nhadat.forum.st Open in urlscan Pro
178.33.44.177 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://nhadat.forum.st/t91829-topic
Submission: On September 15 via manual (September 15th 2019, 2:10:07 pm UTC) from VN

Summary HTTP 138 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 41 IPs in 8 countries across 32 domains to perform 138 HTTP transactions. The main IP is 178.33.44.177, located in France and belongs to OVH, FR. The main domain is nhadat.forum.st.

This is the only time nhadat.forum.st was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	178.33.44.177 178.33.44.177	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
13	2606:4700:e2:... 2606:4700:e2::ac40:8b18	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
3	178.250.0.130 178.250.0.130	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:819::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
14	2606:4700:30:... 2606:4700:30::6812:3907	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a00:1450:400... 2a00:1450:400c:c0b::52	15169 (GOOGLE) (GOOGLE - Google LLC)
2 4	103.74.123.4 103.74.123.4	18403 (FPT-AS-AP...) (FPT-AS-AP The Corporation for Financing & Promoting Technology)
2	2606:4700:10:... 2606:4700:10::6814:18fa	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE - Google LLC)
1 5	2606:4700:30:... 2606:4700:30::6818:797c	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 4	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1 5	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	151.101.14.2 151.101.14.2	54113 (FASTLY) (FASTLY - Fastly)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
20	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
3	2606:4700::68... 2606:4700::6810:a20d	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:81a::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
6	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	2606:4700:30:... 2606:4700:30::681c:1e2	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 3	2.16.186.80 2.16.186.80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
14	216.58.210.2 216.58.210.2	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER - Twitter Inc.)
2	2a00:1450:400... 2a00:1450:4001:825::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
2 8	99.80.15.126 99.80.15.126	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	23.8.3.174 23.8.3.174	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:205... 2600:9000:2057:7000:1f:287:d20a:ce1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	72.251.249.14 72.251.249.14	29791 (VOXEL-DOT...) (VOXEL-DOT-NET - Internap Corporation)
1	69.173.144.141 69.173.144.141	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
2	2600:9000:205... 2600:9000:2057:6e00:5:ae3a:ba00:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2600:9000:205... 2600:9000:2057:e600:5:9a4c:9b00:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	69.173.144.155 69.173.144.155	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	34.249.204.108 34.249.204.108	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
138	41

2 178.33.44.177 (France)

ASN16276 (OVH, FR)

nhadat.forum.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:e2::ac40:8b18 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

illiweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:30::6812:3907 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

i.servimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0b::52 (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)

mudim.googlecode.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.74.123.4 (Viet Nam) 2 redirects

ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN)
PTR: cp123004.bkns.com.vn

www.sonsochu.com.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6814:18fa (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

remitano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:30::6818:797c (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

hitsk.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.210.248.44 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:819::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:a20d (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681c:1e2 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

connect.topicit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.186.80 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-80.deploy.static.akamaitechnologies.com

b.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 216.58.210.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States) 1 redirects

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 99.80.15.126 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-99-80-15-126.eu-west-1.compute.amazonaws.com

api.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.8.3.174 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-8-3-174.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:7000:1f:287:d20a:ce1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET - Internap Corporation, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

optimized-by.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:6e00:5:ae3a:ba00:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:e600:5:9a4c:9b00:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

beacon.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.155 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

beacon-eu2.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.230.142 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.204.108 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-249-204-108.eu-west-1.compute.amazonaws.com

b.a2gw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net	342 KB
14	servimg.com i.servimg.com	193 KB
13	illiweb.com illiweb.com	25 KB
11	viglink.com 2 redirects cdn.viglink.com api.viglink.com	35 KB
11	googletagservices.com www.googletagservices.com	251 KB
8	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	60 KB
6	google.de adservice.google.de www.google.de	983 B
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com Failed	118 KB
5	google-analytics.com 1 redirects www.google-analytics.com	35 KB
5	hitsk.in 1 redirects hitsk.in	8 KB
4	s-onetag.com get.s-onetag.com onetag-geo.s-onetag.com beacon.s-onetag.com	22 KB
4	rubiconproject.com ads.rubiconproject.com optimized-by.rubiconproject.com beacon-eu2.rubiconproject.com eus.rubiconproject.com	10 KB
4	facebook.com staticxx.facebook.com www.facebook.com
4	sonsochu.com.vn 2 redirects www.sonsochu.com.vn	211 B
3	scorecardresearch.com 1 redirects b.scorecardresearch.com	2 KB
3	addthis.com 1 redirects s7.addthis.com	115 KB
3	google.com 1 redirects www.google.com adservice.google.com	905 B
3	criteo.net static.criteo.net	26 KB
3	facebook.net connect.facebook.net	60 KB
2	taboola.com cdn.taboola.com	130 KB
2	remitano.com remitano.com	55 KB
2	googlecode.com mudim.googlecode.com
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	34 KB
2	forum.st nhadat.forum.st	71 KB
1	a2gw.com b.a2gw.com
1	lijit.com ce.lijit.com	532 B
1	addthisedge.com v1.addthisedge.com	373 B
1	topicit.net connect.topicit.net	2 KB
1	gstatic.com www.gstatic.com	92 KB
1	criteo.com bidder.criteo.com	212 B
1	googleadservices.com partner.googleadservices.com	750 B
1	googletagmanager.com www.googletagmanager.com	26 KB
138	32

	Domain	Requested by
14	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net nhadat.forum.st
14	i.servimg.com	nhadat.forum.st
13	illiweb.com	nhadat.forum.st
11	www.googletagservices.com	nhadat.forum.st pagead2.googlesyndication.com securepubads.g.doubleclick.net optimized-by.rubiconproject.com
8	api.viglink.com	2 redirects cdn.viglink.com
7	platform.twitter.com	nhadat.forum.st ajax.googleapis.com platform.twitter.com
5	adservice.google.de	pagead2.googlesyndication.com www.googletagservices.com
5	www.google-analytics.com	1 redirects www.googletagmanager.com nhadat.forum.st
5	hitsk.in	1 redirects nhadat.forum.st
4	www.sonsochu.com.vn	2 redirects nhadat.forum.st
4	pagead2.googlesyndication.com	nhadat.forum.st pagead2.googlesyndication.com
3	b.scorecardresearch.com	1 redirects cdn.taboola.com nhadat.forum.st
3	www.facebook.com	ajax.googleapis.com connect.facebook.net
3	cdn.viglink.com	nhadat.forum.st
3	s7.addthis.com	1 redirects nhadat.forum.st s7.addthis.com
3	static.criteo.net	nhadat.forum.st
3	connect.facebook.net	nhadat.forum.st connect.facebook.net
2	onetag-geo.s-onetag.com	get.s-onetag.com beacon.s-onetag.com
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	cdn.taboola.com	nhadat.forum.st cdn.taboola.com
2	remitano.com	nhadat.forum.st
2	mudim.googlecode.com	nhadat.forum.st
2	www.google.com	1 redirects nhadat.forum.st
2	nhadat.forum.st	nhadat.forum.st
1	b.a2gw.com	securepubads.g.doubleclick.net
1	eus.rubiconproject.com	nhadat.forum.st
1	beacon-eu2.rubiconproject.com	nhadat.forum.st
1	beacon.s-onetag.com	get.s-onetag.com
1	optimized-by.rubiconproject.com	ads.rubiconproject.com
1	ce.lijit.com	nhadat.forum.st
1	get.s-onetag.com	nhadat.forum.st
1	ads.rubiconproject.com	securepubads.g.doubleclick.net
1	syndication.twitter.com	1 redirects
1	v1.addthisedge.com	s7.addthis.com
1	connect.topicit.net	nhadat.forum.st
1	fonts.googleapis.com	ajax.googleapis.com
1	staticxx.facebook.com	connect.facebook.net
1	www.google.de	nhadat.forum.st
1	stats.g.doubleclick.net	1 redirects
1	adservice.google.com	pagead2.googlesyndication.com
1	www.gstatic.com	www.google.com
1	bidder.criteo.com	static.criteo.net
1	partner.googleadservices.com	nhadat.forum.st
1	www.googletagmanager.com	nhadat.forum.st
1	ajax.googleapis.com	nhadat.forum.st
138	46

This site contains links to these domains. Also see Links.

