 GMT
x-content-type-options
nosniff
age
567458
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84380
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Mar 2023 05:31:25 GMT
bootstrap.min.js
thcmi.com/wp-content/themes/thcmi2015-merged/js/ Frame 7A9A 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thcmi.com/wp-content/themes/thcmi2015-merged/js/bootstrap.min.js?ver=5.9.2
Requested by
Host: thcmi.com
URL: https://thcmi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.115.136 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
136.115.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 19:09:03 GMT
content-encoding
br
last-modified
Wed, 02 Mar 2022 12:11:20 GMT
server
nginx
etag
W/"621f5ee8-90b5"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.main.js
thcmi.com/wp-content/themes/thcmi2015-merged/js/ Frame 7A9A 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thcmi.com/wp-content/themes/thcmi2015-merged/js/jquery.main.js
Requested by
Host: thcmi.com
URL: https://thcmi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.115.136 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
136.115.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
a2f41a1256fc2fe4293d07fd05dff174e1946f7c5138b08d926ebdcc666efdb3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 19:09:03 GMT
content-encoding
br
last-modified
Wed, 02 Mar 2022 12:11:20 GMT
server
nginx
etag
W/"621f5ee8-bf21"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
js
www.googletagmanager.com/gtag/ Frame 7A9A 		103 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-976818556
Requested by
Host: thcmi.com
URL: https://thcmi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7ccd4f19febe0a688a85b93292973dd662708cce0ba42f5290a217d782a07806
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 19:09:04 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41395
x-xss-protection
0
last-modified
Thu, 31 Mar 2022 18:22:41 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 31 Mar 2022 19:09:04 GMT
js
www.googletagmanager.com/gtag/ Frame 7A9A 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-44192272-1
Requested by
Host: thcmi.com
URL: https://thcmi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
80606184f38258b97c4d20e7cd92f048f71654d26c82f047c65381ffde01574d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 19:09:04 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37982
x-xss-protection
0
last-modified
Thu, 31 Mar 2022 18:22:41 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 31 Mar 2022 19:09:04 GMT
ph-logo.png
thcmi.com/wp-content/uploads/2021/10/ Frame 7A9A 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thcmi.com/wp-content/uploads/2021/10/ph-logo.png
Requested by
Host: thcmi.com
URL: https://thcmi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.115.136 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
136.115.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
ca109859a4965cc543f1b0df530615a5d9dff5df1bdf029965489d26fdb708cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 19:09:04 GMT
last-modified
Wed, 02 Mar 2022 12:11:16 GMT
server
nginx
etag
"621f5ee4-b6e3"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
46819
img-webmd-banner.jpg
thcmi.com/wp-content/themes/thcmi2015-merged/images/ Frame 7A9A 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thcmi.com/wp-content/themes/thcmi2015-merged/images/img-webmd-banner.jpg
Requested by
Host: thcmi.com
URL: https://thcmi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.115.136 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
136.115.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
0345cc5982611defe2b9a3beacd50e2691e92053cdf984a02a4a45039d001ea4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 19:09:04 GMT
last-modified
Wed, 02 Mar 2022 12:11:20 GMT
server
nginx
etag
"621f5ee8-347a"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
13434
new-ncqa-logo.png
thcmi.com/wp-content/uploads/2016/12/ Frame 7A9A 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thcmi.com/wp-content/uploads/2016/12/new-ncqa-logo.png
Requested by
Host: thcmi.com
URL: https://thcmi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.115.136 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
136.115.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
a25fb202ccf059c534dbc9fad1d826f0e9f4c5afd4aa6ee586661ca497fe18b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 19:09:04 GMT
last-modified
Wed, 02 Mar 2022 12:11:17 GMT
server
nginx
etag
"621f5ee5-5ec1"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
24257
img-modal-plus.png
thcmi.com/wp-content/uploads/2015/11/ Frame 7A9A 		365 B
566 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thcmi.com/wp-content/uploads/2015/11/img-modal-plus.png
Requested by
Host: thcmi.com
URL: https://thcmi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.115.136 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
136.115.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
72576d0501533517f8cfe0b29b753d135b5dcb105d452eceab68ca6379331106

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 19:09:04 GMT
last-modified
Wed, 02 Mar 2022 12:11:17 GMT
server
nginx
etag
"621f5ee5-16d"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
365
icon-small-biz.png
thcmi.com/wp-content/uploads/2015/11/ Frame 7A9A 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thcmi.com/wp-content/uploads/2015/11/icon-small-biz.png
Requested by
Host: thcmi.com
