urlscan.io logo urlscan.io
SecurityTrails logo

thamtusaodo.we9s.com Open in urlscan Pro
103.56.160.176  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.thamtusaodo.we9s.com/
Effective URL: https://thamtusaodo.we9s.com/
Submission: On May 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 6 countries across 14 domains to perform 52 HTTP transactions. The main IP is 103.56.160.176, located in Viet Nam and belongs to VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN. The main domain is thamtusaodo.we9s.com.
TLS certificate: Issued by R3 on May 14th 2024. Valid for: 3 months.
This is the only time thamtusaodo.we9s.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 19 103.56.160.176 135905 (VNPT-AS-V...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2400:52e0:1e0... 200325 (BUNNYCDN)
8 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
4 13 2a02:6b8::1:119 13238 (YANDEX)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.74.195 15169 (GOOGLE)
1 149.56.240.132 16276 (OVH)
52 13
19    103.56.160.176 (Viet Nam)

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)
www.thamtusaodo.we9s.com
thamtusaodo.we9s.com
3    2606:4700:3037::ac43:8ef5 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)
images.dmca.com
8    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:10::6814:1247 (United States)

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
13    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
region1.analytics.google.com
1    2a00:1450:400c:c02::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.74.195 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net
www.google.de
1    149.56.240.132 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534300.ip-149-56-240.net
s4.histats.com
Apex Domain
Subdomains		 Transfer
19 we9s.com
www.thamtusaodo.we9s.com
thamtusaodo.we9s.com
267 KB
10 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9603
4 KB
8 gstatic.com
fonts.gstatic.com
87 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
493 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4550
74 KB
3 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1230
95 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 13913
s4.histats.com — Cisco Umbrella Rank: 13947
5 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 7810
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 89
257 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3095
54 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2533
257 B
1 dmca.com
images.dmca.com — Cisco Umbrella Rank: 16972
843 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
1 KB
0 dichvuthamtu.org Failed
dichvuthamtu.org Failed
52 14
Domain Requested by
18 thamtusaodo.we9s.com thamtusaodo.we9s.com
10 mc.yandex.com 3 redirects thamtusaodo.we9s.com
mc.yandex.ru
8 fonts.gstatic.com fonts.googleapis.com
5 www.googletagmanager.com thamtusaodo.we9s.com
www.googletagmanager.com
3 mc.yandex.ru 1 redirects thamtusaodo.we9s.com
3 use.fontawesome.com thamtusaodo.we9s.com
use.fontawesome.com
1 s4.histats.com s10.histats.com
1 www.google.de thamtusaodo.we9s.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 s10.histats.com thamtusaodo.we9s.com
1 images.dmca.com thamtusaodo.we9s.com
1 fonts.googleapis.com thamtusaodo.we9s.com
1 www.thamtusaodo.we9s.com 1 redirects
0 dichvuthamtu.org Failed thamtusaodo.we9s.com
52 16

This site contains links to these domains. Also see Links.

Domain
dichvuthamtu.org
www.facebook.com
zalo.me
www.dmca.com
we9s.com
www.messenger.com
wa.me
Subject Issuer Validity Valid
thamtusaodo.we9s.com
R3		 2024-05-14 -
2024-08-12		 3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
upload.video.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
images.dmca.com
R3		 2024-04-20 -
2024-07-19		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
s10.histats.com
E1		 2024-04-11 -
2024-07-10		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-12-26 -
2024-06-05		 5 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.google.de
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
histats.com
R3		 2024-05-13 -
2024-08-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://thamtusaodo.we9s.com/
Frame ID: 568C1F6868BB6219432A0FACFD836C89
Requests: 65 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Công Ty Dịch Vụ Thám Tử Leader Phan - 20+ Năm Kinh Nghiệm

Page URL History Show full URLs

  1. https://www.thamtusaodo.we9s.com/ HTTP 301
    https://thamtusaodo.we9s.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

52
Requests

94 %
HTTPS

75 %
IPv6

14
Domains

16
Subdomains

13
IPs

6
Countries

1025 kB
Transfer

2656 kB
Size

34
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.thamtusaodo.we9s.com/ HTTP 301
    https://thamtusaodo.we9s.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10369.68uuLIAF2hYlnRb2TQeXwhmA9k3d4Rug1H6AAClRwBazpAUXmp9OrETri10shD-L.qkUvZ4RkZGngtALxZEUK_yi2Bw4%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10369.DdRh8rrOgIaQC2UWgCUoVOu2-cgrGfsZYvCnaPQcnA1yw7rqidNWSwTuCvybCuibMV_YnzZbNwQ6xtDfKJ92fNmc2FHrcT23qP6xNdBLie8y9O3Cn-M7q8IO86xBxINiVZ17CdgX__bfBDxX2eL143h3AWyGs5u_UYyRPCmMW5QlcxIdwalHQh8N65pQKTOY4PcU8j8IL1BZSGglN9C_HCjnAYIv5jd-EwDTGCL_bKw%2C.I0P8OsgkSrs00ysry0_mlg8WVqc%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10369.F6nWesWC1AajcMzA2-QQBRo9CuLU2vTyAIL5v-xFH4YsJeSp2ZLunVsLNLU30bu2WfGzuX7Bu0108ah7Qv42S0W9vm4WJrNCmMYkA-UIvazuftF_Tcqpt29-_fPNFRmEaEJJ07QmoOLvdqS2AVbSUeecqysQMMAQk1APRwiqYCHXzudB73W8jDBUNYb1_epE893_e5_nsmJJdNYhD6bPZw%2C%2C.4WCF0Yh5RsPlakIiiM89FlKYK7A%2C
Request Chain 57
  • https://mc.yandex.com/watch/95667263?wmode=7&page-url=https%3A%2F%2Fthamtusaodo.we9s.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22124%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22124%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A124.0.6367.201%0Achl%0A%22Chromium%22%3Bv%3D%22124.0.6367.201%22%2C%22Google%20Chrome%22%3Bv%3D%22124.0.6367.201%22%2C%22Not-A.Brand%22%3Bv%3D%2299.0.0.0%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rrwskrrnckuobefkyj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A237239201059%3Ahid%3A608044448%3Az%3A120%3Ai%3A20240515000541%3Aet%3A1715724342%3Ac%3A1%3Arn%3A209470786%3Arqn%3A1%3Au%3A1715724342943609454%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A6355%3Awv%3A2%3Ads%3A0%2C0%2C2609%2C316%2C1769%2C0%2C%2C786%2C1%2C%2C%2C%2C6305%3Aco%3A0%3Acpf%3A1%3Ans%3A1715724334720%3Agi%3AR0ExLjEuMTQwNDM2MzQ5NS4xNzE1NzI0MzQy%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1715724342%3At%3AC%C3%B4ng%20Ty%20D%E1%BB%8Bch%20V%E1%BB%A5%20Th%C3%A1m%20T%E1%BB%AD%20Leader%20Phan%20-%2020%2B%20N%C4%83m%20Kinh%20Nghi%E1%BB%87m&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)ti(1) HTTP 302
  • https://mc.yandex.com/watch/95667263/1?wmode=7&page-url=https%3A%2F%2Fthamtusaodo.we9s.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22124%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22124%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A124.0.6367.201%0Achl%0A%22Chromium%22%3Bv%3D%22124.0.6367.201%22%2C%22Google%20Chrome%22%3Bv%3D%22124.0.6367.201%22%2C%22Not-A.Brand%22%3Bv%3D%2299.0.0.0%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rrwskrrnckuobefkyj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A237239201059%3Ahid%3A608044448%3Az%3A120%3Ai%3A20240515000541%3Aet%3A1715724342%3Ac%3A1%3Arn%3A209470786%3Arqn%3A1%3Au%3A1715724342943609454%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A6355%3Awv%3A2%3Ads%3A0%2C0%2C2609%2C316%2C1769%2C0%2C%2C786%2C1%2C%2C%2C%2C6305%3Aco%3A0%3Acpf%3A1%3Ans%3A1715724334720%3Agi%3AR0ExLjEuMTQwNDM2MzQ5NS4xNzE1NzI0MzQy%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1715724342%3At%3AC%C3%B4ng%20Ty%20D%E1%BB%8Bch%20V%E1%BB%A5%20Th%C3%A1m%20T%E1%BB%AD%20Leader%20Phan%20-%2020%2B%20N%C4%83m%20Kinh%20Nghi%E1%BB%87m&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
thamtusaodo.we9s.com/
Redirect Chain
  • https://www.thamtusaodo.we9s.com/
  • https://thamtusaodo.we9s.com/
109 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thamtusaodo.we9s.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.56.160.176 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software
Apache/2 / PHP/7.4.27
Resource Hash
aefe7faeff41ce763eb19cf5c831a5742441a3d6b1594ebb1a61f3dcdc6a3308