Domain
louiscity.net
www.sonsochu.com.vn
www.ttc-group.vn
remitano.com
members2.boardhost.com
www.goldmarkcity136.vn
duanngoinhamoi.com
www.forumvi.com
help.forumotion.com

Subject Issuer	Validity	Valid
	`1970-01-01` - `1970-01-01`	a few seconds	crt.sh
*.googleapis.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
illiweb.com CloudFlare Inc ECC CA-2	`2018-10-18` - `2019-10-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-08-24` - `2019-10-19`	2 months	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2019-03-26` - `2020-03-30`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
www.google.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
servimg.com CloudFlare Inc ECC CA-2	`2018-10-19` - `2019-10-19`	a year	crt.sh
caodangmientrung.com cPanel, Inc. Certification Authority	`2019-07-24` - `2019-10-22`	3 months	crt.sh
ssl516184.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-24` - `2020-03-01`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
sni165043.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-09-09` - `2020-03-17`	6 months	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2019-06-06` - `2020-09-04`	a year	crt.sh
*.google.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
www.google.de GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2018-11-19` - `2019-11-27`	a year	crt.sh
topicit.net CloudFlare Inc ECC CA-2	`2018-11-06` - `2019-11-06`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
*.s-onetag.com Amazon	`2019-06-25` - `2020-07-25`	a year	crt.sh
*.a2gw.com Amazon	`2018-10-22` - `2019-11-22`	a year	crt.sh

This page contains 19 frames:

Primary Page: http://nhadat.forum.st/t91829-topic
Frame ID: D869318F761DB452CECE703DB03895A5
Requests: 88 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190911/r20190131/zrt_lookup.html
Frame ID: C85CC1E51CD50523054630B65E6537B5
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 90453964DDB5369685241FDD8C0F8935
Requests: 7 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: FAFA91E0A64F541C8DCB87A93E81CA73
Requests: 7 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 112B521A5387143123BE978798749F48
Requests: 7 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: B2B51F1AE9C7795A763604E57708C8D4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1679833670506844&output=html&adk=4230865854&adf=2465371114&lmt=1568556590&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fnhadat.forum.st%2Ft91829-topic&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1568556590380&bpp=4&bdt=262&fdt=155&idt=155&shv=r20190911&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=2848384744667&frm=20&pv=2&ga_vid=1166616448.1568556590&ga_sid=1568556591&ga_hid=779803537&ga_fc=1&iag=0&icsg=562949953593856&dssz=62&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=a!0&fsb=1&dtd=181
Frame ID: 0AAEF36344A347FB08728FBF445D840A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?locale=en_GB&href=http%3A%2F%2Fnhadat.forum.st%2Ft91829-&send=false&layout=standard&width=60&show_faces=false&action=like&colorscheme=light&font&height=60
Frame ID: 32F534E03898A60653315AA4793D96E6
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=350870611723837&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df1138d8025731f4%26domain%3Dnhadat.forum.st%26origin%3Dhttp%253A%252F%252Fnhadat.forum.st%252Ff1124e0f6cffb3c%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fnhadat.forum.st%2Ft91829-topic&layout=button_count&locale=vi_VN&sdk=joey&share=false&show_faces=false
Frame ID: 14A46579720D08A4873115F72F79CE1D
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d9084ca5af1ffbe01c8d444cfadfa6fe.html?origin=http%3A%2F%2Fnhadat.forum.st
Frame ID: 30212EAEF77C450C65FFD811ED395374
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.d9084ca5af1ffbe01c8d444cfadfa6fe.vi.html
Frame ID: 945CFDEC4AE2DBAA81BE550065DF91B4
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.d9084ca5af1ffbe01c8d444cfadfa6fe.vi.html
Frame ID: 6B03ACBC24E796BB338792CB499B0FF6
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 8D57895F2BFE1E6EA9CEA44F55E7DCD7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1
Frame ID: E3FBFB5AE2F2BD8C45855139712627C3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1
Frame ID: 2A8A38C6708A6E11E637D5EBB397B012
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-r2exEWfd9FPlAbN5uCQmj5rurks4D6PYqXKRQzABkvDqYgKXLXBTHslURtI_S7Ds2lZrrDAAVdofuUxaJA_MAEvzthOFTuZj9R3cSJAA1pVHdb-49-ORe7BIz1tLe9Qnc1pKLBBQ3C3Lg1DsuJieMpj-hODGlYnlQh3_bbzRnrVeMAMY4sRljXxat9osW-cJr6kkY_Y87mdLSH-TPpiLj-XRWtrHCgrVo-unz6phBpOp-MwIEy2zeZmtV0DicEI&sig=Cg0ArKJSzJ-184mNlMVaEAE&urlfix=1&adurl=
Frame ID: 18A7871148BDD3A4EB7F02305B15AFA7
Requests: 14 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=uk
Frame ID: 1411086A0AE4AB917A62EA60E032E908
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBPv49Ezpjpt2657G00Ikw7YATCUc926HmhBT-J8DTKKu0leBXnkSbVnjjOZS_VsTBOGtF4DFYtKKC6syaoai6QjLfO98X81TNsFDLQOcPSWN1y9vS_sv_cWZhBZ16Pt0wGJCt4q26wMSG_2sje4nl6T-3mJXliY6m-SZGL58nw3Qan8smYacWdFxu77IphI_KmQCGmNA13mPRUxYqiks5TXW6nM3q4PRFRtE5almJmOS0QbcJJI_K3PzWQ2TfwodakBCAnv9bzTplL0Pg&sig=Cg0ArKJSzKO2xcayG7gQEAE&urlfix=1&adurl=
Frame ID: D9B89FA52CBF7FE0E59DF5D5F322D37A
Requests: 4 HTTP requests in this frame

Frame: https://b.a2gw.com/banner?dfp=21773487228&cw=728&ch=90&_cb=609200477
Frame ID: F6FCAF4E3D52AD1141F6AFCA92CD38E0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

VigLink (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:^[^\/]*\/\/[^\/]*viglink\.com\/api\/|vglnk\.js)/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

138
Requests

75 %
HTTPS

60 %
IPv6

32
Domains

46
Subdomains

41
IPs

8
Countries

1710 kB
Transfer

4459 kB
Size

19
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: http://louiscity.net/

Search URL Search Domain Scan URL

URL: https://www.sonsochu.com.vn/

Search URL Search Domain Scan URL

URL: http://www.ttc-group.vn/trang-tuyen-dung#nhan-vien-kinh-doanh

Search URL Search Domain Scan URL

URL: https://remitano.com/vn?ref=dnn2018

Search URL Search Domain Scan URL

URL: http://members2.boardhost.com/PurgatoryPub/msg/1555333700.html
Title: http://members2.boardhost.com/PurgatoryPub/msg/1555333700.html

Search URL Search Domain Scan URL

URL: http://www.goldmarkcity136.vn/

Search URL Search Domain Scan URL

URL: http://duanngoinhamoi.com/
Title: ngôi nhà mới

Search URL Search Domain Scan URL

URL: https://www.sonsochu.com.vn/dang-ky-mo-dai-ly-phan-phoi-son-sochu-nano-nhat-ban
Title: tìm đại lý phân phối sơn

Search URL Search Domain Scan URL

URL: http://www.forumvi.com/
Title: Free forum

Search URL Search Domain Scan URL

URL: https://www.forumvi.com/phpbb
Title: phpBB

Search URL Search Domain Scan URL

URL: https://help.forumotion.com/
Title: Free forum support

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://www.sonsochu.com.vn/wp-content/uploads/2017/11/banner1.png HTTP 302
https://www.sonsochu.com.vn/cgi-sys/suspendedpage.cgi

Request Chain 32

http://s7.addthis.com/js/300/addthis_widget.js HTTP 308
https://s7.addthis.com/js/300/addthis_widget.js

Request Chain 36

https://www.sonsochu.com.vn/wp-content/uploads/2017/11/banners-2.png HTTP 302
https://www.sonsochu.com.vn/cgi-sys/suspendedpage.cgi

Request Chain 44

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 53

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=779803537&t=pageview&_s=1&dl=http%3A%2F%2Fnhadat.forum.st%2Ft91829-topic&ul=en-us&de=UTF-8&dt=B%C3%A1n%20%C4%91%E1%BA%A5t%20h%E1%BB%93%20tr%C3%A0m%20xuy%C3%AAn%20m%E1%BB%99c&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1260216464&gjid=318966253&cid=1166616448.1568556590&tid=UA-144347007-1&_gid=589297989.1568556590&_r=1&gtm=2ou941&z=1322580766 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-144347007-1&cid=1166616448.1568556590&jid=1260216464&_gid=589297989.1568556590&gjid=318966253&_v=j79&z=1322580766 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144347007-1&cid=1166616448.1568556590&jid=1260216464&_v=j79&z=1322580766 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144347007-1&cid=1166616448.1568556590&jid=1260216464&_v=j79&z=1322580766&slf_rd=1&random=1045773227

Request Chain 60

http://hitsk.in/t/12/15/30/i_icon_online.gif HTTP 302
https://hitsk.in/t/12/15/30/i_icon_online.gif

Request Chain 65

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=148640031&utmhn=nhadat.forum.st&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=B%C3%A1n%20%C4%91%E1%BA%A5t%20h%E1%BB%93%20tr%C3%A0m%20xuy%C3%AAn%20m%E1%BB%99c&utmhid=779803537&utmr=-&utmp=%2Ft91829-topic&utmht=1568556590524&utmac=UA-26327096-1&utmcc=__utma%3D258443733.1166616448.1568556590.1568556591.1568556591.1%3B%2B__utmz%3D258443733.1568556591.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1629915341&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=148640031&utmhn=nhadat.forum.st&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=B%C3%A1n%20%C4%91%E1%BA%A5t%20h%E1%BB%93%20tr%C3%A0m%20xuy%C3%AAn%20m%E1%BB%99c&utmhid=779803537&utmr=-&utmp=%2Ft91829-topic&utmht=1568556590524&utmac=UA-26327096-1&utmcc=__utma%3D258443733.1166616448.1568556590.1568556591.1568556591.1%3B%2B__utmz%3D258443733.1568556591.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1629915341&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~