URL: https://thcmi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.115.136 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
136.115.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
dd8e330a7dcc1d5b48ad47def62c802c4e76fe47703c3bebbb74ceddac9e3cf4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 19:09:04 GMT
last-modified
Wed, 02 Mar 2022 12:11:17 GMT
server
nginx
etag
"621f5ee5-117b"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
4475
icon-big-biz.png
thcmi.com/wp-content/uploads/2015/11/ Frame 7A9A 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thcmi.com/wp-content/uploads/2015/11/icon-big-biz.png
Requested by
Host: thcmi.com
URL: https://thcmi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.115.136 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
136.115.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
497b601b49a74cc384fabf08bc567866368cf6503c9ee3e4c66765779ba52d05

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 19:09:04 GMT
last-modified
Wed, 02 Mar 2022 12:11:17 GMT
server
nginx
etag
"621f5ee5-11fb"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
4603
img-modal-heart.png
thcmi.com/wp-content/uploads/2015/11/ Frame 7A9A 		815 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thcmi.com/wp-content/uploads/2015/11/img-modal-heart.png
Requested by
Host: thcmi.com
URL: https://thcmi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.115.136 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
136.115.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
e81734a154b3f9e0546a090f892f0805ae30396d31fab855ce7e51fb800f83c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 19:09:04 GMT
last-modified
Wed, 02 Mar 2022 12:11:17 GMT
server
nginx
etag
"621f5ee5-32f"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
815
pixel
ad.ipredictive.com/d/rt/ Frame 7A9A 		631 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.ipredictive.com/d/rt/pixel?rtsite_id=46457&uuid=82ff9f45-ae16-4eff-af56-209d7c9def89&rr=CACHE_BUSTER
Requested by
Host: thcmi.com
URL: https://thcmi.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.110.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-110-192.compute-1.amazonaws.com
Software
/
Resource Hash
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Thu, 31 Mar 2022 19:09:03 GMT
Connection
keep-alive
Content-Length
631
X-CI-RTID
0811f199-b126-11ec-9615-97430edab4ed
Content-Type
image/jpeg
main.js
thcmi.com/wp-content/themes/thcmi2015-merged/js/ Frame 7A9A 		20 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thcmi.com/wp-content/themes/thcmi2015-merged/js/main.js?cb=33&ver=1
Requested by
Host: thcmi.com
URL: https://thcmi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.115.136 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
136.115.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
a0c149402673dc86ff5f7a8e4ed5fcc08bf78df7e01218025bbdb03e6258e517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 19:09:04 GMT
content-encoding
br
last-modified
Wed, 02 Mar 2022 12:11:20 GMT
server
nginx
etag
W/"621f5ee8-4fac"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
wp-emoji-release.min.js
thcmi.com/wp-includes/js/ Frame 7A9A 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thcmi.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.2
Requested by
Host: thcmi.com
URL: https://thcmi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.115.136 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
136.115.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 19:09:04 GMT
content-encoding
br
last-modified
Tue, 08 Jun 2021 22:15:12 GMT
server
nginx
etag
W/"60bfebf0-4705"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
sf14g.js
t.sf14g.com/ Frame 7A9A 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sf14g.com/sf14g.js
Requested by
Host: thcmi.com
URL: https://thcmi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.253.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-253-42.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
fbevents.js
connect.facebook.net/en_US/ Frame 7A9A 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: thcmi.com
URL: https://thcmi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26320
x-xss-protection
0
pragma
public
x-fb-debug
o0Md1bvGxfBSxVnW3l5h3fzwa+lhPKkRE1bK5LXW3UM5XMinn5VicNbTwMt1hBe9lwvln5ktOpZ7a8y+KE9nrg==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 31 Mar 2022 19:09:04 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
thc_background.jpg
thcmi.com/wp-content/themes/thcmi2015-merged/images/ Frame 7A9A 		676 KB
677 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thcmi.com/wp-content/themes/thcmi2015-merged/images/thc_background.jpg
Requested by
Host: thcmi.com
URL: https://thcmi.com/wp-content/themes/thcmi2015-merged/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.115.136 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
136.115.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
51a695a7dfa3415b42051162c8547c5b376efb7a2486ae4cd0d6999a9ee87e7e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/wp-content/themes/thcmi2015-merged/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 19:09:04 GMT
last-modified
Wed, 02 Mar 2022 12:11:20 GMT
server
nginx
etag
"621f5ee8-a8eb1"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
691889
img-logo.png
thcmi.com/wp-content/themes/thcmi2015-merged/images/ Frame 7A9A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thcmi.com/wp-content/themes/thcmi2015-merged/images/img-logo.png
Requested by
Host: thcmi.com