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-length
21165
content-type
text/html; charset=UTF-8
date
Tue, 14 May 2024 22:05:37 GMT
link
<https://thamtusaodo.we9s.com/wp-json/>; rel="https://api.w.org/", <https://thamtusaodo.we9s.com/wp-json/wp/v2/pages/66>; rel="alternate"; type="application/json", <https://thamtusaodo.we9s.com/>; rel=shortlink
referrer-policy
no-referrer-when-downgrade
server
Apache/2
vary
Accept-Encoding,User-Agent
x-powered-by
PHP/7.4.27

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 14 May 2024 22:05:35 GMT
location
https://thamtusaodo.we9s.com/
referrer-policy
no-referrer-when-downgrade
server
Apache/2
vary
Accept-Encoding,User-Agent
x-powered-by
PHP/7.4.27
x-redirect-by
WordPress
lazyload.min.js
thamtusaodo.we9s.com/wp-content/plugins/w3-total-cache/pub/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thamtusaodo.we9s.com/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js
Requested by
Host: thamtusaodo.we9s.com
URL: https://thamtusaodo.we9s.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.56.160.176 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software
Apache/2 /
Resource Hash
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thamtusaodo.we9s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Tue, 14 May 2024 22:05:40 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 16 Mar 2024 00:46:20 GMT
server
Apache/2
etag
"1883-613bc73edaf00-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
2356
expires
Wed, 14 May 2025 22:05:40 GMT
3db3b.css
thamtusaodo.we9s.com/wp-content/cache/minify/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thamtusaodo.we9s.com/wp-content/cache/minify/3db3b.css
Requested by
Host: thamtusaodo.we9s.com
URL: https://thamtusaodo.we9s.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.56.160.176 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software
Apache/2 /
Resource Hash
277657ee46ec1e058eca364fa4c69b20f7d1c29077ffddf47420284dd882cec1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thamtusaodo.we9s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Tue, 14 May 2024 22:05:40 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 14 May 2024 17:16:36 GMT
server
Apache/2
etag
"63c-6186d2a0a2996"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
1596
expires
Wed, 14 May 2025 22:05:40 GMT
all.css
use.fontawesome.com/releases/v5.13.0/css/ 		57 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.13.0/css/all.css
Requested by
Host: thamtusaodo.we9s.com
URL: https://thamtusaodo.we9s.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thamtusaodo.we9s.com/
Origin
https://thamtusaodo.we9s.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 22:05:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:45:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"76cb46c10b6c0293433b371bae2414b2"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nL3wBp9QgycCT1KJbY%2FwK7hZg3oKCCCl5zFVxJX7u8vIQgZDJf%2Fvcj9u%2FagvzX29eqBfylPge%2Bx%2BkbvWGZvws3aG7vpU3jo56bML%2BKeLV6EShdQpJbIf9Q8wHO9X5jWBl7LrCpVQuUVahjfagNZDaQTY"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
883e30e52a3637ce-FRA
alt-svc
h3=":443"; ma=86400
c0c5e.css
thamtusaodo.we9s.com/wp-content/cache/minify/ 		187 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thamtusaodo.we9s.com/wp-content/cache/minify/c0c5e.css
Requested by
Host: thamtusaodo.we9s.com
URL: https://thamtusaodo.we9s.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.56.160.176 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software
Apache/2 /
Resource Hash
72fb8dfa5f5a3e24c42431940443d943e192429803948456f4ff0e54249fcbf2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thamtusaodo.we9s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Tue, 14 May 2024 22:05:40 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 14 May 2024 17:16:35 GMT
server
Apache/2
etag
"89a2-6186d2a06169e"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
35234
expires
Wed, 14 May 2025 22:05:40 GMT
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2Cregular%2C500%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9
Requested by
Host: thamtusaodo.we9s.com
URL: https://thamtusaodo.we9s.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
95ce3da2196a2fabf977335a92acb1eb06d8e14f389fc3eecb1b02437f9b2461
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thamtusaodo.we9s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 May 2024 22:05:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 May 2024 22:05:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 May 2024 22:05:40 GMT
v4-shims.css
use.fontawesome.com/releases/v5.13.0/css/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.13.0/css/v4-shims.css
Requested by
Host: thamtusaodo.we9s.com
URL: https://thamtusaodo.we9s.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0ded025aa80c10d37920521c8de04536a6145d0e42eb4186c57b412fa50eb45