Request Chain 66

http://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1048753070&utmhn=nhadat.forum.st&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=B%C3%A1n%20%C4%91%E1%BA%A5t%20h%E1%BB%93%20tr%C3%A0m%20xuy%C3%AAn%20m%E1%BB%99c&utmhid=779803537&utmr=-&utmp=%2Ft91829-topic&utmht=1568556590527&utmac=UA-26327096-1&utmcc=__utma%3D258443733.1166616448.1568556590.1568556591.1568556591.1%3B%2B__utmz%3D258443733.1568556591.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qAAAAAAAAAAAAAAAQAABAAAE~ HTTP 307
https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1048753070&utmhn=nhadat.forum.st&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=B%C3%A1n%20%C4%91%E1%BA%A5t%20h%E1%BB%93%20tr%C3%A0m%20xuy%C3%AAn%20m%E1%BB%99c&utmhid=779803537&utmr=-&utmp=%2Ft91829-topic&utmht=1568556590527&utmac=UA-26327096-1&utmcc=__utma%3D258443733.1166616448.1568556590.1568556591.1568556591.1%3B%2B__utmz%3D258443733.1568556591.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qAAAAAAAAAAAAAAAQAABAAAE~

Request Chain 101

http://b.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1568556590921&ns_c=UTF-8&cv=3.1&c8=B%C3%A1n%20%C4%91%E1%BA%A5t%20h%E1%BB%93%20tr%C3%A0m%20xuy%C3%AAn%20m%E1%BB%99c&c7=http%3A%2F%2Fnhadat.forum.st%2Ft91829-topic&c9= HTTP 302
http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1568556590921&ns_c=UTF-8&cv=3.1&c8=B%C3%A1n%20%C4%91%E1%BA%A5t%20h%E1%BB%93%20tr%C3%A0m%20xuy%C3%AAn%20m%E1%BB%99c&c7=http%3A%2F%2Fnhadat.forum.st%2Ft91829-topic&c9=

Request Chain 102

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 112

http://api.viglink.com/api/sync.js?key=9019de09e2fbd24ca1be00a9fededd9e HTTP 302
http://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js

Request Chain 113

http://api.viglink.com/api/sync.gif?key=9019de09e2fbd24ca1be00a9fededd9e HTTP 302
http://ce.lijit.com/merge?pid=8008&3pid=ebd87084024bb024650118f1dfa8af3e

138 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request t91829-topic Show response
nhadat.forum.st/ 66 KB
16 KB 214ms
192ms Document
text/html 178.33.44.177
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://nhadat.forum.st/t91829-topic

Protocol

HTTP/1.1

Server

178.33.44.177 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

2e8d6d0258b64b012f29f3c024e13342b70b49e5690640ef311d1b79efe1b4c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0; mode=block

Request headers

Host: nhadat.forum.st
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 15 Sep 2019 14:09:50 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache
Pragma: no-cache
Expires: Sun, 15 Sep 2019 00:00:00 GMT
Last-Modified: Sun, 15 Sep 2019 14:09:50 GMT
Vary: User-Agent
X-Content-Type-Options: nosniff
X-XSS-Protection: 0; mode=block
Access-Control-Allow-Origin: *
X-Cache-NE: MISS
Content-Encoding: gzip

GET
H/1.1 200
OK 0-ltr.css
nhadat.forum.st/ 151 KB
55 KB 123ms
100ms Stylesheet
text/css 178.33.44.177
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://nhadat.forum.st/0-ltr.css

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

HTTP/1.1

Security

, ,

Server

178.33.44.177 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

49634ba201ae609a6a5935ce7c0a3c64b8515f5b8f7fafcf7ba9c0475f7a8a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 15 Sep 2019 14:09:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sun, 15 Sep 2019 00:00:00 GMT
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
X-Cache-NE: EXPIRED
Content-Length: 55843
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 93 KB
33 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:806::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 26 Aug 2019 12:09:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1735216
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 33845
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Aug 2020 12:09:34 GMT

GET
H2 200 vi.js Show response
illiweb.com/rs3/51/frm/lang/ 70 KB
16 KB 39ms
17ms Script
application/x-javascript 2606:4700:e2::ac40:8b18
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/51/frm/lang/vi.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4542c5ce6094ffbc5d0f25ce86fa947d99391476498220916fe8823125b27fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 346109
cf-polished: origSize=71234
status: 200
x-xss-protection: 1; mode=block
x-cache-ne: EXPIRED
last-modified: Mon, 09 Sep 2019 08:07:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
expires: Mon, 14 Sep 2020 14:09:50 GMT
cache-control: public, max-age=31536000
x-cache-pr: EXPIRED
cf-ray: 516b2e406ec3c2db-FRA
cf-bgj: minify

GET
H2 200 all.js Show response
connect.facebook.net/vi_VN/ 3 KB
2 KB 20ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/all.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

f8a7191079805b6be389342e5eb467379c3d47776b59d0d24c684b7fb82c4518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 9p22evp3A7NBIwnrvurdyg==
status: 200
content-length: 1780
x-ua-compatible: IE=edge
x-fb-debug: DUxHr2jdbrK6cke/4X+eh6hk96KyOEm9DwYoCJtZJjA+w2J6fL5VtZD5qj0ljDBEXZVoyktiwhfZmDL/OIxW5A==
x-fb-trip-id: 420120009
x-fb-content-md5: 85a328286c1716da4a1bea81c25858dd
x-frame-options: DENY
etag: "930417808f239b1017dc73d8baeac001"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 15 Sep 2019 14:17:47 GMT

GET
H2 200 fb_login.js Show response
illiweb.com/rs3/51/frm/ograph/ 2 KB
730 B 41ms
19ms Script
application/x-javascript 2606:4700:e2::ac40:8b18
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/51/frm/ograph/fb_login.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a25ffd0157934358e43303fb3d068256095cf6bc686fc8b1c72b39fe222e73d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 346381
status: 200
cf-bgj: minify
x-xss-protection: 1; mode=block
x-cache-ne: MISS
last-modified: Tue, 27 Aug 2019 14:00:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-cache-pr: MISS
cf-ray: 516b2e406ec5c2db-FRA
expires: Mon, 14 Sep 2020 14:09:50 GMT

GET
H2 200 ticker.css
illiweb.com/rs3/51/frm/jquery/ticker/ 388 B
618 B 33ms
11ms Stylesheet
text/css 2606:4700:e2::ac40:8b18
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/51/frm/jquery/ticker/ticker.css

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0915a998c8a41f69e82331eca861ccb6635aac2eeb5639348f370e6e189c663c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 346382
cf-polished: origSize=390
status: 200
x-xss-protection: 1; mode=block
x-cache-ne: MISS
last-modified: Tue, 27 Aug 2019 14:00:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
expires: Mon, 14 Sep 2020 14:09:50 GMT
cache-control: public, max-age=31536000
x-cache-pr: MISS
cf-ray: 516b2e406ec0c2db-FRA
cf-bgj: minify

GET
H2 200 ticker.js Show response
illiweb.com/rs3/51/frm/jquery/ticker/ 7 KB
1 KB 36ms
15ms Script
application/x-javascript 2606:4700:e2::ac40:8b18
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/51/frm/jquery/ticker/ticker.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3682a82a1dd6c67a32cb888e738e45bba2b1aace5ce26a4479cd18a007841399

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 346374
cf-polished: origSize=8803
status: 200
x-xss-protection: 1; mode=block
x-cache-ne: HIT
last-modified: Tue, 27 Aug 2019 14:00:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
expires: Mon, 14 Sep 2020 14:09:50 GMT
cache-control: public, max-age=31536000
x-cache-pr: HIT
cf-ray: 516b2e406ec6c2db-FRA
cf-bgj: minify

GET
H/1.1 200
OK publishertag.js Show response
static.criteo.net/js/ld/ 82 KB
25 KB 114ms
52ms Script
text/javascript 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 6f965e91fcd9010bc9f4d1225479b4996cecf25c4bff92f99df371bf159379f3

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
content-encoding: gzip
last-modified: Wed, 24 Jul 2019 22:21:06 GMT
server: nginx
etag: W/"5d38d9d2-14765"
transfer-encoding: chunked
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Mon, 16 Sep 2019 14:09:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 69 KB
26 KB 16ms
14ms Script
application/javascript 2a00:1450:4001:819::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-144347007-1

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2d8b76ce721e4684e231dce5ac0c227a4220a2c054c94613924835750824b544

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
content-encoding: br
last-modified: Sun, 15 Sep 2019 12:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 26911
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:09:50 GMT

GET
H2 200 jquery.cookie.js Show response
illiweb.com/rs3/51/frm/jquery/cookie/ 1011 B
512 B 34ms
13ms Script
application/x-javascript 2606:4700:e2::ac40:8b18
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/51/frm/jquery/cookie/jquery.cookie.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 346382
status: 200
cf-bgj: minify
x-xss-protection: 1; mode=block
x-cache-ne: MISS
last-modified: Tue, 27 Aug 2019 14:00:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-cache-pr: MISS
cf-ray: 516b2e406ec7c2db-FRA
expires: Mon, 14 Sep 2020 14:09:50 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 762 B
541 B 18ms
17ms Script
text/javascript 2a00:1450:4001:81c::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

c2be71422735c4c62ae840477bd44581ba2006ae2ed94b381a3d25fb60300ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 448
x-xss-protection: 1; mode=block
expires: Sun, 15 Sep 2019 14:09:50 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 96 KB
35 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

2ea955cabe710b582d2dab5a5659f00c789af91e5a1fb8a1678e5cc69c82f107

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Sun, 15 Sep 2019 14:09:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 13665209909426514778
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 35377
X-XSS-Protection: 0
Expires: Sun, 15 Sep 2019 14:09:50 GMT

GET
H2 200 okok0110.gif
i.servimg.com/u/f49/16/89/24/22/ 62 KB
62 KB 50ms
19ms Image
image/gif 2606:4700:30::6812:3907
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f49/16/89/24/22/okok0110.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3907 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b55324a12c6a457bef25d9b69a12e32c82fcc4e4de60f327497a68e79faad754