URL: https://thcmi.com/wp-content/themes/thcmi2015-merged/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.115.136 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
136.115.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
64f1278f549dc1e6366898be158255c70ccb8a17bcdd8b775b765707141df71e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/wp-content/themes/thcmi2015-merged/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 19:09:04 GMT
last-modified
Wed, 02 Mar 2022 12:11:20 GMT
server
nginx
etag
"621f5ee8-a4b"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2635
img-search.png
thcmi.com/wp-content/themes/thcmi2015-merged/images/ Frame 7A9A 		425 B
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thcmi.com/wp-content/themes/thcmi2015-merged/images/img-search.png
Requested by
Host: thcmi.com
URL: https://thcmi.com/wp-content/themes/thcmi2015-merged/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.115.136 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
136.115.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
7f4490ea95847e043ad17acd097c170057af330135b769ef5e237c6acf68dfaa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/wp-content/themes/thcmi2015-merged/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 19:09:04 GMT
last-modified
Wed, 02 Mar 2022 12:11:20 GMT
server
nginx
etag
"621f5ee8-1a9"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
425
bg-diagnal-lines.png
thcmi.com/wp-content/themes/thcmi2015-merged/images/ Frame 7A9A 		116 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thcmi.com/wp-content/themes/thcmi2015-merged/images/bg-diagnal-lines.png
Requested by
Host: thcmi.com
URL: https://thcmi.com/wp-content/themes/thcmi2015-merged/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.115.136 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
136.115.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
f48d5730450fdd9b6c0d9d2522ebdd7ce1318b738c08ac6e831c6d448c684e86

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/wp-content/themes/thcmi2015-merged/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 19:09:04 GMT
last-modified
Wed, 02 Mar 2022 12:11:20 GMT
server
nginx
etag
"621f5ee8-74"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
116
sprite.png
thcmi.com/wp-content/themes/thcmi2015-merged/images/ Frame 7A9A 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thcmi.com/wp-content/themes/thcmi2015-merged/images/sprite.png
Requested by
Host: thcmi.com
URL: https://thcmi.com/wp-content/themes/thcmi2015-merged/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.115.136 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
136.115.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
c0374ecb52492ab8603363a3583ffb69f8cd53f0654d04316948bf66484f5819

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/wp-content/themes/thcmi2015-merged/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 19:09:04 GMT
last-modified
Wed, 02 Mar 2022 12:11:20 GMT
server
nginx
etag
"621f5ee8-10a3"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
4259
fontawesome-webfont.woff2
thcmi.com/wp-content/plugins/easy-accordion-pro/public/assets/fonts/ Frame 7A9A 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thcmi.com/wp-content/plugins/easy-accordion-pro/public/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: thcmi.com
URL: https://thcmi.com/wp-content/plugins/easy-accordion-pro/public/assets/css/font-awesome.min.css?ver=2.0.15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.115.136 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
136.115.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://thcmi.com/wp-content/plugins/easy-accordion-pro/public/assets/css/font-awesome.min.css?ver=2.0.15
Origin
https://thcmi.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 19:09:04 GMT
last-modified
Wed, 02 Mar 2022 12:11:22 GMT
server
nginx
etag
"621f5eea-12d68"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
77160
2703011113315670
connect.facebook.net/signals/config/ Frame 7A9A 		307 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2703011113315670?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a7d769cc2e99461469d4d1bbf2819e259694056d9ffbba1ddc8651d2cbf7db39
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
fsNajoqmHCNd4WJ9xDYnavg3KqMJ/SnjOKx7fkKHu7HgHnktRtS2JPv07MenBv3aJshUuZ1WcYDPIUjSr6FBAg==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 31 Mar 2022 19:09:04 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ Frame 7A9A 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-976818556
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
9616865a4344d7bd7631fb93925d422d89ea1db93bc52f9d217354841c2bdf3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 19:09:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14883
x-xss-protection
0
server
cafe
etag
14534967036905587165
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 19:09:04 GMT
loader.js
www.gstatic.com/wcm/ Frame 7A9A 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/wcm/loader.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-976818556
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 19:03:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
350
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
last-modified
Mon, 15 Mar 2021 16:45:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 31 Mar 2022 20:03:14 GMT
js
www.googletagmanager.com/gtag/ Frame 7A9A 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-44192272-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-976818556
