urlscan.io logo urlscan.io
SecurityTrails logo

www.otofun.net Open in urlscan Pro
210.245.88.132  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.otofun.net/members/travelist100.817050/
Submission: On September 08 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 8 domains to perform 50 HTTP transactions. The main IP is 210.245.88.132, located in Hanoi, Viet Nam and belongs to FPT-AS-AP FPT Telecom Company, VN. The main domain is www.otofun.net. The Cisco Umbrella rank of the primary domain is 272878.
TLS certificate: Issued by RapidSSL RSA CA 2018 on July 3rd 2020. Valid for: 2 years.
This is the only time www.otofun.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

21    210.245.88.132 (Hanoi, Viet Nam)

ASN18403 (FPT-AS-AP FPT Telecom Company, VN)
PTR: svr.otofun.net
www.otofun.net
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
8    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
securepubads.g.doubleclick.net
www.googletagservices.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
4c3990a160358e86a283fa5e454a34d0.safeframe.googlesyndication.com
6    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
21 otofun.net
www.otofun.net — Cisco Umbrella Rank: 272878
732 KB
12 googlesyndication.com
4c3990a160358e86a283fa5e454a34d0.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 174
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
240 KB
8 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226
stats.g.doubleclick.net — Cisco Umbrella Rank: 188
177 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 142
www.google.com — Cisco Umbrella Rank: 19
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
20 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 234
72 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 141
87 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 5202
792 B
50 8
Domain Requested by
21 www.otofun.net www.otofun.net
7 securepubads.g.doubleclick.net www.otofun.net
www.googletagservices.com
securepubads.g.doubleclick.net
6 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagservices.com www.otofun.net
securepubads.g.doubleclick.net
2 www.googletagmanager.com www.otofun.net
1 www.google.com tpc.googlesyndication.com
1 stats.g.doubleclick.net www.google-analytics.com
1 4c3990a160358e86a283fa5e454a34d0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
50 12

This site contains links to these domains. Also see Links.

Domain
otofun.net
news.otofun.net
Subject Issuer Validity Valid
*.otofun.net
RapidSSL RSA CA 2018		 2020-07-03 -
2022-10-02		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.otofun.net/members/travelist100.817050/
Frame ID: 7DB9DC55314C9CEDCF97A010DAB4EDB1
Requests: 37 HTTP requests in this frame

Frame: https://4c3990a160358e86a283fa5e454a34d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F4D7C2DC94E47E9EA393D21F8195661B
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsslYjYHWFmiWmpYVVhnCy9FItTGADaQS_yNWquv0FHX2slFjBpVF74xf0iEKVuhIJgobdox9XU8yaZsoG1zw76oDc6RQg57-88qdqxbn3EMRozjtiT6ptyib8F2OmLVOTRgloQjmyOWN2C7F1-FhoGDTyN0ilnukAWAjJV-KSKdIEHjZEJR07mBqldkn1DC8Q7Ku7GQTgIhFATsT9EfQzgy15EWy6mw0fXnwYJdge_Rte5r7VyzbvJ8a3XbAabE6bRPFfyfkZDwp78_jLVr3jh9aAJrFEHgOsEvGaH8mp1RTLrgGpcZwtPLCj-3OssuVQ&sai=AMfl-YQ1IVtSxU6mUcsAPFByDsIGSV1-SOzIT3hAhz-fm9hhg-3LaiBkdJUET2ToADTOCiNRp7IHnhypK2svtX636qOyeCoJTmxXI4khXa8mtUXHEm74hHmp2ynTB1yFU2GBPQ&sig=Cg0ArKJSzIUDufu_iv1rEAE&uach_m=[UACH]&adurl=
Frame ID: DD31219EBAE5742750CE39FE8150F8CD
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3DF3A7C9F0384552BAE5D0C754C6E913
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 001E3216999D12F2C983B8EEDD1F0D83
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