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32
status: 200
content-length: 62979
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Nov 2014 12:23:45 GMT
server: cloudflare
etag: "5458c551-f603"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b2e407f158cbc-VIE
expires: Mon, 14 Sep 2020 14:09:50 GMT

GET
H/1.1 404
Not Found mudim-0.8-r126.js
mudim.googlecode.com/files/ 0
0 28ms
14ms Script
text/html 2a00:1450:400c:c0b::52
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://mudim.googlecode.com/files/mudim-0.8-r126.js
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic
Protocol: HTTP/1.1
Security: , ,
Server: 2a00:1450:400c:c0b::52 Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 empty.gif
illiweb.com/fa/ 42 B
161 B 14ms
13ms Image
image/gif 2606:4700:e2::ac40:8b18
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/empty.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 17933251
status: 200
content-length: 42
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-2a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b2e417abac2db-FRA
expires: Mon, 14 Sep 2020 14:09:50 GMT

GET
H2 200 tranh_10.png
i.servimg.com/u/f49/16/89/24/22/ 817 B
927 B 19ms
18ms Image
image/png 2606:4700:30::6812:3907
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f49/16/89/24/22/tranh_10.png

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3907 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c989150dada9ab8cd2b204788e7f30ea067372f849833b9ead2938a096db9eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32
status: 200
content-length: 817
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Nov 2014 12:23:44 GMT
server: cloudflare
etag: "5458c550-331"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b2e41afca8cbc-VIE
expires: Mon, 14 Sep 2020 14:09:50 GMT

GET
H2 200 dien_d13.png
i.servimg.com/u/f49/16/89/24/22/ 811 B
889 B 19ms
18ms Image
image/png 2606:4700:30::6812:3907
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f49/16/89/24/22/dien_d13.png

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3907 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4b1ec13fc84d5296e1b1332ebff97d5e783238341bfc5adcec2e3d1631d7b09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32
status: 200
content-length: 811
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Nov 2014 12:23:44 GMT
server: cloudflare
etag: "5458c550-32b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b2e41dfe68cbc-VIE
expires: Mon, 14 Sep 2020 14:09:50 GMT

GET
H2 200 tro_gi13.png
i.servimg.com/u/f49/16/89/24/22/ 750 B
828 B 21ms
17ms Image
image/png 2606:4700:30::6812:3907
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f49/16/89/24/22/tro_gi13.png

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3907 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1bd7d449c312e3f1395dade6040e69514b646a495051dbd87f6cff386239eec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32
status: 200
content-length: 750
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Nov 2014 12:23:44 GMT
server: cloudflare
etag: "5458c550-2ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b2e41dfe98cbc-VIE
expires: Mon, 14 Sep 2020 14:09:50 GMT

GET
H2 200 tim_ki13.png
i.servimg.com/u/f49/16/89/24/22/ 685 B
763 B 32ms
28ms Image
image/png 2606:4700:30::6812:3907
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f49/16/89/24/22/tim_ki13.png

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3907 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec4fb05ff94d7a46463cf9920e089852f81ad10bdfd03b4f3741c88602ee00b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32
status: 200
content-length: 685
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Nov 2014 12:23:44 GMT
server: cloudflare
etag: "5458c550-2ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b2e41dfea8cbc-VIE
expires: Mon, 14 Sep 2020 14:09:50 GMT

GET
H2 200 thanh_13.png
i.servimg.com/u/f49/16/89/24/22/ 789 B
868 B 19ms
15ms Image
image/png 2606:4700:30::6812:3907
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f49/16/89/24/22/thanh_13.png

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3907 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a525e9410427b0509fe2214292dcf2f342dbaaaafe41a3eb33e3b6a28688f7f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32
status: 200
content-length: 789
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Nov 2014 12:23:44 GMT
server: cloudflare
etag: "5458c550-315"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b2e41dfec8cbc-VIE
expires: Mon, 14 Sep 2020 14:09:50 GMT

GET
H2 200 dang_k13.png
i.servimg.com/u/f49/16/89/24/22/ 860 B
939 B 22ms
18ms Image
image/png 2606:4700:30::6812:3907
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f49/16/89/24/22/dang_k13.png

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3907 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a2ac2019375eb1e51e20fdd63a65eb9c94964a8da0633fe76718d6d0c7decff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32
status: 200
content-length: 860
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Nov 2014 12:23:45 GMT
server: cloudflare
etag: "5458c551-35c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b2e41dfed8cbc-VIE
expires: Mon, 14 Sep 2020 14:09:50 GMT

GET
H2 200 dang_n13.png
i.servimg.com/u/f49/16/89/24/22/ 861 B
940 B 19ms
15ms Image
image/png 2606:4700:30::6812:3907
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f49/16/89/24/22/dang_n13.png

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3907 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ef7a93fa3f7be107e4de1d65b50da318841b0f08bdeafff4a62277f17e7c6cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32
status: 200
content-length: 861
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Nov 2014 12:23:45 GMT
server: cloudflare
etag: "5458c551-35d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b2e41dfee8cbc-VIE
expires: Mon, 14 Sep 2020 14:09:50 GMT

GET
H2

200

suspendedpage.cgi
www.sonsochu.com.vn/cgi-sys/
Redirect Chain

https://www.sonsochu.com.vn/wp-content/uploads/2017/11/banner1.png
https://www.sonsochu.com.vn/cgi-sys/suspendedpage.cgi

0
0

424ms
424ms

Image
text/html

103.74.123.4
FPT-AS-AP The Cor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sonsochu.com.vn/cgi-sys/suspendedpage.cgi
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.74.123.4 , Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS: cp123004.bkns.com.vn
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date: Sun, 15 Sep 2019 14:09:50 GMT
server: LiteSpeed
status: 302
content-type: text/html
location: https://www.sonsochu.com.vn/cgi-sys/suspendedpage.cgi
cache-control: no-cache, no-store, must-revalidate, max-age=0
alt-svc: quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length: 681

GET
H2 200 louis-10.gif
i.servimg.com/u/f11/16/90/56/73/ 18 KB
18 KB 21ms
17ms Image
image/gif 2606:4700:30::6812:3907
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f11/16/90/56/73/louis-10.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3907 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c78642b1b256f276db999a53f10c1c638abc3d01f31aadd48894c18d4bc215f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32
status: 200
content-length: 18171
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Aug 2017 10:41:03 GMT
server: cloudflare
etag: "598843bf-46fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b2e41dfef8cbc-VIE
expires: Mon, 14 Sep 2020 14:09:50 GMT

GET
H2 200 21010110.gif
i.servimg.com/u/f11/16/90/56/73/ 18 KB
18 KB 20ms
16ms Image
image/gif 2606:4700:30::6812:3907
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f11/16/90/56/73/21010110.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3907 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b41fda21beefc30d61f983ea8764572e82499e3bd7ccf1d25ee0701b3acb79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32
status: 200
content-length: 18386
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Sep 2017 02:53:31 GMT
server: cloudflare
etag: "59b0b4ab-47d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b2e41dff08cbc-VIE
expires: Mon, 14 Sep 2020 14:09:50 GMT

GET
H2 200 remi970x90.png
remitano.com/banners/vn/ 29 KB
29 KB 568ms
533ms Image
image/png 2606:4700:10::6814:18fa
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://remitano.com/banners/vn/remi970x90.png
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:18fa , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c2ce2107c4196e933dd1cb15b07adb3e8245a9e6b96066562c49033aacd239f0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
cf-cache-status: MISS
last-modified: Fri, 13 Sep 2019 11:50:29 GMT
server: cloudflare
x-powered-by: Express
etag: W/"7416-16d2a75d788"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 516b2e421defcbb0-VIE
content-length: 29718
expires: Sun, 15 Sep 2019 18:09:50 GMT

GET
H2 200 google_service.js Show response
partner.googleadservices.com/gampad/ 1 KB
750 B 116ms
35ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/google_service.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

27860bbd92fc2f77d8f4c4b0c01ab7649cc8002ad183240e7289338d217b0566

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 13:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3428
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 373
x-xss-protection: 0
server: cafe
etag: 953604975598805376
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 15 Sep 2019 14:12:42 GMT

GET
H2 200 i_down_arrow.gif
hitsk.in/t/12/15/30/ 357 B
798 B 69ms
18ms Image
image/gif 2606:4700:30::6818:797c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hitsk.in/t/12/15/30/i_down_arrow.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6818:797c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e70a5676138000a3c1c75120e9e961af1a97d62e28a5d02ce512fc54bd7b2380

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32
status: 200
content-length: 357
x-xss-protection: 1; mode=block
last-modified: Thu, 14 Aug 2008 14:51:53 GMT
server: cloudflare
etag: "48a44689-165"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b2e42284e59b2-VIE
expires: Mon, 14 Sep 2020 14:09:50 GMT

GET
H2 200 i_icon_minipost.gif
hitsk.in/t/11/16/45/ 790 B
892 B 70ms
20ms Image
image/gif 2606:4700:30::6818:797c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hitsk.in/t/11/16/45/i_icon_minipost.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6818:797c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

facb3e5741e7c0bdef290f3b75a5b221b30908330d428630e4bea4e1e7555ffa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32
status: 200
content-length: 790
x-xss-protection: 1; mode=block
last-modified: Wed, 27 Oct 2010 15:00:26 GMT
server: cloudflare
etag: "4cc83e8a-316"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b2e42284f59b2-VIE
expires: Mon, 14 Sep 2020 14:09:50 GMT