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c86d27630f679bcf9457308ae1ec8379f2bd260712beeef8c5f21e6a7f89cd18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 19:09:04 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37987
x-xss-protection
0
last-modified
Thu, 31 Mar 2022 18:22:41 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 31 Mar 2022 19:09:04 GMT
analytics.js
www.google-analytics.com/ Frame 7A9A 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-44192272-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5654
date
Thu, 31 Mar 2022 17:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 31 Mar 2022 19:34:50 GMT
call-tracking_7.js
www.gstatic.com/call-tracking/ Frame 7A9A 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/call-tracking/call-tracking_7.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 07:29:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
560355
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21020
x-xss-protection
0
last-modified
Wed, 03 Feb 2021 22:45:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-telephony"
vary
Accept-Encoding
report-to
{"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Mar 2023 07:29:49 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/976818556/ Frame 7A9A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/976818556/?random=1648753744183&cv=9&fst=1648753744183&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3u0&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fthcmi.com%2F&ref=http%3A%2F%2Fthc-online.com%2F&tiba=Total%20Health%20Care&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c39aa47d7b63ec8926465b69b607bd4eb9133ce2fc90cf693286ff6f20e4db82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 19:09:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1037
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/976818556/ Frame 7A9A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/976818556/?random=1648753744185&cv=9&fst=1648753744185&num=1&label=-ZGLCLK5vs4BEPyi5NED&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3u0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Fthcmi.com%2F&ref=http%3A%2F%2Fthc-online.com%2F&tiba=Total%20Health%20Care&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
902d51323662a9c7c5d9d1e07389e7b82868e3f9d3805c64105906bcec054a92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 19:09:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1137
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/976818556/ Frame 7A9A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/976818556/?random=1648753744201&cv=9&fst=1648753744201&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3u0&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fthcmi.com%2F&ref=http%3A%2F%2Fthc-online.com%2F&tiba=Total%20Health%20Care&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a476fef3cc488d901bab154aed1dc3a85ce5b71cfd419bcc9ff8294fe6e298ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 19:09:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1036
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/976818556/ Frame 7A9A 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/976818556/?random=1648753744202&cv=9&fst=1648753744202&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3u0&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fthcmi.com%2F&ref=http%3A%2F%2Fthc-online.com%2F&tiba=Total%20Health%20Care&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
72ac652c924fe14d5d978fa6819d72d9712bf702770231c2b6d385bf105aa9c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 19:09:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1034
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame 7A9A 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2703011113315670&ev=PageView&dl=https%3A%2F%2Fthcmi.com%2F&rl=http%3A%2F%2Fthc-online.com%2F&if=true&ts=1648753744265&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&it=1648753744052&coo=false&rqm=GET
Requested by
Host: thcmi.com
URL: https://thcmi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 19:09:04 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Thu, 31 Mar 2022 19:09:04 GMT
wcm
www.google.de/pagead/attribution/ Frame 7A9A
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/976818556/wcm?cc=ZZ&dn=2485937423&cl=IMH7CPnPzs4BEPyi5NED&ref=http%3A%2F%2Fthc-online.com%2F&ct_eid=2
  • https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=2485937423&cl=IMH7CPnPzs4BEPyi5NED
80 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=2485937423&cl=IMH7CPnPzs4BEPyi5NED
Requested by
Host: thcmi.com
URL: https://thcmi.com/
Protocol
H2
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 19:09:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
application/json; charset=UTF-8
access-control-allow-origin
null
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87
x-xss-protection
0

Redirect headers

timing-allow-origin
*
date
Thu, 31 Mar 2022 19:09:04 GMT
x-content-type-options
nosniff
server
cafe
location
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=2485937423&cl=IMH7CPnPzs4BEPyi5NED
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
https://thcmi.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
/
www.google.de/pagead/1p-conversion/976818556/ Frame 7A9A
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/976818556/?random=1142616670&cv=9&fst=1648753744185&num=1&label=-ZGLCLK5vs4BEPyi5NED&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=120...