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thamtusaodo.we9s.com/
Origin
https://thamtusaodo.we9s.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 22:05:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:45:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"fb073a92592d70e5aa6e3cce1cf93a11"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Ovpg5ZHpPHPX1lEsNeZREXSVl1sIg2eCPwZS4Xg7zAJHEKcTqz72h%2BY%2FCneMXS1Cv0Xq153gwdLGwsosMlYAiGLmxhY%2FdxzO9tsaFu5aSdt5hJF89i%2FRwGeDryNclLneUK3hrxYCQq2vH6qQuFULcRq"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
883e30e52a3537ce-FRA
alt-svc
h3=":443"; ma=86400
818c0.js
thamtusaodo.we9s.com/wp-content/cache/minify/ 		99 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thamtusaodo.we9s.com/wp-content/cache/minify/818c0.js
Requested by
Host: thamtusaodo.we9s.com
URL: https://thamtusaodo.we9s.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.56.160.176 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software
Apache/2 /
Resource Hash
fbb5f2ccde427720073f4757673dfc6912f94de36841444083b4da740fef9576

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thamtusaodo.we9s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Tue, 14 May 2024 22:05:40 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 14 May 2024 17:16:36 GMT
server
Apache/2
etag
"861e-6186d2a0bdb2e"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
34334
expires
Wed, 14 May 2025 22:05:40 GMT
js
www.googletagmanager.com/gtag/ 		308 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TVW6QT1P4P
Requested by
Host: thamtusaodo.we9s.com
URL: https://thamtusaodo.we9s.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4fd75701df413a7352e6e6504d7f8fce4cf84be3a8fbdfd959f7e3861ae15421
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thamtusaodo.we9s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 22:05:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104756
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 May 2024 22:05:41 GMT
js
www.googletagmanager.com/gtag/ 		301 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-K1W4DHWMFL
Requested by
Host: thamtusaodo.we9s.com
URL: https://thamtusaodo.we9s.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d561fd6fa1a7df461754aa62a85fb969740be2b588c6901cf24ff856393e4a24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thamtusaodo.we9s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 22:05:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102313
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 May 2024 22:05:41 GMT
DMCABadgeHelper.min.js
images.dmca.com/Badges/ 		465 B
843 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by
Host: thamtusaodo.we9s.com
URL: https://thamtusaodo.we9s.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 / ASP.NET
Resource Hash
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thamtusaodo.we9s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 22:05:40 GMT
content-encoding
br
cdn-edgestorageid
1080
x-powered-by
ASP.NET
cdn-cachedat
12/05/2023 19:29:27
cdn-pullzone
1574055
last-modified
Fri, 21 Jun 2019 20:14:34 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"26b181f16d28d51:0"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
c136c664-112d-4533-8247-f90f6849ab39
cache-control
public, max-age=31536000
cdn-requestid
ea52af070f308d60c262c5ebd0ac56b4
cdn-requestcountrycode
DE
link
<https://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
a006d.js
thamtusaodo.we9s.com/wp-content/cache/minify/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thamtusaodo.we9s.com/wp-content/cache/minify/a006d.js
Requested by
Host: thamtusaodo.we9s.com
URL: https://thamtusaodo.we9s.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.56.160.176 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software
Apache/2 /
Resource Hash
8168c2a965400b51bfc7567d66bb87bbb489ddbd6343c484372250dca8488188

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thamtusaodo.we9s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Tue, 14 May 2024 22:05:40 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 14 May 2024 17:16:36 GMT
server
Apache/2
etag
"f85-6186d2a0d32ee"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3973
expires
Wed, 14 May 2025 22:05:40 GMT
5c721.js
thamtusaodo.we9s.com/wp-content/cache/minify/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thamtusaodo.we9s.com/wp-content/cache/minify/5c721.js
Requested by
Host: thamtusaodo.we9s.com
URL: https://thamtusaodo.we9s.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.56.160.176 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software
Apache/2 /
Resource Hash
fe63558e8a0aa17c1244153f3a9ee29782d5b796f4225d08d0e2acb6c9976d6d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thamtusaodo.we9s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Tue, 14 May 2024 22:05:40 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 14 May 2024 17:16:35 GMT
server
Apache/2
etag
"12b9-6186d29fdaa5e"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
4793
expires
Wed, 14 May 2025 22:05:40 GMT
a80c4.js
thamtusaodo.we9s.com/wp-content/cache/minify/ 		158 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thamtusaodo.we9s.com/wp-content/cache/minify/a80c4.js
Requested by
Host: thamtusaodo.we9s.com
URL: https://thamtusaodo.we9s.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.56.160.176 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software
Apache/2 /
Resource Hash
47d66016a2c0e332f143203a6d3236ef3be41675d725b0e06bc9f08e0a3d8878

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thamtusaodo.we9s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Tue, 14 May 2024 22:05:40 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 14 May 2024 17:16:35 GMT
server
Apache/2
etag
"b14b-6186d2a03a1b6"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
45387
expires
Wed, 14 May 2025 22:05:40 GMT
1615d.js
thamtusaodo.we9s.com/wp-content/cache/minify/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thamtusaodo.we9s.com/wp-content/cache/minify/1615d.js
Requested by
Host: thamtusaodo.we9s.com
URL: https://thamtusaodo.we9s.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.56.160.176 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software
Apache/2 /
Resource Hash
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thamtusaodo.we9s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Tue, 14 May 2024 22:05:41 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 14 May 2024 17:16:37 GMT
server
Apache/2
etag
"934-6186d2a1bec76"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
2356
expires
Wed, 14 May 2025 22:05:41 GMT
gtm.js
www.googletagmanager.com/ 		247 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PTLV3XN
Requested by
Host: thamtusaodo.we9s.com
URL: https://thamtusaodo.we9s.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
51bfc5fe59e2243941bf26acd27b83d81af3cdb18fa975b146b767cdff585f9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thamtusaodo.we9s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 22:05:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
89566
x-xss-protection
0
last-modified
Tue, 14 May 2024 21:16:12 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 May 2024 22:05:41 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ec7d727d17331b8e64b16a73c9218d154ee70e94f6e9cbb3973cd73a649f7102

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
59b14896f8706d2b1a227d1f79bce01fed08f600b77409aae1a30ddbafed713f

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
641770540c6c20be40da3fef17bcea4e0e23020fe3cb449662b09edaa683cd13

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		64 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b85175c21358b9c4e67033cef7ea98ed3f508ded187fd5a627bf9c77c0f74fb

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
line.png
thamtusaodo.we9s.com/wp-content/uploads/2019/08/ 		257 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thamtusaodo.we9s.com/wp-content/uploads/2019/08/line.png
Requested by
Host: thamtusaodo.we9s.com
URL: https://thamtusaodo.we9s.com/wp-content/cache/minify/c0c5e.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.56.160.176 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software
Apache/2 /
Resource Hash
77767652cd5d52dbd8d0364330a8ca38bf6bf32ab608a7d456b77706800b3996