GET
H2 200 newmem10.jpg
i.servimg.com/u/f73/12/53/31/94/ 1 KB
1 KB 25ms
21ms Image
image/jpeg 2606:4700:30::6812:3907
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f73/12/53/31/94/newmem10.jpg

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3907 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c662377c5cb31fe72c72e0162b44a2cbf811720aab0a80d8cfc30aac9a1376e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32
status: 200
content-length: 1369
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Dec 2008 04:41:08 GMT
server: cloudflare
etag: "4934bc64-559"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b2e41dff18cbc-VIE
expires: Mon, 14 Sep 2020 14:09:50 GMT

GET
H2 200 icon_user_profile_en.gif
illiweb.com/fa/subsilver3/ 659 B
768 B 15ms
12ms Image
image/gif 2606:4700:e2::ac40:8b18
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/subsilver3/icon_user_profile_en.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

21fdee7b0b8fe6e50ae8757d088eec9d41f83e2e6b1fafd73dea3deb5452c81e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19029752
status: 200
content-length: 659
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:02:05 GMT
server: cloudflare
etag: "5739a8ad-293"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b2e41dc05c2db-FRA
expires: Mon, 14 Sep 2020 14:09:50 GMT

GET
H2 200 i_up_arrow.gif
hitsk.in/t/12/15/30/ 356 B
436 B 69ms
19ms Image
image/gif 2606:4700:30::6818:797c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hitsk.in/t/12/15/30/i_up_arrow.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6818:797c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8aee7e72f173d63fbd15c24521847ab7d25f3a570d1bc132d5be26653bcedd8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32
status: 200
content-length: 356
x-xss-protection: 1; mode=block
last-modified: Thu, 14 Aug 2008 14:51:53 GMT
server: cloudflare
etag: "48a44689-164"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b2e42285059b2-VIE
expires: Mon, 14 Sep 2020 14:09:50 GMT

GET
H2

200

addthis_widget.js Show response
s7.addthis.com/js/300/
Redirect Chain

http://s7.addthis.com/js/300/addthis_widget.js
https://s7.addthis.com/js/300/addthis_widget.js

349 KB
113 KB

118ms
39ms

Script
application/javascript

23.210.248.44
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

bf39734c6b0b0aa2a63217dc803eaba3d79520d3bdd30c4018ee10a181b2b2fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 11 Sep 2019 20:38:55 GMT
server: nginx/1.15.8
etag: "5d795b5f-5755d"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
cache-control: public, max-age=600
date: Sun, 15 Sep 2019 14:09:50 GMT
x-host: s7.addthis.com
content-length: 115051

Redirect headers

Date: Sun, 15 Sep 2019 14:09:50 GMT
Server: nginx/1.15.8
X-Distribution: 99
Content-Type: text/html
Location: https://s7.addthis.com/js/300/addthis_widget.js
X-Host: s7.addthis.com
Connection: keep-alive
Content-Length: 171

GET
H2 200 icon_mini_search.gif
illiweb.com/fa/ 238 B
322 B 16ms
13ms Image
image/gif 2606:4700:e2::ac40:8b18
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/icon_mini_search.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

605183a8594eb65a3db95a7735ad7adac28b7b9814a70334837fe630bdd8d5f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 17892095
status: 200
content-length: 238
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b2e41dc07c2db-FRA
expires: Mon, 14 Sep 2020 14:09:50 GMT

GET
H2 200 dien_d10.gif
i.servimg.com/u/f49/16/89/24/22/ 21 KB
21 KB 30ms
27ms Image
image/gif 2606:4700:30::6812:3907
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f49/16/89/24/22/dien_d10.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3907 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

79da493095f8897605de282590eb6f2746fe9a72a0d4c2a499b048565a04ede6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32
status: 200
content-length: 21600
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Nov 2014 12:23:46 GMT
server: cloudflare
etag: "5458c552-5460"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b2e41dff28cbc-VIE
expires: Mon, 14 Sep 2020 14:09:50 GMT

GET
H2 200 remi200x200.png
remitano.com/banners/vn/ 26 KB
26 KB 590ms
555ms Image
image/png 2606:4700:10::6814:18fa
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://remitano.com/banners/vn/remi200x200.png
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:18fa , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 80e452e1f9cc09e9f4afc6ea675ffd329c0c375af071ccd3dde49e9e3f8c3be0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
cf-cache-status: MISS
last-modified: Fri, 13 Sep 2019 11:50:29 GMT
server: cloudflare
x-powered-by: Express
etag: W/"6687-16d2a75d788"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 516b2e421df2cbb0-VIE
content-length: 26247
expires: Sun, 15 Sep 2019 18:09:50 GMT

GET
H2

200

suspendedpage.cgi
www.sonsochu.com.vn/cgi-sys/
Redirect Chain

https://www.sonsochu.com.vn/wp-content/uploads/2017/11/banners-2.png
https://www.sonsochu.com.vn/cgi-sys/suspendedpage.cgi

0
0

407ms
407ms

Image
text/html

103.74.123.4
FPT-AS-AP The Cor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sonsochu.com.vn/cgi-sys/suspendedpage.cgi
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.74.123.4 , Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS: cp123004.bkns.com.vn
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date: Sun, 15 Sep 2019 14:09:50 GMT
server: LiteSpeed
status: 302
content-type: text/html
location: https://www.sonsochu.com.vn/cgi-sys/suspendedpage.cgi
cache-control: no-cache, no-store, must-revalidate, max-age=0
alt-svc: quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length: 681

GET
H2 200 louis-11.gif
i.servimg.com/u/f11/16/90/56/73/ 34 KB
34 KB 22ms
18ms Image
image/gif 2606:4700:30::6812:3907
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f11/16/90/56/73/louis-11.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3907 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbdded36da71b3cd95ebcc0e44adca2e2f6e92cfdf60635d94735a96308f48a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32
status: 200
content-length: 34551
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Aug 2017 10:43:43 GMT
server: cloudflare
etag: "5988445f-86f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b2e41dff48cbc-VIE
expires: Mon, 14 Sep 2020 14:09:50 GMT

GET
H2 200 goldma10.jpg
i.servimg.com/u/f11/16/90/56/73/ 32 KB
32 KB 25ms
22ms Image
image/jpeg 2606:4700:30::6812:3907
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f11/16/90/56/73/goldma10.jpg

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3907 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed46ff2bc02a51fa12d7e3223b20001a4ed8cf5acfcbfc8e9786996745f0adcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32
status: 200
content-length: 32680
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Aug 2017 10:02:38 GMT
server: cloudflare
etag: "5994183e-7fa8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b2e41dff58cbc-VIE
expires: Mon, 14 Sep 2020 14:09:50 GMT

GET
H2 200 all.js Show response
connect.facebook.net/vi_VN/ 187 KB
56 KB 20ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/all.js?hash=c79d113055d2bb4296b0df379b20d7dd&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

732c12aebb5b2bf8f7391cff1a38844f27453dd0b9f91369d7d120d6b1ad4964

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: cors
Referer: http://nhadat.forum.st/t91829-topic
Origin: http://nhadat.forum.st
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ie5Ggksw3ARc74u+UCU4Aw==
status: 200
content-length: 56477
etag: "ecbe6643a54ac06bb02bd17a1ac7d2b7"
x-fb-debug: slOEwH4wkX9jSLUb3f2vtVBQ8Ty3qsxopqjN3zyyy4KozIC8BvOcukSx7ELFW+qSrZaJYK+XZ7FAEzUQK3ghyw==
x-fb-trip-id: 420120009
x-fb-content-md5: 4906c68ba607d450241c5aa9f19474ad
x-frame-options: DENY
date: Sun, 15 Sep 2019 14:09:50 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Mon, 14 Sep 2020 13:17:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:819::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144347007-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 5177
date: Sun, 15 Sep 2019 12:43:33 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17803
expires: Sun, 15 Sep 2019 14:43:33 GMT

GET
H/1.1 200
OK loader.js Show response
cdn.taboola.com/libtrc/forforumotion-vi/ 64 KB
18 KB 80ms
57ms Script
application/javascript 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/libtrc/forforumotion-vi/loader.js
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic
Protocol: HTTP/1.1
Security: , ,
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 341c18f0561ecad04421132132fdd7306fa3134f65aa6e7e4a0a8b78dd929051

Request headers

Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: 7L.p.klH3dM9grh.mNQTo9hZBR7XkSI8
Content-Encoding: gzip
ETag: "1738146ca3e16eae031224532cfa1eb7"
Age: 31
X-Cache: HIT
Connection: keep-alive
Content-Length: 17615
x-amz-id-2: bRB13n5I4YdHWkx2/PopyfQh6NPhhr40Qd3tO6aho3nHh+ehEnuNAKGI9FPtTZfdIhWsSBVfuR0=
X-Served-By: cache-fra19122-FRA
Last-Modified: Wed, 11 Sep 2019 14:55:29 GMT
Server: AmazonS3
X-Timer: S1568556590.432280,VS0,VE0
Date: Sun, 15 Sep 2019 14:09:50 GMT
Vary: Accept-Encoding
x-amz-request-id: 94BFC363E5667429
Via: 1.1 varnish
Cache-Control: private,max-age=14401
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
abp: 61
X-Cache-Hits: 1