  • https://www.google.com/pagead/1p-conversion/976818556/?random=1142616670&cv=9&fst=1648753744185&num=1&label=-ZGLCLK5vs4BEPyi5NED&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&...
  • https://www.google.de/pagead/1p-conversion/976818556/?random=1142616670&cv=9&fst=1648753744185&num=1&label=-ZGLCLK5vs4BEPyi5NED&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/976818556/?random=1142616670&cv=9&fst=1648753744185&num=1&label=-ZGLCLK5vs4BEPyi5NED&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3u0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Fthcmi.com%2F&ref=http%3A%2F%2Fthc-online.com%2F&tiba=Total%20Health%20Care&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=UPxFYtn3DsyBb47Eg-gO&random=139450569&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Requested by
Host: thcmi.com
URL: https://thcmi.com/
Protocol
H3
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 19:09:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 31 Mar 2022 19:09:04 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/976818556/?random=1142616670&cv=9&fst=1648753744185&num=1&label=-ZGLCLK5vs4BEPyi5NED&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3u0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2Fthcmi.com%2F&ref=http%3A%2F%2Fthc-online.com%2F&tiba=Total%20Health%20Care&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=UPxFYtn3DsyBb47Eg-gO&random=139450569&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/976818556/ Frame 7A9A 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/976818556/?random=1648753744183&cv=9&fst=1648753200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3u0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fthcmi.com%2F&ref=http%3A%2F%2Fthc-online.com%2F&tiba=Total%20Health%20Care&async=1&fmt=3&is_vtc=1&random=2793283411&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: thcmi.com
URL: https://thcmi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 19:09:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/976818556/ Frame 7A9A 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/976818556/?random=1648753744183&cv=9&fst=1648753200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3u0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fthcmi.com%2F&ref=http%3A%2F%2Fthc-online.com%2F&tiba=Total%20Health%20Care&async=1&fmt=3&is_vtc=1&random=2793283411&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: thcmi.com
URL: https://thcmi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 19:09:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/976818556/ Frame 7A9A 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/976818556/?random=1648753744202&cv=9&fst=1648753200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3u0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fthcmi.com%2F&ref=http%3A%2F%2Fthc-online.com%2F&tiba=Total%20Health%20Care&async=1&fmt=3&is_vtc=1&random=1531200102&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: thcmi.com
URL: https://thcmi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 19:09:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/976818556/ Frame 7A9A 		42 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/976818556/?random=1648753744202&cv=9&fst=1648753200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3u0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fthcmi.com%2F&ref=http%3A%2F%2Fthc-online.com%2F&tiba=Total%20Health%20Care&async=1&fmt=3&is_vtc=1&random=1531200102&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: thcmi.com
URL: https://thcmi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 19:09:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/976818556/ Frame 7A9A 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/976818556/?random=1648753744201&cv=9&fst=1648753200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3u0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fthcmi.com%2F&ref=http%3A%2F%2Fthc-online.com%2F&tiba=Total%20Health%20Care&async=1&fmt=3&is_vtc=1&random=1994940143&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: thcmi.com
URL: https://thcmi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 19:09:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/976818556/ Frame 7A9A 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/976818556/?random=1648753744201&cv=9&fst=1648753200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3u0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fthcmi.com%2F&ref=http%3A%2F%2Fthc-online.com%2F&tiba=Total%20Health%20Care&async=1&fmt=3&is_vtc=1&random=1994940143&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: thcmi.com