travelist100 | OTOFUN | CỘNG ĐỒNG OTO XE MÁY VIỆT NAM

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

50
Requests

100 %
HTTPS

83 %
IPv6

8
Domains

12
Subdomains

13
IPs

4
Countries

1330 kB
Transfer

2656 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.otofun.net/members/travelist100.817050/ 		39 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.otofun.net/members/travelist100.817050/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
svr.otofun.net
Software
Apache / PHP/7.2.31
Resource Hash
7e8eff78e174137ee3d9a557048963824df4ebfb74ec813c2ce20b8cf33f61c4
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
private, no-cache, max-age=0
Content-Encoding
gzip
Content-Length
12869
Content-Type
text/html; charset=utf-8
Date
Thu, 08 Sep 2022 13:09:29 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified
Thu, 08 Sep 2022 13:09:29 GMT
Server
Apache
Vary
Accept-Encoding
Via
1.1 varnish
X-Content-Type-Options
nosniff nosniff
X-Frame-Options
SAMEORIGIN
X-Powered-By
PHP/7.2.31
X-Varnish
344327106
X-XSS-Protection
1; mode=block
fa-regular-400.woff2
www.otofun.net/styles/fonts/fa/ 		149 KB
149 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.otofun.net/styles/fonts/fa/fa-regular-400.woff2
Requested by
Host: www.otofun.net
URL: https://www.otofun.net/members/travelist100.817050/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
svr.otofun.net
Software
Apache /
Resource Hash
38447103d6e282c142126bdf4ee1dea6dd48a058268cb07d21cfb198418fb7b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.otofun.net/members/travelist100.817050/
Origin
https://www.otofun.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 13:09:29 GMT
Via
1.1 varnish
X-Content-Type-Options
nosniff
Content-Type
text/plain; charset=UTF-8
Last-Modified
Sat, 11 Jan 2020 15:23:11 GMT
Server
Apache
Age
0
ETag
"4c1cb4-25264-59bded1f395c0"
Transfer-Encoding
chunked
X-Varnish
344327121
Accept-Ranges
bytes
Content-Encoding
gzip
X-XSS-Protection
1; mode=block
fa-solid-900.woff2
www.otofun.net/styles/fonts/fa/ 		120 KB
120 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.otofun.net/styles/fonts/fa/fa-solid-900.woff2
Requested by
Host: www.otofun.net
URL: https://www.otofun.net/members/travelist100.817050/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
svr.otofun.net
Software
Apache /
Resource Hash
5263d44d690e5ded7d0c248b18344429f08998b500616394b9af224c66b1bc10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.otofun.net/members/travelist100.817050/
Origin
https://www.otofun.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 13:09:30 GMT
Via
1.1 varnish
X-Content-Type-Options
nosniff
Content-Type
text/plain; charset=UTF-8
Last-Modified
Sat, 11 Jan 2020 15:23:11 GMT
Server
Apache
Age
0
ETag
"4c1cb6-1e07c-59bded1f395c0"
Transfer-Encoding
chunked
X-Varnish
344327139
Accept-Ranges
bytes
Content-Encoding
gzip
X-XSS-Protection
1; mode=block
fa-brands-400.woff2
www.otofun.net/styles/fonts/fa/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.otofun.net/styles/fonts/fa/fa-brands-400.woff2
Requested by
Host: www.otofun.net
URL: https://www.otofun.net/members/travelist100.817050/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
svr.otofun.net
Software
Apache /
Resource Hash
c7cb54706f944f39979c4f53a9ebb6e4e3b8f839fe526e97bf43255e277a2de6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.otofun.net/members/travelist100.817050/
Origin
https://www.otofun.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 13:09:30 GMT
Via
1.1 varnish
X-Content-Type-Options
nosniff
Content-Type
text/plain; charset=UTF-8
Last-Modified
Sat, 11 Jan 2020 15:23:11 GMT
Server
Apache
Age
0
ETag
"4c1cae-123ac-59bded1f395c0"
Transfer-Encoding
chunked
X-Varnish
344327140
Accept-Ranges
bytes
Content-Encoding
gzip
X-XSS-Protection
1; mode=block
css.php
www.otofun.net/ 		361 KB
77 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.otofun.net/css.php?css=public%3Anormalize.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=6&l=2&d=1662013179&k=cb793c6fc31421153cc106ac10347ad05d71d5b5
Requested by
Host: www.otofun.net
URL: https://www.otofun.net/members/travelist100.817050/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
svr.otofun.net
Software
Apache / PHP/7.2.31
Resource Hash
11299c6b4ed1a86073fa8cf98ceb935d83bd2da0689170d8533d72941faa6d78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/members/travelist100.817050/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 13:09:29 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
0
X-Powered-By
PHP/7.2.31
Content-Length
78384
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 01 Sep 2022 06:19:39 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
X-Varnish
344327130
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Content-Type
text/css; charset=utf-8
Expires
Fri, 08 Sep 2023 13:09:29 GMT
css.php
www.otofun.net/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.otofun.net/css.php?css=public%3Amember.less%2Cpublic%3Anotices.less%2Cpublic%3Asiropu_ads_manager_ad.less%2Cpublic%3Aextra.less&s=6&l=2&d=1662013179&k=e97ded5df9666604147938214e55e86da8b851f1
Requested by
Host: www.otofun.net
URL: https://www.otofun.net/members/travelist100.817050/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
svr.otofun.net
Software
Apache / PHP/7.2.31
Resource Hash
9098a1ed65721be9749772da7c773b7943c6184ac4387f2c0b4cfa42ee8f154f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/members/travelist100.817050/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 13:09:30 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