POST
H/1.1 204
No Content cdb Show response
bidder.criteo.com/ 0
212 B 58ms
34ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: http://bidder.criteo.com/cdb?ptv=68&profileId=206&cb=80873780818
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: HTTP/1.1
Security: , ,
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: http://nhadat.forum.st
date: Sun, 15 Sep 2019 14:09:50 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/api2/v1566858990656/ 264 KB
92 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:817::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/api2/v1566858990656/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

bd3cad6b7ba79270dee54a5ba1482ac6b522b147dc8f9d04791050711ada7865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 07:38:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Aug 2019 23:45:00 GMT
server: sffe
age: 1405908
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 94196
x-xss-protection: 0
expires: Sat, 29 Aug 2020 07:38:02 GMT

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

6ms
5ms

Script
text/javascript

2a00:1450:4001:819::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 7122
date: Sun, 15 Sep 2019 12:11:08 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17168
expires: Sun, 15 Sep 2019 14:11:08 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 404
Not Found mudim-0.8-r126.js
mudim.googlecode.com/files/ 0
0 16ms
14ms Script
text/html 2a00:1450:400c:c0b::52
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://mudim.googlecode.com/files/mudim-0.8-r126.js
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic
Protocol: HTTP/1.1
Security: , ,
Server: 2a00:1450:400c:c0b::52 Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 bg_header.gif
illiweb.com/fa/prosilver/ 682 B
766 B 15ms
12ms Image
image/gif 2606:4700:e2::ac40:8b18
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/prosilver/bg_header.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cdfe222dd349c5abe81b9b8c535d16c1c5d6b04950651558ca41d4078e30d00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/0-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1165540
status: 200
content-length: 682
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-2aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b2e41dc00c2db-FRA
expires: Mon, 14 Sep 2020 14:09:50 GMT

GET
H2 200 corners_left.gif
illiweb.com/fa/prosilver/ 55 B
139 B 12ms
9ms Image
image/gif 2606:4700:e2::ac40:8b18
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/prosilver/corners_left.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3c89e05bf4302b8521538f38f4117d88f59e34a3251b9daa330a1ac1bbfe23b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/0-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10583273
status: 200
content-length: 55
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-37"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b2e41dc01c2db-FRA
expires: Mon, 14 Sep 2020 14:09:50 GMT

GET
H2 200 corners_right.gif
illiweb.com/fa/prosilver/ 54 B
161 B 15ms
12ms Image
image/gif 2606:4700:e2::ac40:8b18
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/prosilver/corners_right.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e004ee77cdd0e83653c2bd53ed833fe6a25d73e2371ece3d081f1c2b16de2478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/0-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19030085
status: 200
content-length: 54
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:00:36 GMT
server: cloudflare
etag: "5739a854-36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b2e41dc04c2db-FRA
expires: Mon, 14 Sep 2020 14:09:50 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nhadat.forum.st

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 15 Sep 2019 14:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nhadat.forum.st

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 15 Sep 2019 14:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/ 222 KB
82 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

794fe0486515f44881ce168acf0fb4ba478b6971fe3448ae96176f50075fadca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 84018
x-xss-protection: 0
server: cafe
etag: 7346031692830552506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Sep 2019 14:09:50 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190911/r20190131/ Frame C85C 0
0 11ms
5ms Document
text/html 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20190911/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20190911/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://nhadat.forum.st/t91829-topic
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t91829-topic

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 12 Sep 2019 14:02:12 GMT
expires: Thu, 26 Sep 2019 14:02:12 GMT
content-type: text/html; charset=UTF-8
etag: 14866779439905550351
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 7273
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 259658
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=779803537&t=pageview&_s=1&dl=http%3A%2F%2Fnhadat.forum.st%2Ft91829-topic&ul=en-us&de=UTF-8&dt=B%C3%A1n%20%C4%91%E1%BA%A5t%20h%E1%BB%93%20tr%C...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-144347007-1&cid=1166616448.1568556590&jid=1260216464&_gid=589297989.1568556590&gjid=318966253&_v=j79&z=1322580766
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144347007-1&cid=1166616448.1568556590&jid=1260216464&_v=j79&z=1322580766
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144347007-1&cid=1166616448.1568556590&jid=1260216464&_v=j79&z=1322580766&slf_rd=1&random=1045773227

42 B
109 B

29ms
29ms

Image
image/gif

2a00:1450:4001:81c::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144347007-1&cid=1166616448.1568556590&jid=1260216464&_v=j79&z=1322580766&slf_rd=1&random=1045773227

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Sep 2019 14:09:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 15 Sep 2019 14:09:50 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144347007-1&cid=1166616448.1568556590&jid=1260216464&_v=j79&z=1322580766&slf_rd=1&random=1045773227
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sprite_prosilver_navbar.png
illiweb.com/fa/ 3 KB
3 KB 15ms
15ms Image
image/png 2606:4700:e2::ac40:8b18
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/sprite_prosilver_navbar.png

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

913bbda58746d2834fa514a1960eddd741c0dad41288fdcca43afb0203fde631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/0-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 18875457
status: 200
content-length: 2994
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:50 GMT
server: cloudflare
etag: "5739a89e-bb2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b2e420cb4c2db-FRA
expires: Mon, 14 Sep 2020 14:09:50 GMT

GET
H2 200 bg_button.gif
illiweb.com/fa/prosilver/ 174 B
285 B 16ms
16ms Image
image/gif 2606:4700:e2::ac40:8b18
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/prosilver/bg_button.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8b18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e8a79a702c74305fd3a2a0e10d8fadc1752d72ea159b0a4b25825acf3ef42ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/0-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 17896016
status: 200
content-length: 174
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b2e420cb8c2db-FRA
expires: Mon, 14 Sep 2020 14:09:50 GMT

GET
H/1.1 200
OK pixel.gif
static.criteo.net/images/ 43 B
400 B 57ms
37ms Image
image/gif 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic
Protocol: HTTP/1.1
Security: , ,
Server: 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 09 Sep 2020 14:09:50 GMT

GET
H/1.1 200
OK pixel.gif
static.criteo.net/images/ 43 B
400 B 56ms
36ms Image
image/gif 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic
Protocol: HTTP/1.1
Security: , ,
Server: 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 09 Sep 2020 14:09:50 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 94 KB
28 KB 13ms
6ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic
Protocol: HTTP/1.1
Security: , ,
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40DA) /
Resource Hash: 01d6aaec4ff29f98c9a96f9ecdeffa2168e4f8e3e4e2ca8ee9aa73e858f38323

Request headers

Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 15 Sep 2019 14:09:50 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Sep 2019 22:21:05 GMT
Server: ECS (fcn/40DA)
Etag: "e1e1dc1ca60d338ed4a19d4b34207784+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28436

GET
H2 200 all.js Show response
connect.facebook.net/vi_VI/ 3 KB
2 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VI/all.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

bd2d5b66b79ca6a0b08b66c2de940ab1305410c3f4b6ca44fe41daee300b9dc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: dBAC30LiKoxIfkdwkUhdqQ==
status: 200
content-length: 1779
etag: "b4f21563e3bb6fd797ce4bc52ee4b08d"
x-fb-debug: drBZWbUQ8KABMbGy+AhgIFRchnHlNO1q/B4WgxTho/FYLnN++nRGivqCotY0Iq9MTPa4oeF2Vo8omh8G8bnJdw==
x-fb-trip-id: 420120009
x-fb-content-md5: ff92172863200b0a0949c346bf1da051
x-frame-options: DENY
date: Sun, 15 Sep 2019 14:09:50 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 15 Sep 2019 14:29:18 GMT

GET
H2

200

i_icon_online.gif
hitsk.in/t/12/15/30/
Redirect Chain

http://hitsk.in/t/12/15/30/i_icon_online.gif
https://hitsk.in/t/12/15/30/i_icon_online.gif

5 KB
6 KB

16ms
15ms

Image
image/gif

2606:4700:30::6818:797c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hitsk.in/t/12/15/30/i_icon_online.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6818:797c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c8290b8ae9591719ec9f329dd17790a6b7e633ebd941deca3467285b97e3f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://nhadat.forum.st/0-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32
status: 200
content-length: 5573
x-xss-protection: 1; mode=block
last-modified: Wed, 27 Oct 2010 15:49:48 GMT
server: cloudflare
etag: "4cc84a1c-15c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b2e43494d59b2-VIE
expires: Mon, 14 Sep 2020 14:09:50 GMT

Redirect headers

Date: Sun, 15 Sep 2019 14:09:50 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Server: cloudflare
Vary: Accept-Encoding
Location: https://hitsk.in/t/12/15/30/i_icon_online.gif
Cache-Control: no-cache
Connection: keep-alive
CF-RAY: 516b2e425ba6cbac-VIE
Content-Length: 0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 9045 40 KB
13 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

31e593abc6816947d026fb60acb36b207d826a08b0d26c2e00cdce040d94dc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "279 / 384 of 1000 / last-modified: 1568323759"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 12668
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:09:50 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame FAFA 40 KB
12 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cafcc9a51d760f8caf35209bffaa361d8be982ef5018292042d789b8433dd2b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "279 / 947 of 1000 / last-modified: 1568323734"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 12668
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:09:50 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 112B 40 KB
12 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cafcc9a51d760f8caf35209bffaa361d8be982ef5018292042d789b8433dd2b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "279 / 100 of 1000 / last-modified: 1568323734"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 12668
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:09:50 GMT

GET
H2 200 xd_arbiter.php
staticxx.facebook.com/connect/ Frame B2B5 0
0 7ms
6ms Document
text/html 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/all.js?hash=c79d113055d2bb4296b0df379b20d7dd&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter.php?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://nhadat.forum.st/t91829-topic
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t91829-topic

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Sat, 12 Sep 2020 21:59:33 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: QLVhFGDSCP5+LvocwwXSnO8csHowjRRQT1crSmzQh3rSvoas/8/2rz4kW7SdA3qJxfIPMCRB1ENRofN7PBLihA==
content-length: 11795
x-fb-trip-id: 420120009
date: Sun, 15 Sep 2019 14:09:50 GMT

GET
H2

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=148640031&utmhn=nhadat.forum.st&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=B%C3%A...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=148640031&utmhn=nhadat.forum.st&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=B%C3%...