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thamtusaodo.we9s.com/wp-content/cache/minify/c0c5e.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Tue, 14 May 2024 22:05:41 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 16 Mar 2024 00:46:22 GMT
server
Apache/2
etag
"101-613bc740c3380"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
257
expires
Wed, 14 May 2025 22:05:41 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2Cregular%2C500%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://thamtusaodo.we9s.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:27:43 GMT
x-content-type-options
nosniff
age
31078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 13:27:43 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2Cregular%2C500%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://thamtusaodo.we9s.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:30:08 GMT
x-content-type-options
nosniff
age
99333
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 May 2025 18:30:08 GMT
fl-icons.woff2
thamtusaodo.we9s.com/wp-content/themes/flatsome/assets/css/icons/ 		6 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thamtusaodo.we9s.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2
Requested by
Host: thamtusaodo.we9s.com
URL: https://thamtusaodo.we9s.com/wp-content/cache/minify/3db3b.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.56.160.176 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software
Apache/2 /
Resource Hash
815e5395652e03d7051b767baade615d279fe3644bbf8f8bbdc54a8b9573be67

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thamtusaodo.we9s.com/wp-content/cache/minify/3db3b.css
Origin
https://thamtusaodo.we9s.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Tue, 14 May 2024 22:05:41 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 16 Mar 2024 00:46:21 GMT
server
Apache/2
etag
"1988-613bc73fcf140-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/font-woff2
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
6559
expires
Wed, 14 May 2025 22:05:41 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2Cregular%2C500%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://thamtusaodo.we9s.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 00:45:23 GMT
x-content-type-options
nosniff
age
336018
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 May 2025 00:45:23 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.13.0/webfonts/ 		78 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.13.0/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.13.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://use.fontawesome.com/releases/v5.13.0/css/all.css
Origin
https://thamtusaodo.we9s.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 22:05:41 GMT
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:45:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"b15db15f746f29ffa02638cb455b8ec0"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IFixroDa4JuDTO6AgvplcX7CqnB27%2Bk7tpfyaY%2Fka8Nur39908RQHpCdugdfDphQ1Nd5EGX%2FTBQkcaxT47Dz9AtFBZcT3UrzgvvTUVIEaJ5uAJ2ZSoZd%2BltPUOpE7DHtJuGfnFTMH0D1wDMDWMQ%2Fsfrf"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
883e30eb885c37ce-FRA
alt-svc
h3=":443"; ma=86400
content-length
79444
KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2Cregular%2C500%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0948409a22b5979aa7e1ec20da9e61f12e7d403800b541ece053881bd2542b70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://thamtusaodo.we9s.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 08:28:17 GMT
x-content-type-options
nosniff
age
49044
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5604
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 08:28:17 GMT
KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2Cregular%2C500%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://thamtusaodo.we9s.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 17:08:58 GMT
x-content-type-options
nosniff
age
17803
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5560
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 17:08:58 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2Cregular%2C500%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://thamtusaodo.we9s.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 03:29:55 GMT
x-content-type-options
nosniff
age
66946
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11872
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 03:29:55 GMT
KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2Cregular%2C500%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://thamtusaodo.we9s.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 14:09:49 GMT
x-content-type-options
nosniff
age
28552
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11824
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 14:09:49 GMT
KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2Cregular%2C500%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://thamtusaodo.we9s.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:55:27 GMT
x-content-type-options
nosniff
age
29414
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5548
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 13:55:27 GMT
truncated
/ 		68 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b050cc15f86060cebcf2c914d7f3ad827985ad32c8964ee5bc29a84bc16a7e5

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		66 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
da82de9c2b790b345dd0956b1ac2eaa6c2ecd14089c2ded711fac2be91a5d02b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
819d7104a4fdf63293e43fd62eadbe7ac4d828a31e5fc29db897d6d8429364c4

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		66 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0cdae31c2279a036d643e8124495c346f2f813401815ecdc7b3d4af8d2b2cb05

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57ac39e91ed9abadc4ef158acd78a5b014989a72aaa7fe5b38b954e1bc214f76

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b39bca2b5b8ca0c0ba70418b7c7dad52a050321bdc94f3327e317c84f37b5533

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
icon-map.png
thamtusaodo.we9s.com/wp-content/uploads/2020/04/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thamtusaodo.we9s.com/wp-content/uploads/2020/04/icon-map.png
Requested by
Host: thamtusaodo.we9s.com
URL: https://thamtusaodo.we9s.com/wp-content/cache/minify/c0c5e.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.56.160.176 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software
Apache/2 /
Resource Hash
79f69e924fa7fd9cbdefaf712b16935d9c5c0aa46f693b89a0c43fd0291145bc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thamtusaodo.we9s.com/wp-content/cache/minify/c0c5e.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Tue, 14 May 2024 22:05:41 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 16 Mar 2024 00:46:22 GMT
server
Apache/2
etag
"1402-613bc740c3380"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
5122
expires
Wed, 14 May 2025 22:05:41 GMT
icon-zalo-circle2.png.pagespeed.ce_.iUc59tfITH.png
thamtusaodo.we9s.com/wp-content/uploads/2020/04/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thamtusaodo.we9s.com/wp-content/uploads/2020/04/icon-zalo-circle2.png.pagespeed.ce_.iUc59tfITH.png
Requested by
Host: thamtusaodo.we9s.com
URL: https://thamtusaodo.we9s.com/wp-content/cache/minify/c0c5e.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.56.160.176 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software
Apache/2 /
Resource Hash
0356a879adbde1a1e9e9be91cd9fb569f109d675cc63d7ece2f2a0d36875efc4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thamtusaodo.we9s.com/wp-content/cache/minify/c0c5e.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Tue, 14 May 2024 22:05:41 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 16 Mar 2024 00:46:22 GMT
server
Apache/2
etag
"42dc-613bc740c3380"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
17116
expires
Wed, 14 May 2025 22:05:41 GMT
icon-messenger.png.pagespeed.ce_.sSebhnGGgP.png
thamtusaodo.we9s.com/wp-content/uploads/2020/04/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thamtusaodo.we9s.com/wp-content/uploads/2020/04/icon-messenger.png.pagespeed.ce_.sSebhnGGgP.png
Requested by
Host: thamtusaodo.we9s.com
URL: https://thamtusaodo.we9s.com/wp-content/cache/minify/c0c5e.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.56.160.176 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software
Apache/2 /
Resource Hash
fd83e2080854c15f4e93e4d6c394140dcaa529fc8a20698ac090bd1828ea606c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thamtusaodo.we9s.com/wp-content/cache/minify/c0c5e.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Tue, 14 May 2024 22:05:41 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 16 Mar 2024 00:46:22 GMT
server
Apache/2
etag
"439a-613bc740c3380"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
17306
expires
Wed, 14 May 2025 22:05:41 GMT
icon-angle-up.png.pagespeed.ce_.NGU5VowWiC.png
thamtusaodo.we9s.com/wp-content/uploads/2020/04/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thamtusaodo.we9s.com/wp-content/uploads/2020/04/icon-angle-up.png.pagespeed.ce_.NGU5VowWiC.png
Requested by
Host: thamtusaodo.we9s.com
URL: https://thamtusaodo.we9s.com/wp-content/cache/minify/c0c5e.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.56.160.176 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software
Apache/2 /
Resource Hash
5d119b503955255614f2d16b1f5b1126eabdc7dbe8a36e060b4c55f839576db3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thamtusaodo.we9s.com/wp-content/cache/minify/c0c5e.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Tue, 14 May 2024 22:05:41 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 16 Mar 2024 00:46:22 GMT
server
Apache/2
etag
"3fe9-613bc740c3380"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
16361
expires
Wed, 14 May 2025 22:05:41 GMT
truncated
/ 		68 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea782ea6a33449ecbbc0230867cdc5282525fb728760fe3e72a11cd37c3ecc30