0
X-Powered-By
PHP/7.2.31
Content-Length
3892
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 01 Sep 2022 06:19:39 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
X-Varnish
344327138
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Content-Type
text/css; charset=utf-8
Expires
Fri, 08 Sep 2023 13:09:30 GMT
preamble.min.js
www.otofun.net/js/xf/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.otofun.net/js/xf/preamble.min.js?_v=edc7b686
Requested by
Host: www.otofun.net
URL: https://www.otofun.net/members/travelist100.817050/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
svr.otofun.net
Software
Apache /
Resource Hash
1bde71f219a0dcdd26f62679238d666897284fe85a7292157cdab78b98488bb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/members/travelist100.817050/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 13:09:30 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sat, 11 Jan 2020 15:23:11 GMT
Server
Apache
Age
0
ETag
"56a5f4-cd0-59bded1f395c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Via
1.1 varnish
Cache-Control
max-age=604800, public
X-Varnish
344327141
Accept-Ranges
bytes
Content-Length
1624
X-XSS-Protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		105 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-33744322-1
Requested by
Host: www.otofun.net
URL: https://www.otofun.net/members/travelist100.817050/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c7a9a74a5f1eedc9bf0a5130abf5834044e480e60076ceca941bd43ba4e09049
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 13:09:30 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41901
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 08 Sep 2022 13:09:30 GMT
gpt.js
www.googletagservices.com/tag/js/ 		83 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.otofun.net
URL: https://www.otofun.net/members/travelist100.817050/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
041cb588d40b81d67a8d055f9b6dfedd08673a7ce038439aee905fcca693128a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 13:09:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28627
x-xss-protection
0
server
sffe
etag
"1327 / 850 of 1000 / last-modified: 1662635110"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 08 Sep 2022 13:09:30 GMT
of.1150.jpg
www.otofun.net/styles/otofun/banner/ 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.otofun.net/styles/otofun/banner/of.1150.jpg
Requested by
Host: www.otofun.net
URL: https://www.otofun.net/members/travelist100.817050/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
svr.otofun.net
Software
Apache /
Resource Hash
c311b1f0674e70c218dab2afbad8d87bec63db6ac7efbed7912b0af1b3c8afef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/members/travelist100.817050/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 13:09:30 GMT
Via
1.1 varnish
X-Content-Type-Options
nosniff
Last-Modified
Tue, 30 Apr 2019 19:04:35 GMT
Server
Apache
Age
0
ETag
"8a03ee-19f49-587c4125d56c0"
Content-Type
image/jpeg
Cache-Control
max-age=604800, public
X-Varnish
344327151
Accept-Ranges
bytes
Content-Length
106313
X-XSS-Protection
1; mode=block
banner.jpg
www.otofun.net/styles/default/ 		223 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.otofun.net/styles/default/banner.jpg
Requested by
Host: www.otofun.net
URL: https://www.otofun.net/members/travelist100.817050/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
svr.otofun.net
Software
Apache /
Resource Hash
3c690adbe99cf2aec9d61f8fafdad3a60fca4816971a38b033a4529344a72fde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/members/travelist100.817050/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 13:09:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Age
0
Vary
Accept-Encoding
X-Varnish
344327162
Via
1.1 varnish
Content-Type
text/html; charset=iso-8859-1
Content-Length
191
X-XSS-Protection
1; mode=block
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.otofun.net
URL: https://www.otofun.net/members/travelist100.817050/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
ea830f47fa84fede8506533a92e3f6efb0c0a44d8ab57271589e3bb3f5c77ede
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 13:09:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28628
x-xss-protection
0
server
sffe
etag
"1327 / 342 of 1000 / last-modified: 1662635189"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 08 Sep 2022 13:09:30 GMT
817050.jpg
www.otofun.net/data/avatars/l/817/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.otofun.net/data/avatars/l/817/817050.jpg?1659671275
Requested by
Host: www.otofun.net
URL: https://www.otofun.net/members/travelist100.817050/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
svr.otofun.net
Software
Apache /
Resource Hash
2ab692ee9bf6e2b92bd527257cff873fd98474f483ed6b6e7045874f9f4da7f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/members/travelist100.817050/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 13:09:30 GMT
Via
1.1 varnish
X-Content-Type-Options
nosniff
Last-Modified
Fri, 05 Aug 2022 03:47:58 GMT
Server
Apache
Age
0
ETag
"b221ee-d1cf-5e57654fe367d"
Content-Type
image/jpeg
Cache-Control
max-age=604800, public
X-Varnish
344327155
Accept-Ranges
bytes
Content-Length
53711
X-XSS-Protection
1; mode=block
s1.png
www.otofun.net/styles/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.otofun.net/styles/img/s1.png
Requested by
Host: www.otofun.net
URL: https://www.otofun.net/members/travelist100.817050/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
svr.otofun.net
Software
Apache /
Resource Hash