35 B
101 B

14ms
14ms

Image
image/gif

2a00:1450:4001:819::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=148640031&utmhn=nhadat.forum.st&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=B%C3%A1n%20%C4%91%E1%BA%A5t%20h%E1%BB%93%20tr%C3%A0m%20xuy%C3%AAn%20m%E1%BB%99c&utmhid=779803537&utmr=-&utmp=%2Ft91829-topic&utmht=1568556590524&utmac=UA-26327096-1&utmcc=__utma%3D258443733.1166616448.1568556590.1568556591.1568556591.1%3B%2B__utmz%3D258443733.1568556591.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1629915341&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Sep 2019 14:09:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=148640031&utmhn=nhadat.forum.st&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=B%C3%A1n%20%C4%91%E1%BA%A5t%20h%E1%BB%93%20tr%C3%A0m%20xuy%C3%AAn%20m%E1%BB%99c&utmhid=779803537&utmr=-&utmp=%2Ft91829-topic&utmht=1568556590524&utmac=UA-26327096-1&utmcc=__utma%3D258443733.1166616448.1568556590.1568556591.1568556591.1%3B%2B__utmz%3D258443733.1568556591.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1629915341&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~
Non-Authoritative-Reason: HSTS

GET
H2

200

__utm.gif
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1048753070&utmhn=nhadat.forum.st&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=B%C3%A1...
https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1048753070&utmhn=nhadat.forum.st&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=B%C3%A...

35 B
99 B

6ms
6ms

Image
image/gif

2a00:1450:4001:819::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1048753070&utmhn=nhadat.forum.st&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=B%C3%A1n%20%C4%91%E1%BA%A5t%20h%E1%BB%93%20tr%C3%A0m%20xuy%C3%AAn%20m%E1%BB%99c&utmhid=779803537&utmr=-&utmp=%2Ft91829-topic&utmht=1568556590527&utmac=UA-26327096-1&utmcc=__utma%3D258443733.1166616448.1568556590.1568556591.1568556591.1%3B%2B__utmz%3D258443733.1568556591.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qAAAAAAAAAAAAAAAQAABAAAE~

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Sep 2019 19:43:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1016806
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1048753070&utmhn=nhadat.forum.st&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=B%C3%A1n%20%C4%91%E1%BA%A5t%20h%E1%BB%93%20tr%C3%A0m%20xuy%C3%AAn%20m%E1%BB%99c&utmhid=779803537&utmr=-&utmp=%2Ft91829-topic&utmht=1568556590527&utmac=UA-26327096-1&utmcc=__utma%3D258443733.1166616448.1568556590.1568556591.1568556591.1%3B%2B__utmz%3D258443733.1568556591.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qAAAAAAAAAAAAAAAQAABAAAE~
Non-Authoritative-Reason: HSTS

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0AAE 0
0 28ms
27ms Document
text/html 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1679833670506844&output=html&adk=4230865854&adf=2465371114&lmt=1568556590&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fnhadat.forum.st%2Ft91829-topic&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1568556590380&bpp=4&bdt=262&fdt=155&idt=155&shv=r20190911&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=2848384744667&frm=20&pv=2&ga_vid=1166616448.1568556590&ga_sid=1568556591&ga_hid=779803537&ga_fc=1&iag=0&icsg=562949953593856&dssz=62&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=a!0&fsb=1&dtd=181

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1679833670506844&output=html&adk=4230865854&adf=2465371114&lmt=1568556590&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fnhadat.forum.st%2Ft91829-topic&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1568556590380&bpp=4&bdt=262&fdt=155&idt=155&shv=r20190911&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=2848384744667&frm=20&pv=2&ga_vid=1166616448.1568556590&ga_sid=1568556591&ga_hid=779803537&ga_fc=1&iag=0&icsg=562949953593856&dssz=62&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=a!0&fsb=1&dtd=181
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://nhadat.forum.st/t91829-topic
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t91829-topic

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 15 Sep 2019 14:09:50 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 15-Sep-2019 14:24:50 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
expires: Sun, 15 Sep 2019 14:09:50 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 77 KB
29 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fa6c0d77f097497e1a53b31c22f0aac13947e9a7a72a5202806411bebf7c916a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568373336498356"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29135
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:09:50 GMT

GET
H/1.1 200
OK vglnk.js Show response
cdn.viglink.com/api/ 78 KB
28 KB 33ms
20ms Script
text/javascript 2606:4700::6810:a20d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.viglink.com/api/vglnk.js
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700::6810:a20d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27a1b8a51741d0473ab2eab70188657fd20d755ba84e0b3e6a51e6f94d7e3a4b

Request headers

Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 15 Sep 2019 14:09:50 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 1703695
CF-RAY: 516b2e432f57cbd0-VIE
Connection: keep-alive
Content-Length: 27531
x-amz-id-2: QQEpphTl7TxKUL6dQMqJ/Q57rCsnyZunZv5Vk6t1uzRmKAfzGf4hFzJt65dol/WwwvmfCmRIcnw=
Last-Modified: Mon, 29 Jul 2019 20:54:38 GMT
Server: cloudflare
ETag: "bdefbb6abea5b94d18f16f50ec3ebaae"
Vary: Accept-Encoding
x-amz-request-id: 4E5EC98B2C1F3F7D
Cache-Control: public, max-age=1800
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Sun, 15 Sep 2019 14:39:50 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
822 B 36ms
15ms Font
text/css 2a00:1450:4001:81a::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

2b7caf43d9c84f7b05243a68e7bc41555f0b873a115a1e1c691f86bed97dd4d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://nhadat.forum.st/t91829-topic
Origin: http://nhadat.forum.st
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sun, 15 Sep 2019 14:09:50 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Sun, 15 Sep 2019 14:09:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:09:50 GMT

GET
H2 200 like.php
www.facebook.com/plugins/ Frame 32F5 0
0 52ms
51ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?locale=en_GB&href=http%3A%2F%2Fnhadat.forum.st%2Ft91829-&send=false&layout=standard&width=60&show_faces=false&action=like&colorscheme=light&font&height=60

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?locale=en_GB&href=http%3A%2F%2Fnhadat.forum.st%2Ft91829-&send=false&layout=standard&width=60&show_faces=false&action=like&colorscheme=light&font&height=60
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://nhadat.forum.st/t91829-topic
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t91829-topic

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: 3+eNd7YpO+XcIbQt0J/14iGXTlXtsPPJM40LB9qQT1ZliP4OS/SARYR4iEqE4vgfx17KkB9HLyMjRPxUnIh2vQ==
date: Sun, 15 Sep 2019 14:09:50 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 94 KB
28 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js?_=1568556590578
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41A1) /
Resource Hash: 01d6aaec4ff29f98c9a96f9ecdeffa2168e4f8e3e4e2ca8ee9aa73e858f38323

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 15 Sep 2019 14:09:50 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Sep 2019 22:21:05 GMT
Server: ECS (fcn/41A1)
Etag: "e1e1dc1ca60d338ed4a19d4b34207784+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28436

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 31ms
30ms Fetch
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=350870611723837&input_token&origin=1&redirect_uri=http%3A%2F%2Fnhadat.forum.st%2Ft91829-topic&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/all.js?hash=c79d113055d2bb4296b0df379b20d7dd&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: cors
Referer: http://nhadat.forum.st/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
status: 200
content-length: 0
pragma: no-cache
x-fb-debug: YOT4x52d6oLLH9AjjNkzLveJHhv+L7yOwLBi+8e2Q4wcAhyit4RQyXfpFrQ3AC66n+LRJDt+ctK6udNn6eDEeA==
fb-s: unknown
cache-control: private, no-cache, no-store, must-revalidate
date: Sun, 15 Sep 2019 14:09:50 GMT
x-frame-options: DENY
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://nhadat.forum.st
access-control-expose-headers: fb-s
fb-error-description: "This endpoint may only be called from an HTTPS Origin."
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 connect.js Show response
connect.topicit.net/scripts/ 3 KB
2 KB 68ms
37ms Script
application/javascript 2606:4700:30::681c:1e2
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.topicit.net/scripts/connect.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1e2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

39ce845fc0203d4cb00559dff89d9448765e0ebd65ebbaf76623cc9850827542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5866
cf-polished: origSize=5437
status: 200
last-modified: Tue, 27 Aug 2019 14:04:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
etag: W/"5d653880-153d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 516b2e435f7ccbbc-VIE
expires: Mon, 16 Sep 2019 14:09:50 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/forumotion/ 166 B
373 B 42ms
40ms Script
application/javascript 23.210.248.44
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/forumotion/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.8.v20180619) /
Resource Hash: 4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
surrogate-key: forumotion
server: Jetty(9.4.8.v20180619)
etag: 659743217
cache-tag: forumotion
status: 200
cache-control: public, max-age=16, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-type: application/javascript;charset=utf-8
content-length: 166