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1434ae66bae9a83cdc19b2caa59704dffcbf1162e2992ec482bd01ade873ae1a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
dich-vu-tham-tu-slide-1024x459.webp
thamtusaodo.we9s.com/wp-content/uploads/2023/11/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thamtusaodo.we9s.com/wp-content/uploads/2023/11/dich-vu-tham-tu-slide-1024x459.webp
Requested by
Host: thamtusaodo.we9s.com
URL: https://thamtusaodo.we9s.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.56.160.176 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software
Apache/2 /
Resource Hash
27c3ea87d041a4436763386da83594d0a2f709f21996e04319d11cedbf6a68e8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thamtusaodo.we9s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Tue, 14 May 2024 22:05:41 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 16 Mar 2024 00:46:22 GMT
server
Apache/2
etag
"abc2-613bc740c3380-gzip"
vary
Accept-Encoding,User-Agent
content-type
image/webp
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
43998
expires
Wed, 14 May 2025 22:05:41 GMT
dich-vu-tham-tu.webp
thamtusaodo.we9s.com/wp-content/uploads/2023/11/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thamtusaodo.we9s.com/wp-content/uploads/2023/11/dich-vu-tham-tu.webp
Requested by
Host: thamtusaodo.we9s.com
URL: https://thamtusaodo.we9s.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.56.160.176 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software
Apache/2 /
Resource Hash
7bcc62d88156c635dabdcc13209482a4754412e7ac75d21b28f90ab1e325e702