73ac4db1759e2cac13b379179bc506011c0cfb63047d75bc1ff8a72bc20306bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/members/travelist100.817050/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 13:09:30 GMT
Via
1.1 varnish
X-Content-Type-Options
nosniff
Last-Modified
Tue, 30 Apr 2019 19:03:55 GMT
Server
Apache
Age
0
ETag
"4c1cba-1ee3-587c40ffafcc0"
Content-Type
image/png
Cache-Control
max-age=604800, public
X-Varnish
344327156
Accept-Ranges
bytes
Content-Length
7907
X-XSS-Protection
1; mode=block
jquery-3.3.1.min.js
www.otofun.net/js/vendor/jquery/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.otofun.net/js/vendor/jquery/jquery-3.3.1.min.js?_v=edc7b686
Requested by
Host: www.otofun.net
URL: https://www.otofun.net/members/travelist100.817050/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
svr.otofun.net
Software
Apache /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/members/travelist100.817050/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 13:09:30 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sat, 11 Jan 2020 15:23:11 GMT
Server
Apache
Age
0
ETag
"56a52d-1538f-59bded1f395c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Via
1.1 varnish
Cache-Control
max-age=604800, public
X-Varnish
344327143
Accept-Ranges
bytes
Content-Length
30307
X-XSS-Protection
1; mode=block
vendor-compiled.js
www.otofun.net/js/vendor/ 		71 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.otofun.net/js/vendor/vendor-compiled.js?_v=edc7b686
Requested by
Host: www.otofun.net
URL: https://www.otofun.net/members/travelist100.817050/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
svr.otofun.net
Software
Apache /
Resource Hash
119706abf6f2628df34cc02ea9b4dad78e7276c36daca18c456aab958b3ad655
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/members/travelist100.817050/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 13:09:30 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sat, 11 Jan 2020 15:23:11 GMT
Server
Apache
Age
0
ETag
"56a4a4-11b76-59bded1f395c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Via
1.1 varnish
Cache-Control
max-age=604800, public
X-Varnish
344327145
Accept-Ranges
bytes
Content-Length
21739
X-XSS-Protection
1; mode=block
core-compiled.js
www.otofun.net/js/xf/ 		250 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.otofun.net/js/xf/core-compiled.js?_v=edc7b686
Requested by
Host: www.otofun.net
URL: https://www.otofun.net/members/travelist100.817050/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
svr.otofun.net
Software
Apache /
Resource Hash
b8219c8fdb7ad7f8ab8783011317523c8dc768188b29ed2c4ae63bf754ea0c3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/members/travelist100.817050/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 13:09:30 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 21 Jul 2020 13:27:22 GMT
Server
Apache
Age
0
ETag
"56a8fc-3e716-5aaf3954a4280"
Vary
Accept-Encoding
Content-Type
text/javascript
Via
1.1 varnish
Cache-Control
max-age=604800, public
X-Varnish
344327144
Accept-Ranges
bytes
Content-Length
65349
X-XSS-Protection
1; mode=block
inline_mod.min.js
www.otofun.net/js/xf/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.otofun.net/js/xf/inline_mod.min.js?_v=edc7b686
Requested by
Host: www.otofun.net
URL: https://www.otofun.net/members/travelist100.817050/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
svr.otofun.net
Software
Apache /
Resource Hash
3a9935a8b51aa99d6b4cdbc7277bd3a1b65632ac0291adcfac9db2d31e040437
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/members/travelist100.817050/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 13:09:30 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sat, 11 Jan 2020 15:23:11 GMT
Server
Apache
Age
0
ETag
"56a5df-19de-59bded1f395c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Via
1.1 varnish
Cache-Control
max-age=604800, public
X-Varnish
344327146
Accept-Ranges
bytes
Content-Length
2370
X-XSS-Protection
1; mode=block
ajax-content.min.js
www.otofun.net/js/extra/ 		686 B
783 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.otofun.net/js/extra/ajax-content.min.js?_v=edc7b686
Requested by
Host: www.otofun.net
URL: https://www.otofun.net/members/travelist100.817050/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
svr.otofun.net
Software
Apache /
Resource Hash
bc3951c1fdf28a28e752e4cd704d287c82077914ce8571c7dddb40d6c46b9e94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/members/travelist100.817050/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 13:09:30 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 13 Jan 2020 14:56:29 GMT
Server
Apache
Age
0
ETag
"4c1b6c-2ae-59c06ae25c140"
Vary
Accept-Encoding
Content-Type
text/javascript
Via
1.1 varnish
Cache-Control
max-age=604800, public
X-Varnish
344327157
Accept-Ranges
bytes
Content-Length
357
X-XSS-Protection
1; mode=block
core.min.js
www.otofun.net/js/siropu/am/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.otofun.net/js/siropu/am/core.min.js?_v=edc7b686
Requested by
Host: www.otofun.net
URL: https://www.otofun.net/members/travelist100.817050/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
svr.otofun.net
Software
Apache /
Resource Hash
060de9b32d61b6641d2ed4b0567a7066a4db9ba181720399872508d1b8307eba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/members/travelist100.817050/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 13:09:30 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sat, 11 Jan 2020 19:05:00 GMT
Server
Apache
Age
0
ETag
"56a497-2124-59be1eb3acf00"
Vary
Accept-Encoding
Content-Type