URL: https://thcmi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 19:09:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame 7A9A 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2703011113315670&ev=Microdata&dl=https%3A%2F%2Fthcmi.com%2F&rl=http%3A%2F%2Fthc-online.com%2F&if=true&ts=1648753745769&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Total%20Health%20Care%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&it=1648753744052&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thcmi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 19:09:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Thu, 31 Mar 2022 19:09:05 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored

3 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.ipredictive.com/ Name: cu
Value: 0811f198-b126-11ec-9615-97430edab4ed|1648753744391
.ipredictive.com/ Name: ci_rtc
Value: _uts=1648753744

3 Console Messages

Source Level URL
Text
security warning URL: https://thcmi.com/
Message:
Mixed Content: The page at 'https://thcmi.com/' was loaded over HTTPS, but requested an insecure element 'http://ad.ipredictive.com/d/rt/pixel?rtsite_id=46457&uuid=82ff9f45-ae16-4eff-af56-209d7c9def89&rr=CACHE_BUSTER'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://thcmi.com/(Line 1128)
Message:
Mixed Content: The page at 'https://thcmi.com/' was loaded over HTTPS, but requested an insecure element 'http://ad.ipredictive.com/d/rt/pixel?rtsite_id=46457&uuid=82ff9f45-ae16-4eff-af56-209d7c9def89&rr=CACHE_BUSTER'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://t.sf14g.com/sf14g.js
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.ipredictive.com
ajax.googleapis.com
connect.facebook.net
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
rumjs.rumito.net
t.sf14g.com
thc-online.com
thcmi.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.thcmi.com
104.199.115.136
142.250.186.34
208.80.120.70
2606:4700::6812:acf
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2008
2a00:1450:4001:810::200a
2a00:1450:4001:811::200e
2a00:1450:4001:827::2003
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2004
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.197.253.42
34.225.110.192
96.45.82.110
0345cc5982611defe2b9a3beacd50e2691e92053cdf984a02a4a45039d001ea4
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
497b601b49a74cc384fabf08bc567866368cf6503c9ee3e4c66765779ba52d05
51a695a7dfa3415b42051162c8547c5b376efb7a2486ae4cd0d6999a9ee87e7e
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5e5aa8eefe233c70ee38c9459efb44e92a5490c10801e3a99d0b8e3eb7aadbe0
64f1278f549dc1e6366898be158255c70ccb8a17bcdd8b775b765707141df71e
653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e
65dd6889d365fae9da48f682478473eafbd5b43fad51d047cfd8503517f895ac
72576d0501533517f8cfe0b29b753d135b5dcb105d452eceab68ca6379331106
72ac652c924fe14d5d978fa6819d72d9712bf702770231c2b6d385bf105aa9c7
74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ccd4f19febe0a688a85b93292973dd662708cce0ba42f5290a217d782a07806
7f4490ea95847e043ad17acd097c170057af330135b769ef5e237c6acf68dfaa
80606184f38258b97c4d20e7cd92f048f71654d26c82f047c65381ffde01574d
858efeea7b2512928d58ba400401b6580ba2b89d2e41ff75c11d8a8922ecef49
9022a1a9927f0a8394e65335cac7cae4f6b02d2c131967e335f15354299dff0a
902d51323662a9c7c5d9d1e07389e7b82868e3f9d3805c64105906bcec054a92
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
9616865a4344d7bd7631fb93925d422d89ea1db93bc52f9d217354841c2bdf3a
98f8ec00415d8b04f967f791ff9eca72c02466735f80384c3a9b5084a4ed3e3f
9c1df91628fc175e771a6912795d63eb8d230ad9ba64d62765bd12cb375fa2a3
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
a0c149402673dc86ff5f7a8e4ed5fcc08bf78df7e01218025bbdb03e6258e517
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a25fb202ccf059c534dbc9fad1d826f0e9f4c5afd4aa6ee586661ca497fe18b0
a2f41a1256fc2fe4293d07fd05dff174e1946f7c5138b08d926ebdcc666efdb3
a476fef3cc488d901bab154aed1dc3a85ce5b71cfd419bcc9ff8294fe6e298ac
a7d769cc2e99461469d4d1bbf2819e259694056d9ffbba1ddc8651d2cbf7db39
c0374ecb52492ab8603363a3583ffb69f8cd53f0654d04316948bf66484f5819
c39aa47d7b63ec8926465b69b607bd4eb9133ce2fc90cf693286ff6f20e4db82
c86d27630f679bcf9457308ae1ec8379f2bd260712beeef8c5f21e6a7f89cd18
ca109859a4965cc543f1b0df530615a5d9dff5df1bdf029965489d26fdb708cd
d8c22c6621adb5693e735359aef4e9f82620ad238dfa90ba31947ce2ef64e2b8
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
dd8e330a7dcc1d5b48ad47def62c802c4e76fe47703c3bebbb74ceddac9e3cf4
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e81734a154b3f9e0546a090f892f0805ae30396d31fab855ce7e51fb800f83c6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f48d5730450fdd9b6c0d9d2522ebdd7ce1318b738c08ac6e831c6d448c684e86
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df