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thamtusaodo.we9s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Tue, 14 May 2024 22:05:41 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 16 Mar 2024 00:46:22 GMT
server
Apache/2
etag
"2826-613bc740c3380-gzip"
vary
Accept-Encoding,User-Agent
content-type
image/webp
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
10150
expires
Wed, 14 May 2025 22:05:41 GMT
dich-vu-tham-tu-leaderphan-logo.webp
dichvuthamtu.org/wp-content/uploads/2023/11/ 		0
0
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: thamtusaodo.we9s.com
URL: https://thamtusaodo.we9s.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:1247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thamtusaodo.we9s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 22:05:41 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
5113
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
883e30eeffa34d7f-FRA
content-length
4547
tag.js
mc.yandex.ru/metrika/ 		208 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: thamtusaodo.we9s.com
URL: https://thamtusaodo.we9s.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
aaa2326f42507022619917a2abe599d6312c3294846cc66f008baf084dc39ed4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thamtusaodo.we9s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 22:05:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Tue, 14 May 2024 12:07:07 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"664353eb-11f0d"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
73485
expires
Tue, 14 May 2024 23:05:41 GMT
js
www.googletagmanager.com/gtag/ 		308 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TVW6QT1P4P&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTLV3XN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
de8db3364fc5691843eee342a468f98b93cf7c0a2e7d03601c3df251b7e0de15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thamtusaodo.we9s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 22:05:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104780
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 May 2024 22:05:41 GMT
js
www.googletagmanager.com/gtag/ 		301 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-K1W4DHWMFL&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTLV3XN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e40921fcff78f47384173addd3ed1c2cec2e9a8484efc0518095a84f88d7c5cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thamtusaodo.we9s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 22:05:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102320
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 May 2024 22:05:41 GMT
collect
region1.google-analytics.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-K1W4DHWMFL&gtm=45je45d0v9129551478za200&_p=1715724340884&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1404363495.1715724342&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715724341&sct=1&seg=0&dl=https%3A%2F%2Fthamtusaodo.we9s.com%2F&dt=C%C3%B4ng%20Ty%20D%E1%BB%8Bch%20V%E1%BB%A5%20Th%C3%A1m%20T%E1%BB%AD%20Leader%20Phan%20-%2020%2B%20N%C4%83m%20Kinh%20Nghi%E1%BB%87m&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=6880
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K1W4DHWMFL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thamtusaodo.we9s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 14 May 2024 22:05:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thamtusaodo.we9s.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-TVW6QT1P4P&gtm=45je45d0v9106827821za200&_p=1715724340884&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1404363495.1715724342&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715724341&sct=1&seg=0&dl=https%3A%2F%2Fthamtusaodo.we9s.com%2F&dt=C%C3%B4ng%20Ty%20D%E1%BB%8Bch%20V%E1%BB%A5%20Th%C3%A1m%20T%E1%BB%AD%20Leader%20Phan%20-%2020%2B%20N%C4%83m%20Kinh%20Nghi%E1%BB%87m&en=page_view&_fv=1&_ss=1&_ee=1&tfd=6924
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TVW6QT1P4P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thamtusaodo.we9s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 14 May 2024 22:05:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thamtusaodo.we9s.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TVW6QT1P4P&cid=1404363495.1715724342&gtm=45je45d0v9106827821za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TVW6QT1P4P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thamtusaodo.we9s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 14 May 2024 22:05:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thamtusaodo.we9s.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TVW6QT1P4P&cid=1404363495.1715724342&gtm=45je45d0v9106827821za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=214529584
Requested by
Host: thamtusaodo.we9s.com
URL: https://thamtusaodo.we9s.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thamtusaodo.we9s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 14 May 2024 22:05:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0.php
s4.histats.com/stats/ 		48 B
182 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4794621&@f16&@g1&@h1&@i1&@j1715724341659&@k0&@l1&@mC%C3%B4ng%20Ty%20D%E1%BB%8Bch%20V%E1%BB%A5%20Th%C3%A1m%20T%E1%BB%AD%20Leader%20Phan%20-%2020%2B%20N%C4%83m%20Kinh%20Nghi%E1%BB%87m&@n0&@o1000&@q0&@r0&@s0&@tde-DE&@u1600&@b1:-143782928&@b3:1715724342&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fthamtusaodo.we9s.com%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.132 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534300.ip-149-56-240.net
Software
/
Resource Hash
acfc1b38221979c890ef1c0ad652af7d576b164ea63e4071a08d962fe8d69ba0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thamtusaodo.we9s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 14 May 2024 22:05:50 GMT
Connection
close
Content-Length
48
Content-Type
text/html;charset=UTF-8
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10369.68uuLIAF2hYlnRb2TQeXwhmA9k3d4Rug1H6AAClRwBazpAUXmp9OrETri10shD-L.qkUvZ4RkZGngtALxZEUK_yi2Bw4%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10369.DdRh8rrOgIaQC2UWgCUoVOu2-cgrGfsZYvCnaPQcnA1yw7rqidNWSwTuCvybCuibMV_YnzZbNwQ6xtDfKJ92fNmc2FHrcT23qP6xNdBLie8y9O3Cn-M7q8IO86xBxINiVZ17CdgX__...
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10369.F6nWesWC1AajcMzA2-QQBRo9CuLU2vTyAIL5v-xFH4YsJeSp2ZLunVsLNLU30bu2WfGzuX7Bu0108ah7Qv42S0W9vm4WJrNCmMYkA-UIvazuf...
43 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10369.F6nWesWC1AajcMzA2-QQBRo9CuLU2vTyAIL5v-xFH4YsJeSp2ZLunVsLNLU30bu2WfGzuX7Bu0108ah7Qv42S0W9vm4WJrNCmMYkA-UIvazuftF_Tcqpt29-_fPNFRmEaEJJ07QmoOLvdqS2AVbSUeecqysQMMAQk1APRwiqYCHXzudB73W8jDBUNYb1_epE893_e5_nsmJJdNYhD6bPZw%2C%2C.4WCF0Yh5RsPlakIiiM89FlKYK7A%2C
Requested by
Host: thamtusaodo.we9s.com
URL: https://thamtusaodo.we9s.com/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://thamtusaodo.we9s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Tue, 14 May 2024 22:05:42 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10369.F6nWesWC1AajcMzA2-QQBRo9CuLU2vTyAIL5v-xFH4YsJeSp2ZLunVsLNLU30bu2WfGzuX7Bu0108ah7Qv42S0W9vm4WJrNCmMYkA-UIvazuftF_Tcqpt29-_fPNFRmEaEJJ07QmoOLvdqS2AVbSUeecqysQMMAQk1APRwiqYCHXzudB73W8jDBUNYb1_epE893_e5_nsmJJdNYhD6bPZw%2C%2C.4WCF0Yh5RsPlakIiiM89FlKYK7A%2C
date
Tue, 14 May 2024 22:05:42 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: thamtusaodo.we9s.com
URL: https://thamtusaodo.we9s.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thamtusaodo.we9s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 22:05:41 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14 May 2024 12:07:07 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"664353eb-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 14 May 2024 23:05:41 GMT
1
mc.yandex.com/watch/95667263/
Redirect Chain
  • https://mc.yandex.com/watch/95667263?wmode=7&page-url=https%3A%2F%2Fthamtusaodo.we9s.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22124%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Ch...
  • https://mc.yandex.com/watch/95667263/1?wmode=7&page-url=https%3A%2F%2Fthamtusaodo.we9s.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22124%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22...
447 B
566 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/95667263/1?wmode=7&page-url=https%3A%2F%2Fthamtusaodo.we9s.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22124%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22124%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A124.0.6367.201%0Achl%0A%22Chromium%22%3Bv%3D%22124.0.6367.201%22%2C%22Google%20Chrome%22%3Bv%3D%22124.0.6367.201%22%2C%22Not-A.Brand%22%3Bv%3D%2299.0.0.0%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rrwskrrnckuobefkyj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A237239201059%3Ahid%3A608044448%3Az%3A120%3Ai%3A20240515000541%3Aet%3A1715724342%3Ac%3A1%3Arn%3A209470786%3Arqn%3A1%3Au%3A1715724342943609454%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A6355%3Awv%3A2%3Ads%3A0%2C0%2C2609%2C316%2C1769%2C0%2C%2C786%2C1%2C%2C%2C%2C6305%3Aco%3A0%3Acpf%3A1%3Ans%3A1715724334720%3Agi%3AR0ExLjEuMTQwNDM2MzQ5NS4xNzE1NzI0MzQy%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1715724342%3At%3AC%C3%B4ng%20Ty%20D%E1%BB%8Bch%20V%E1%BB%A5%20Th%C3%A1m%20T%E1%BB%AD%20Leader%20Phan%20-%2020%2B%20N%C4%83m%20Kinh%20Nghi%E1%BB%87m&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
ce9ee05cd1f763f328835a70e634e722c24146ff59ca2c58f9b9d537fc03f2c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://thamtusaodo.we9s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 May 2024 22:05:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Tue, 14-May-2024 22:05:42 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thamtusaodo.we9s.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
447
x-xss-protection
1; mode=block
expires
Tue, 14-May-2024 22:05:42 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 May 2024 22:05:42 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14-May-2024 22:05:42 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/95667263/1?wmode=7&page-url=https%3A%2F%2Fthamtusaodo.we9s.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22124%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22124%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A124.0.6367.201%0Achl%0A%22Chromium%22%3Bv%3D%22124.0.6367.201%22%2C%22Google%20Chrome%22%3Bv%3D%22124.0.6367.201%22%2C%22Not-A.Brand%22%3Bv%3D%2299.0.0.0%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rrwskrrnckuobefkyj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A237239201059%3Ahid%3A608044448%3Az%3A120%3Ai%3A20240515000541%3Aet%3A1715724342%3Ac%3A1%3Arn%3A209470786%3Arqn%3A1%3Au%3A1715724342943609454%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A6355%3Awv%3A2%3Ads%3A0%2C0%2C2609%2C316%2C1769%2C0%2C%2C786%2C1%2C%2C%2C%2C6305%3Aco%3A0%3Acpf%3A1%3Ans%3A1715724334720%3Agi%3AR0ExLjEuMTQwNDM2MzQ5NS4xNzE1NzI0MzQy%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1715724342%3At%3AC%C3%B4ng%20Ty%20D%E1%BB%8Bch%20V%E1%BB%A5%20Th%C3%A1m%20T%E1%BB%AD%20Leader%20Phan%20-%2020%2B%20N%C4%83m%20Kinh%20Nghi%E1%BB%87m&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29
access-control-allow-origin
https://thamtusaodo.we9s.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 14-May-2024 22:05:42 GMT
icon.webp
thamtusaodo.we9s.com/wp-content/uploads/2023/11/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://thamtusaodo.we9s.com/wp-content/uploads/2023/11/icon.webp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.56.160.176 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software
Apache/2 /
Resource Hash
b0a9eec0f411a4c78cfc7fff475ac2934153cbbe7ac18c3c58d4e01d218c8d1f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://thamtusaodo.we9s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Tue, 14 May 2024 22:05:42 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 16 Mar 2024 00:46:22 GMT
server
Apache/2
etag
"7ca-613bc740c3380-gzip"
vary
Accept-Encoding,User-Agent
content-type
image/webp
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
1847
expires
Wed, 14 May 2025 22:05:42 GMT
95667263
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/95667263?wv-part=1&wv-type=7&wmode=0&wv-hit=608044448&page-url=https%3A%2F%2Fthamtusaodo.we9s.com%2F&rn=972756688&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1715724345%3Aw%3A1600x1200%3Av%3A1331%3Az%3A120%3Ai%3A20240515000545%3Au%3A1715724342943609454%3Avf%3Adgbrch0rrwskrrnckuobefkyj%3Ast%3A1715724345&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://thamtusaodo.we9s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 May 2024 22:05:45 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14-May-2024 22:05:45 GMT
content-type
image/gif
access-control-allow-origin
https://thamtusaodo.we9s.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 14-May-2024 22:05:45 GMT
95667263
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/95667263?wv-part=1&wv-type=7&wmode=0&wv-hit=608044448&page-url=https%3A%2F%2Fthamtusaodo.we9s.com%2F&rn=809117410&browser-info=we%3A1%3Aet%3A1715724346%3Aw%3A1600x1200%3Av%3A1331%3Az%3A120%3Ai%3A20240515000545%3Au%3A1715724342943609454%3Avf%3Adgbrch0rrwskrrnckuobefkyj%3Ast%3A1715724346&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://thamtusaodo.we9s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 May 2024 22:05:45 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14-May-2024 22:05:45 GMT
content-type
image/gif
access-control-allow-origin
https://thamtusaodo.we9s.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 14-May-2024 22:05:45 GMT
95667263
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/95667263?wv-part=2&wv-type=7&wmode=0&wv-hit=608044448&page-url=https%3A%2F%2Fthamtusaodo.we9s.com%2F&rn=286168644&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1715724347%3Aw%3A1600x1200%3Av%3A1331%3Az%3A120%3Ai%3A20240515000546%3Au%3A1715724342943609454%3Avf%3Adgbrch0rrwskrrnckuobefkyj%3Ast%3A1715724347&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://thamtusaodo.we9s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 May 2024 22:05:46 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14-May-2024 22:05:46 GMT
content-type
image/gif
access-control-allow-origin
https://thamtusaodo.we9s.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 14-May-2024 22:05:46 GMT
95667263
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/95667263?wv-part=3&wv-type=7&wmode=0&wv-hit=608044448&page-url=https%3A%2F%2Fthamtusaodo.we9s.com%2F&rn=548548100&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1715724351%3Aw%3A1600x1200%3Av%3A1331%3Az%3A120%3Ai%3A20240515000550%3Au%3A1715724342943609454%3Avf%3Adgbrch0rrwskrrnckuobefkyj%3Ast%3A1715724351&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://thamtusaodo.we9s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 May 2024 22:05:50 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14-May-2024 22:05:50 GMT
content-type
image/gif
access-control-allow-origin
https://thamtusaodo.we9s.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 14-May-2024 22:05:50 GMT
95667263
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/95667263?wv-part=4&wv-type=7&wmode=0&wv-hit=608044448&page-url=https%3A%2F%2Fthamtusaodo.we9s.com%2F&rn=999194330&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1715724355%3Aw%3A1600x1200%3Av%3A1331%3Az%3A120%3Ai%3A20240515000554%3Au%3A1715724342943609454%3Avf%3Adgbrch0rrwskrrnckuobefkyj%3Ast%3A1715724355&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://thamtusaodo.we9s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 May 2024 22:05:54 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14-May-2024 22:05:54 GMT
content-type
image/gif
access-control-allow-origin
https://thamtusaodo.we9s.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 14-May-2024 22:05:54 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dichvuthamtu.org
URL
https://dichvuthamtu.org/wp-content/uploads/2023/11/dich-vu-tham-tu-leaderphan-logo.webp