text/javascript
Via
1.1 varnish
Cache-Control
max-age=604800, public
X-Varnish
344327158
Accept-Ranges
bytes
Content-Length
2723
X-XSS-Protection
1; mode=block
notice.min.js
www.otofun.net/js/xf/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.otofun.net/js/xf/notice.min.js?_v=edc7b686
Requested by
Host: www.otofun.net
URL: https://www.otofun.net/members/travelist100.817050/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
svr.otofun.net
Software
Apache /
Resource Hash
07c6e6a76275666257a3b3f654e9021a3c6f89090a5df2cf5fe5e9cb5709b92a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/members/travelist100.817050/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 13:09:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sat, 11 Jan 2020 15:23:11 GMT
Server
Apache
Age
0
ETag
"56a5eb-101d-59bded1f395c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Via
1.1 varnish
Cache-Control
max-age=604800, public
X-Varnish
344327159
Accept-Ranges
bytes
Content-Length
1759
X-XSS-Protection
1; mode=block
socialLoader.js
www.otofun.net/js/ 		704 B
810 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.otofun.net/js/socialLoader.js?_v=edc7b686
Requested by
Host: www.otofun.net
URL: https://www.otofun.net/members/travelist100.817050/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
svr.otofun.net
Software
Apache /
Resource Hash
082d3253a191f51e8e0264db150fbf99b0b3c8575318242656681a742831a729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/members/travelist100.817050/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 13:09:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sun, 12 Jan 2020 09:04:07 GMT
Server
Apache
Age
0
ETag
"4c1b61-2c0-59beda4250fc0"
Vary
Accept-Encoding
Content-Type
text/javascript
Via
1.1 varnish
Cache-Control
max-age=604800, public
X-Varnish
344327160
Accept-Ranges
bytes
Content-Length
384
X-XSS-Protection
1; mode=block
gtm.js
www.googletagmanager.com/ 		119 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5SJ8TQC
Requested by
Host: www.otofun.net
URL: https://www.otofun.net/members/travelist100.817050/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9e2b6d0959d0b513a42b80e4c00de3154b46bba4f748ca5f2e4a64fa25282cdb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 13:09:30 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46266
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 08 Sep 2022 13:09:30 GMT
bg.png
www.otofun.net/styles/otofun/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.otofun.net/styles/otofun/images/bg.png
Requested by
Host: www.otofun.net
URL: https://www.otofun.net/css.php?css=public%3Anormalize.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=6&l=2&d=1662013179&k=cb793c6fc31421153cc106ac10347ad05d71d5b5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
svr.otofun.net
Software
Apache /
Resource Hash
1aaf6b014a0a6ea80d0221dcdf2f840c764a6f8aefd3935240aed46c3348ee04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/css.php?css=public%3Anormalize.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=6&l=2&d=1662013179&k=cb793c6fc31421153cc106ac10347ad05d71d5b5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 13:09:30 GMT
Via
1.1 varnish
X-Content-Type-Options
nosniff
Last-Modified
Sat, 11 Jan 2020 18:37:48 GMT
Server
Apache
Age
0
ETag
"8a0403-47e-59be189f47700"
Content-Type
image/png
Cache-Control
max-age=604800, public
X-Varnish
344327152
Accept-Ranges
bytes
Content-Length
1150
X-XSS-Protection
1; mode=block
navtab.png
www.otofun.net/styles/default/xenforo/ 		155 B
527 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.otofun.net/styles/default/xenforo/navtab.png
Requested by
Host: www.otofun.net
URL: https://www.otofun.net/css.php?css=public%3Anormalize.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=6&l=2&d=1662013179&k=cb793c6fc31421153cc106ac10347ad05d71d5b5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
svr.otofun.net
Software
Apache /
Resource Hash
de649b00ea18de36cb0ee3aa20484ac9bf0cd198254bb95cd9e93853fa91e16c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/css.php?css=public%3Anormalize.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=6&l=2&d=1662013179&k=cb793c6fc31421153cc106ac10347ad05d71d5b5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 13:09:30 GMT
Via
1.1 varnish
X-Content-Type-Options
nosniff
Last-Modified
Tue, 30 Apr 2019 19:05:18 GMT
Server
Apache
Age
0
ETag
"86125a-9b-587c414ed7780"
Content-Type
image/png
Cache-Control
max-age=604800, public
X-Varnish
344327150
Accept-Ranges
bytes
Content-Length
155
X-XSS-Protection
1; mode=block
pubads_impl_2022090101.js
securepubads.g.doubleclick.net/gpt/ 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
7f8c6a794c3e78fdf5a92ff96d59cb8774cbd648bcc486d92eb31320c3551f16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 11:39:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5418
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131916
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 08:36:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 08 Sep 2023 11:39:12 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		453 B
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.otofun.net
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
85c13fce0927d22f673e52b857a901ceb51572e3200d85b04ab7ced1f8702caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 13:09:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
192
x-xss-protection
0
expires
Thu, 08 Sep 2022 13:09:30 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-33744322-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
450
date
Thu, 08 Sep 2022 13:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 08 Sep 2022 15:02:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.otofun.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 13:09:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.otofun.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 13:09:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		593 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3272467430109301&correlator=114621533643357&output=ldjh&gdfp_req=1&vrg=2022090101&ptt=17&impl=fif&iu_parts=87177199%2CSu_Camp&enc_prev_ius=%2F0%2F1&prev_iu_szs=980x250&ifi=1&adks=895418237&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1662642570691&lmt=1662642569&dlt=1662642569535&idt=1100&adxs=310&adys=87&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.otofun.net%2Fmembers%2Ftravelist100.817050%2F&frm=20&vis=1&psz=1130x250&msz=1130x250&fws=4&ohw=1600&ga_vid=765271192.1662642571&ga_sid=1662642571&ga_hid=996099046&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
f6463f0a8e1a2b05cf412dbd2a77863f63641b9a997f6537bc6d617a36500cc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 13:09:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
328
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.otofun.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3272467430109301&correlator=114621533643357&output=ldjh&gdfp_req=1&vrg=2022090101&ptt=17&impl=fif&iu_parts=87177199%2Cbottom_2017&enc_prev_ius=%2F0%2F1&prev_iu_szs=980x250&ifi=2&adks=290005781&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1662642570700&lmt=1662642569&dlt=1662642569535&idt=1100&adxs=310&adys=767&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.otofun.net%2Fmembers%2Ftravelist100.817050%2F&frm=20&vis=1&psz=1130x250&msz=1130x250&fws=4&ohw=1600&ga_vid=765271192.1662642571&ga_sid=1662642571&ga_hid=996099046&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
c0e1cca5c3e4d35c10f595728898e44aa149a781937f93fcf9891166b2f39fe2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 13:09:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18891
x-xss-protection
0
google-lineitem-id
5782614211
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138362485341
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.otofun.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4c3990a160358e86a283fa5e454a34d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F4D7 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4c3990a160358e86a283fa5e454a34d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.otofun.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 13:09:31 GMT
expires
Fri, 08 Sep 2023 13:09:31 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=996099046&t=pageview&_s=1&dl=https%3A%2F%2Fwww.otofun.net%2Fmembers%2Ftravelist100.817050%2F&ul=en-us&de=UTF-8&dt=travelist100%20%7C%20OTOFUN%20%7C%20C%E1%BB%98NG%20%C4%90%E1%BB%92NG%20OTO%20XE%20M%C3%81Y%20VI%E1%BB%86T%20NAM&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=2086220195&gjid=898067849&cid=765271192.1662642571&tid=UA-33744322-1&_gid=233695454.1662642571&_r=1&gtm=2ou8v0&z=2146977748
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.otofun.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 13:09:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.otofun.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DD31 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsslYjYHWFmiWmpYVVhnCy9FItTGADaQS_yNWquv0FHX2slFjBpVF74xf0iEKVuhIJgobdox9XU8yaZsoG1zw76oDc6RQg57-88qdqxbn3EMRozjtiT6ptyib8F2OmLVOTRgloQjmyOWN2C7F1-FhoGDTyN0ilnukAWAjJV-KSKdIEHjZEJR07mBqldkn1DC8Q7Ku7GQTgIhFATsT9EfQzgy15EWy6mw0fXnwYJdge_Rte5r7VyzbvJ8a3XbAabE6bRPFfyfkZDwp78_jLVr3jh9aAJrFEHgOsEvGaH8mp1RTLrgGpcZwtPLCj-3OssuVQ&sai=AMfl-YQ1IVtSxU6mUcsAPFByDsIGSV1-SOzIT3hAhz-fm9hhg-3LaiBkdJUET2ToADTOCiNRp7IHnhypK2svtX636qOyeCoJTmxXI4khXa8mtUXHEm74hHmp2ynTB1yFU2GBPQ&sig=Cg0ArKJSzIUDufu_iv1rEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.otofun.net
URL: https://www.otofun.net/members/travelist100.817050/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 13:09:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 08 Sep 2022 13:09:30 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/ Frame DD31 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d3f0c278eba7ca4904ef08e954e5d21231a363ddf14d74592de748ec54aa299
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 13:07:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9663
x-xss-protection
0
server
cafe
etag
5256006603266553849
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 13:07:38 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame DD31 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 13:02:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
447
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 13:02:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DD31 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 13:09:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 08 Sep 2022 13:09:30 GMT
5964724949195829054
tpc.googlesyndication.com/simgad/ Frame DD31 		186 KB
187 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5964724949195829054
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
394fd1bfe7ee789516a95ebda05a7d67fae187ec2e2cca5ad44f8411ba776865
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 06:21:10 GMT
x-content-type-options
nosniff
age
197301
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
190588
x-xss-protection
0
last-modified