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| $ function| jQuery object| dataLayer function| gtag object| kk_star_ratings object| swv object| wpcf7 object| flatsomeVars function| StickySidebar function| Waypoint object| Flatsome string| waypointContextKey function| objectFitImages function| cookie number| w3tc_lazyload object| lazyLoadOptions function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _extends function| _typeof function| LazyLoad object| google_tag_manager object| google_tag_data object| _Hasync function| ym function| onYouTubeIframeAPIReady object| gaGlobal function| chfh function| chfh2 string| _HST_cntval object| Histats object| Ya object| yaCounter95667263 object| _HistatsCounterGraphics_0_setValues

34 Cookies

Domain/Path Name / Value
.we9s.com/ Name: _gcl_au
Value: 1.1.2083168613.1715724341
.we9s.com/ Name: _ga_K1W4DHWMFL
Value: GS1.1.1715724341.1.0.1715724341.0.0.0
.we9s.com/ Name: _ga
Value: GA1.1.1404363495.1715724342
.we9s.com/ Name: _ga_TVW6QT1P4P
Value: GS1.1.1715724341.1.0.1715724341.60.0.0
thamtusaodo.we9s.com/ Name: HstCfa4794621
Value: 1715724341659
thamtusaodo.we9s.com/ Name: HstCla4794621
Value: 1715724341659
thamtusaodo.we9s.com/ Name: HstCmu4794621
Value: 1715724341659
thamtusaodo.we9s.com/ Name: HstPn4794621
Value: 1
thamtusaodo.we9s.com/ Name: HstPt4794621
Value: 1
thamtusaodo.we9s.com/ Name: HstCnv4794621
Value: 1
thamtusaodo.we9s.com/ Name: HstCns4794621
Value: 1
.yandex.ru/ Name: yashr
Value: 1585755331715724341
mc.yandex.ru/ Name: bh
Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI0IiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjQiKgI/MDoHIldpbjMyIg==
.we9s.com/ Name: _ym_uid
Value: 1715724342943609454
.we9s.com/ Name: _ym_d
Value: 1715724342
.yandex.com/ Name: i
Value: 2B7NmNDlH999vhh9zN6nU5wCe4ob43I8woP3IoI6XjP1Hx6PuE97eMa2BV7c7Cpzl6cuVM7pHMELf7M7WkHGHPKOfTE=
.yandex.com/ Name: yandexuid
Value: 3213950011715724341
.yandex.com/ Name: yashr
Value: 2734100361715724341
mc.yandex.com/ Name: bh
Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI0IiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjQiKgI/MDoHIldpbjMyIg==
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 3536783877fake
.we9s.com/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1263981061fake
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.ru/ Name: yandexuid
Value: 3213950011715724341
.yandex.ru/ Name: yuidss
Value: 3213950011715724341
.yandex.ru/ Name: i
Value: 2B7NmNDlH999vhh9zN6nU5wCe4ob43I8woP3IoI6XjP1Hx6PuE97eMa2BV7c7Cpzl6cuVM7pHMELf7M7WkHGHPKOfTE=
.yandex.ru/ Name: yp
Value: 1715810742.yu.8231877561715724341
.yandex.ru/ Name: ymex
Value: 1718316342.oyu.8231877561715724341
mc.yandex.com/ Name: yabs-sid
Value: 1334256191715724342
.yandex.com/ Name: yuidss
Value: 3213950011715724341
.yandex.com/ Name: ymex
Value: 1747260342.yrts.1715724342
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
.yandex.com/ Name: bh
Value: Ej4iR29vZ2xlIENocm9tZSI7dj0iMTI0IiwiTm90OkEtQnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTI0IhoFIng4NiIiECIxMjQuMC42MzY3LjIwMSIqAj8wOgciV2luMzIiQggiMTAuMC4wIkoEIjY0IlJcIkNocm9taXVtIjt2PSIxMjQuMC42MzY3LjIwMSIsIkdvb2dsZSBDaHJvbWUiO3Y9IjEyNC4wLjYzNjcuMjAxIiwiTm90LUEuQnJhbmQiO3Y9Ijk5LjAuMC4wIiI=
.we9s.com/ Name: _ym_visorc
Value: w