Wed, 08 Sep 2021 04:11:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 06 Sep 2023 06:21:10 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-33744322-1&cid=765271192.1662642571&jid=2086220195&gjid=898067849&_gid=233695454.1662642571&_u=YAhAAUAAAAAAAC~&z=875809275
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.otofun.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 08 Sep 2022 13:09:31 GMT
content-type
text/plain
access-control-allow-origin
https://www.otofun.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame DD31 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac252e2439a2a9974408aefeede5e1f91ea7d7cabce806e544cfebd298f9f9fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame DD31 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5vziV8q3oFGI6NEjftk1KCVOcNRZogUO4aYCveuqs7VCyOdJF7GNhwJ-fXcEyj7y3jQl_u8X8NtdhdJ4FyWTk4ZCfYB9geanYlg6fmYtuTkUxf6izWUBoXNQ-BrZyYc903_nQyLASr8yDhFD7CE1ZBZshppNSJm0kFSP_OQ_1DUILrwyaR3hwzQyeKz-uBZWa-pwuLbdseZP3Bv1T7eGDaRpKFGHrUBWoMuffj7INEEer_8GULH-d4fUhkeJgckRZp4idTtNEAOfqpxv-zDiO_Vv18l3RRhmvx_Up3bobecnWQchHtZcghmC4V2pOPc5X&sai=AMfl-YS5mD06W7507kocChQD0PKZyb94Df6o0cgzlJQdoaajb9aExKT6gKergJFw7F7cLUV2VCyIZMXNqL9ndmo4O29ORdYNtK0gnBVeJdD1k9hg31uO_3nGqoCPWFI11avxtQ&sig=Cg0ArKJSzGnr5H-70x0rEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 13:09:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 08 Sep 2022 13:09:31 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac2c0c65b03d29b62b2c4888244af82fd515dc753faa857c2356a75757102118
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Sep 2022 13:09:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11223
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 13:09:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 08 Sep 2022 13:09:31 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3DF3 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.otofun.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
734
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 12:57:17 GMT
expires
Fri, 08 Sep 2023 12:57:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 001E 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0589d91968b5550ba4c45ed404c75b7937d6b18471a9250588fe627a96dc4317
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MDiD5Dwr1yBVusoKafbokA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.otofun.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-MDiD5Dwr1yBVusoKafbokA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 13:09:31 GMT
expires
Thu, 08 Sep 2022 13:09:31 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js
pagead2.googlesyndication.com/bg/ Frame 3DF3 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2510ed81c525ffb3948c9e103bc6d56f036e45346a0d4c6e481602c223c74ba5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 09:05:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14642
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15893
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Sep 2023 09:05:29 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 001E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022090101&jk=3272467430109301&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 3DF3 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?2TJikw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 13:09:31 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame DD31 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuX5K4K8zPzd8EbMvWbbaTMV76WKGac-82lzh2r8fRUFDcJGNT3kWguY8NlVDG1e61bBNx6DYMXp7euaM45pP_ikM60TaSqE8I6H3CQQ6Gi-HyfcvNn&sig=Cg0ArKJSzAwOEpHzR4Y2EAE&id=lidar2&mcvt=1000&p=708,310,958,1290&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220907&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=290005781&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662642570799&rpt=328&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 13:09:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022090101&jk=3272467430109301&bg=!ammlaS3NAAZTikH4c4o7ACkAdvg8WpFkdGM9z7-x8pkOJn69-qzoHUjSR0oXFBja0swh1DXg26Z8xgIAAABzUgAAAAJoAQeZAqHBLHHUrhx7PsWQByPzjWKeTkHkh1aoCqMEGNUdBO6-klo3Jb0JYFD9Df4GQFtb_88UlAh-FiCSI2B67K9Pm3iSQ3KReYx6SyygkY6Z8j4cW4RDvME5F-1XFTISHXej7BKmal5c9W-SPSkxjAMJs6Gvx1BabaE6iLfJjQDsLCNy3T5FVH6wtCHSOuj69y4O5FtkTbEuy_RWuYHCf4Ii7h3UmKW8phDbH5kca35jdK2qHm01V-oe16957vlAOh63LAXZ4QYUapOKenEHGBdcErYEQXm9TwhFaMdEyGiy38QTCNxr6LDN76_U6raVRd2neqOz7kTDJeNDvpJwQ3gPpoiBhFNYV_5yP59_-EPnY9zr6k9UFLfpWG24owyw6iRIrnxocPRwY6Wua_wHH-PeFXgjt_0j-FxtltwXEBywHfRvN-cWwyn3lUklgdQJ_KhGMQ-FecZOPv8bhZoRPyB3vr9MYKz594isdfiIhRGpwQDHClqW6I8bXVXtLhC5J_jpcMlvVa6P6wc3o2kTvk3-61Dgb6g27xLX4bjcWtgyummk-swxPi2Llg38c5eurEx4NvOU69aomwGbRcubgWpEGdFJmG-lIIYxM33sdwcis5Pcc2CEQxyDckAbciUienDdXI4U5w3-Du1D7vaqFd4l7fdVhN_ysPm9fiVRiXbOo3U0--nlau7WDHD9sZdXYgmJlytmNFjvp0vw8oUBt25veEuQrvMvkOG0RjN8KgRsVFZhgWdR-pemyhkIGgGYNIhOa_AOoa5GaK91JqX9arAdiR7n1P9mvHkqcBBvGE2UiQ5T8jEAH-jHwPyAI6rVLGFAkxBAuawdYv79-grEZoBUOR1yLT6KpLlN1z3x6Mmp105xycxxJSEJYhndyvckOM0LLXpp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.otofun.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| XF function| gtag object| dataLayer boolean| sockets string| alertSoundFile object| googletag object| Adomik function| randomNotices object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager string| GoogleAnalyticsObject function| ga undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| gaplugins object| gaData function| $ function| jQuery object| Mustache function| Pikaday function| autosize object| $jscomp function| resizeIframe object| GoogleGcLKhOms object| google_image_requests

7 Cookies

Domain/Path Name / Value
www.otofun.net/ Name: xf_csrf
Value: iwjjhS0Yu6UlJCoH
www.otofun.net/ Name: SERVERID
Value: s3
.otofun.net/ Name: _ga
Value: GA1.2.765271192.1662642571
.otofun.net/ Name: _gid
Value: GA1.2.233695454.1662642571
.otofun.net/ Name: _gat_gtag_UA_33744322_1
Value: 1
.otofun.net/ Name: __gads
Value: ID=798a93d6911050e7-2278591617ce00e9:T=1662642570:S=ALNI_MaHtNTc42QtFZlvKlsYs1OHgpgJFw
.doubleclick.net/ Name: IDE
Value: AHWqTUllyTwlxVTQDTGLNjxPOmE0Q8hT3X_bhTmECfNndgsBSUkrrz2MuoKBCvXJMYY

1 Console Messages

Source Level URL
Text
network error URL: https://www.otofun.net/styles/default/banner.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4c3990a160358e86a283fa5e454a34d0.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.otofun.net
142.250.185.194
210.245.88.132
2a00:1450:4001:800::2002
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2004
2a00:1450:4001:827::2008
2a00:1450:400c:c08::9c
041cb588d40b81d67a8d055f9b6dfedd08673a7ce038439aee905fcca693128a
0589d91968b5550ba4c45ed404c75b7937d6b18471a9250588fe627a96dc4317
060de9b32d61b6641d2ed4b0567a7066a4db9ba181720399872508d1b8307eba
07c6e6a76275666257a3b3f654e9021a3c6f89090a5df2cf5fe5e9cb5709b92a
082d3253a191f51e8e0264db150fbf99b0b3c8575318242656681a742831a729
11299c6b4ed1a86073fa8cf98ceb935d83bd2da0689170d8533d72941faa6d78
119706abf6f2628df34cc02ea9b4dad78e7276c36daca18c456aab958b3ad655
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1aaf6b014a0a6ea80d0221dcdf2f840c764a6f8aefd3935240aed46c3348ee04
1bde71f219a0dcdd26f62679238d666897284fe85a7292157cdab78b98488bb8
2510ed81c525ffb3948c9e103bc6d56f036e45346a0d4c6e481602c223c74ba5
2ab692ee9bf6e2b92bd527257cff873fd98474f483ed6b6e7045874f9f4da7f4
38447103d6e282c142126bdf4ee1dea6dd48a058268cb07d21cfb198418fb7b5
394fd1bfe7ee789516a95ebda05a7d67fae187ec2e2cca5ad44f8411ba776865
3a9935a8b51aa99d6b4cdbc7277bd3a1b65632ac0291adcfac9db2d31e040437
3c690adbe99cf2aec9d61f8fafdad3a60fca4816971a38b033a4529344a72fde
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
5263d44d690e5ded7d0c248b18344429f08998b500616394b9af224c66b1bc10
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73ac4db1759e2cac13b379179bc506011c0cfb63047d75bc1ff8a72bc20306bd
7d3f0c278eba7ca4904ef08e954e5d21231a363ddf14d74592de748ec54aa299
7e8eff78e174137ee3d9a557048963824df4ebfb74ec813c2ce20b8cf33f61c4
7f8c6a794c3e78fdf5a92ff96d59cb8774cbd648bcc486d92eb31320c3551f16
85c13fce0927d22f673e52b857a901ceb51572e3200d85b04ab7ced1f8702caa
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
9098a1ed65721be9749772da7c773b7943c6184ac4387f2c0b4cfa42ee8f154f
9e2b6d0959d0b513a42b80e4c00de3154b46bba4f748ca5f2e4a64fa25282cdb
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ac252e2439a2a9974408aefeede5e1f91ea7d7cabce806e544cfebd298f9f9fb
ac2c0c65b03d29b62b2c4888244af82fd515dc753faa857c2356a75757102118
b8219c8fdb7ad7f8ab8783011317523c8dc768188b29ed2c4ae63bf754ea0c3d
bc3951c1fdf28a28e752e4cd704d287c82077914ce8571c7dddb40d6c46b9e94
c0e1cca5c3e4d35c10f595728898e44aa149a781937f93fcf9891166b2f39fe2
c311b1f0674e70c218dab2afbad8d87bec63db6ac7efbed7912b0af1b3c8afef
c7a9a74a5f1eedc9bf0a5130abf5834044e480e60076ceca941bd43ba4e09049
c7cb54706f944f39979c4f53a9ebb6e4e3b8f839fe526e97bf43255e277a2de6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de649b00ea18de36cb0ee3aa20484ac9bf0cd198254bb95cd9e93853fa91e16c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea830f47fa84fede8506533a92e3f6efb0c0a44d8ab57271589e3bb3f5c77ede
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6463f0a8e1a2b05cf412dbd2a77863f63641b9a997f6537bc6d617a36500cc1