106 Console Messages

Source Level URL
Text
other warning URL: https://thamtusaodo.we9s.com/(Line 44)
Message:
Unrecognized feature: 'web-share'.
deprecation warning URL: https://thamtusaodo.we9s.com/wp-content/cache/minify/a80c4.js(Line 54)
Message:
Listener added for a 'DOMNodeInserted' mutation event. This event type is deprecated, and will be removed from this browser very soon. Usage of this event listener will cause performance issues today, and represents a large risk of future site breakage. Consider using MutationObserver instead. See https://chromestatus.com/feature/5083947249172480 for more information.
network error URL: https://dichvuthamtu.org/wp-content/uploads/2023/11/dich-vu-tham-tu-leaderphan-logo.webp
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript warning URL: https://thamtusaodo.we9s.com/
Message:
The resource https://thamtusaodo.we9s.com/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thamtusaodo.we9s.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dichvuthamtu.org
fonts.googleapis.com
fonts.gstatic.com
images.dmca.com
mc.yandex.com
mc.yandex.ru
region1.analytics.google.com
region1.google-analytics.com
s10.histats.com
s4.histats.com
stats.g.doubleclick.net
thamtusaodo.we9s.com
use.fontawesome.com
www.google.de
www.googletagmanager.com
www.thamtusaodo.we9s.com
dichvuthamtu.org
103.56.160.176
142.250.74.195
149.56.240.132
2001:4860:4802:32::36
2400:52e0:1e00::1081:1
2606:4700:10::6814:1247
2606:4700:3037::ac43:8ef5
2a00:1450:4001:806::2008
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2003
2a00:1450:400c:c02::9c
2a02:6b8::1:119
01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c
0356a879adbde1a1e9e9be91cd9fb569f109d675cc63d7ece2f2a0d36875efc4
0948409a22b5979aa7e1ec20da9e61f12e7d403800b541ece053881bd2542b70
0cdae31c2279a036d643e8124495c346f2f813401815ecdc7b3d4af8d2b2cb05
1434ae66bae9a83cdc19b2caa59704dffcbf1162e2992ec482bd01ade873ae1a
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367
277657ee46ec1e058eca364fa4c69b20f7d1c29077ffddf47420284dd882cec1
27c3ea87d041a4436763386da83594d0a2f709f21996e04319d11cedbf6a68e8
2b85175c21358b9c4e67033cef7ea98ed3f508ded187fd5a627bf9c77c0f74fb
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
47d66016a2c0e332f143203a6d3236ef3be41675d725b0e06bc9f08e0a3d8878
4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9
4fd75701df413a7352e6e6504d7f8fce4cf84be3a8fbdfd959f7e3861ae15421
51bfc5fe59e2243941bf26acd27b83d81af3cdb18fa975b146b767cdff585f9e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57ac39e91ed9abadc4ef158acd78a5b014989a72aaa7fe5b38b954e1bc214f76
59b14896f8706d2b1a227d1f79bce01fed08f600b77409aae1a30ddbafed713f
5d119b503955255614f2d16b1f5b1126eabdc7dbe8a36e060b4c55f839576db3
641770540c6c20be40da3fef17bcea4e0e23020fe3cb449662b09edaa683cd13
72fb8dfa5f5a3e24c42431940443d943e192429803948456f4ff0e54249fcbf2
77767652cd5d52dbd8d0364330a8ca38bf6bf32ab608a7d456b77706800b3996
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
79f69e924fa7fd9cbdefaf712b16935d9c5c0aa46f693b89a0c43fd0291145bc
7bcc62d88156c635dabdcc13209482a4754412e7ac75d21b28f90ab1e325e702
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
815e5395652e03d7051b767baade615d279fe3644bbf8f8bbdc54a8b9573be67
8168c2a965400b51bfc7567d66bb87bbb489ddbd6343c484372250dca8488188
819d7104a4fdf63293e43fd62eadbe7ac4d828a31e5fc29db897d6d8429364c4
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
8b050cc15f86060cebcf2c914d7f3ad827985ad32c8964ee5bc29a84bc16a7e5
95ce3da2196a2fabf977335a92acb1eb06d8e14f389fc3eecb1b02437f9b2461
aaa2326f42507022619917a2abe599d6312c3294846cc66f008baf084dc39ed4
acfc1b38221979c890ef1c0ad652af7d576b164ea63e4071a08d962fe8d69ba0
aefe7faeff41ce763eb19cf5c831a5742441a3d6b1594ebb1a61f3dcdc6a3308
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0a9eec0f411a4c78cfc7fff475ac2934153cbbe7ac18c3c58d4e01d218c8d1f
b39bca2b5b8ca0c0ba70418b7c7dad52a050321bdc94f3327e317c84f37b5533
c0ded025aa80c10d37920521c8de04536a6145d0e42eb4186c57b412fa50eb45
ce9ee05cd1f763f328835a70e634e722c24146ff59ca2c58f9b9d537fc03f2c3
d561fd6fa1a7df461754aa62a85fb969740be2b588c6901cf24ff856393e4a24
da82de9c2b790b345dd0956b1ac2eaa6c2ecd14089c2ded711fac2be91a5d02b
de8db3364fc5691843eee342a468f98b93cf7c0a2e7d03601c3df251b7e0de15
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40921fcff78f47384173addd3ed1c2cec2e9a8484efc0518095a84f88d7c5cb
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
ea782ea6a33449ecbbc0230867cdc5282525fb728760fe3e72a11cd37c3ecc30
ec7d727d17331b8e64b16a73c9218d154ee70e94f6e9cbb3973cd73a649f7102
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fbb5f2ccde427720073f4757673dfc6912f94de36841444083b4da740fef9576
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
fd83e2080854c15f4e93e4d6c394140dcaa529fc8a20698ac090bd1828ea606c
fe63558e8a0aa17c1244153f3a9ee29782d5b796f4225d08d0e2acb6c9976d6d