GET
H2 200 like.php
www.facebook.com/plugins/ Frame 14A4 0
0 62ms
62ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?action=like&app_id=350870611723837&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df1138d8025731f4%26domain%3Dnhadat.forum.st%26origin%3Dhttp%253A%252F%252Fnhadat.forum.st%252Ff1124e0f6cffb3c%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fnhadat.forum.st%2Ft91829-topic&layout=button_count&locale=vi_VN&sdk=joey&share=false&show_faces=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/all.js?hash=c79d113055d2bb4296b0df379b20d7dd&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?action=like&app_id=350870611723837&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df1138d8025731f4%26domain%3Dnhadat.forum.st%26origin%3Dhttp%253A%252F%252Fnhadat.forum.st%252Ff1124e0f6cffb3c%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fnhadat.forum.st%2Ft91829-topic&layout=button_count&locale=vi_VN&sdk=joey&share=false&show_faces=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://nhadat.forum.st/t91829-topic
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t91829-topic

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: 6nJWadotHkQC8SV10ITxVIuq/DTBqu1E57M+1naSTSSOsZJf7dRc2oTqmhrFjP9NFtCm+R4iColB7elE7eEROg==
date: Sun, 15 Sep 2019 14:09:50 GMT

GET
H/1.1 200
OK impl.20190911-24-RELEASE.js Show response
cdn.taboola.com/libtrc/ 393 KB
112 KB 38ms
38ms Script
application/javascript 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/libtrc/impl.20190911-24-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/forforumotion-vi/loader.js
Protocol: HTTP/1.1
Security: , ,
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 079c6baf748d3b543bd11d58558f93c92619dfc023b34b66a1c3648a4f01feee

Request headers

Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: Blzyav7I7Fqr90naydKIw6WeS8AJ8pk2
Content-Encoding: gzip
ETag: "46435c29fa55e5bb182a8089f8899af1"
Age: 18
X-Cache: HIT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 113770
x-amz-id-2: FELoEKgaI/DrtIDrmVjST3PIPcoUFhciEGdu/rHoHou0MDpgtmL4Ttd8JmZIRzxAIZmtMmi1cm0=
X-Served-By: cache-fra19122-FRA
Last-Modified: Wed, 11 Sep 2019 13:41:59 GMT
Server: AmazonS3
X-Timer: S1568556591.635963,VS0,VE0
Date: Sun, 15 Sep 2019 14:09:50 GMT
Vary: Accept-Encoding
x-amz-request-id: 7C1E695CC51D6438
Via: 1.1 varnish
Cache-Control: private,max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
abp: 82
X-Cache-Hits: 86

GET
H/1.1 200
OK beacon.js Show response
b.scorecardresearch.com/ 1 KB
1 KB 305ms
284ms Script
application/x-javascript 2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://b.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/forforumotion-vi/loader.js
Protocol: HTTP/1.1
Security: , ,
Server: 2.16.186.80 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 15 Sep 2019 14:09:50 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 901
Expires: Mon, 16 Sep 2019 14:09:50 GMT

GET
H/1.1 200
OK widget_iframe.d9084ca5af1ffbe01c8d444cfadfa6fe.html
platform.twitter.com/widgets/ Frame 3021 0
0 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.d9084ca5af1ffbe01c8d444cfadfa6fe.html?origin=http%3A%2F%2Fnhadat.forum.st
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40F7) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: http://nhadat.forum.st/t91829-topic
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t91829-topic

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 15 Sep 2019 14:09:50 GMT
Etag: "7d3f6ed140174a20e7c8be261a70a863+gzip"
Last-Modified: Mon, 09 Sep 2019 22:11:15 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40F7)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5816

GET
H2 200 pubads_impl_2019082901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 9045 158 KB
58 KB 169ms
91ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js?21064551

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

ec6c461b6a7da1d28c5bb10b93c755c080ccdaed59821bdf1076bdc3866cc956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Aug 2019 13:06:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 59716
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:09:50 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame 9045 113 B
178 B 15ms
15ms Script
application/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=nhadat.forum.st

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 15 Sep 2019 14:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 108
x-xss-protection: 0

GET
H2 200 pubads_impl_2019082901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame FAFA 158 KB
58 KB 144ms
73ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

ec6c461b6a7da1d28c5bb10b93c755c080ccdaed59821bdf1076bdc3866cc956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Aug 2019 13:06:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 59716
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:09:50 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame FAFA 113 B
175 B 14ms
14ms Script
application/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=nhadat.forum.st

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 15 Sep 2019 14:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 108
x-xss-protection: 0

GET
H2 200 pubads_impl_2019082901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 112B 158 KB
59 KB 113ms
44ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

ec6c461b6a7da1d28c5bb10b93c755c080ccdaed59821bdf1076bdc3866cc956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Aug 2019 13:06:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 59716
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:09:50 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame 112B 113 B
175 B 16ms
15ms Script
application/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=nhadat.forum.st

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 15 Sep 2019 14:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 108
x-xss-protection: 0

GET
H/1.1 200
OK button.fc9ebf951a9289ff2153fdd98b8fd4a4.js Show response
platform.twitter.com/js/ 7 KB
3 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.fc9ebf951a9289ff2153fdd98b8fd4a4.js
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40FB) /
Resource Hash: 713ee1f99eb3fea3d726a797e55dcc0b6b8ab5eb1db72bc2ac7430d6c6c5e1c5

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 15 Sep 2019 14:09:50 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Sep 2019 22:11:07 GMT
Server: ECS (fcn/40FB)
Etag: "0f356c4c57ab07dd2a1b3edb361aa130+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 2294

GET
H/1.1 200
OK pixel.gif
cdn.viglink.com/images/ 43 B
551 B 23ms
22ms Image
image/gif 2606:4700::6810:a20d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.viglink.com/images/pixel.gif?ch=1&rn=8.738095329883915
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700::6810:a20d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 15 Sep 2019 14:09:50 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 10 Feb 2015 03:29:39 GMT
Server: cloudflare
Age: 3
ETag: "221d8352905f2c38b3cb2bd191d630b0"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=15, must-revalidate
Content-Length: 43
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 516b2e43e90bcbd0-VIE
x-amz-request-id: 17C4A8DE225C39CC
x-amz-id-2: 7zuEfQ4DpkW+9tJkXi8rP8iettvh+76JESNEiC2oce55OzYsGCX5L7L3JH9FaLiL2fA40c84AC0=

GET
H/1.1 200
OK pixel.gif
cdn.viglink.com/images/ 43 B
551 B 35ms
23ms Image
image/gif 2606:4700::6810:a20d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.viglink.com/images/pixel.gif?ch=2&rn=8.738095329883915
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700::6810:a20d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 15 Sep 2019 14:09:50 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 10 Feb 2015 03:29:39 GMT
Server: cloudflare
Age: 3
ETag: "221d8352905f2c38b3cb2bd191d630b0"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=15, must-revalidate
Content-Length: 43
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 516b2e43fd5e59b8-VIE
x-amz-request-id: 17C4A8DE225C39CC
x-amz-id-2: 7zuEfQ4DpkW+9tJkXi8rP8iettvh+76JESNEiC2oce55OzYsGCX5L7L3JH9FaLiL2fA40c84AC0=

GET
H2 200 client.vi.min.json Show response
s7.addthis.com/l10n/ 4 KB
2 KB 116ms
40ms XHR
application/json 23.210.248.44
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/l10n/client.vi.min.json

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

177956c92b2e1a8845baa7dd3f06d8ae1f1b5181563566710e6eef565888028a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode: cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 20 Aug 2019 19:33:54 GMT
server: nginx/1.15.8
status: 200
etag: W/"5d5c4b22-e76"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, s-maxage=604800
date: Sun, 15 Sep 2019 14:09:50 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 1664

GET
H/1.1 200
OK tweet_button.d9084ca5af1ffbe01c8d444cfadfa6fe.vi.html
platform.twitter.com/widgets/ Frame 945C 0
0 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.d9084ca5af1ffbe01c8d444cfadfa6fe.vi.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41A5) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: http://nhadat.forum.st/t91829-topic
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t91829-topic

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 15 Sep 2019 14:09:50 GMT
Etag: "cc41d771a7f9110588318da4d5fb07f9+gzip"
Last-Modified: Mon, 09 Sep 2019 22:11:15 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/41A5)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 12528

GET
H/1.1 200
OK tweet_button.d9084ca5af1ffbe01c8d444cfadfa6fe.vi.html
platform.twitter.com/widgets/ Frame 6B03 0
0 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.d9084ca5af1ffbe01c8d444cfadfa6fe.vi.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41D8) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: http://nhadat.forum.st/t91829-topic
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t91829-topic

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 15 Sep 2019 14:09:50 GMT
Etag: "cc41d771a7f9110588318da4d5fb07f9+gzip"
Last-Modified: Mon, 09 Sep 2019 22:11:15 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/41D8)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 12528

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame FAFA 4 KB
3 KB 201ms
200ms XHR
text/plain 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=66907247638416&correlator=2414048830493922&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fif&eid=21061863%2C21062725%2C21064520&vrg=2019082901&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=0&sfv=1-0-35&ecs=20190915&iu=%2F3324476%2F300x250&sz=300x250&eri=6&cookie_enabled=1&bc=23&lmt=1568556590&dt=1568556590867&dlt=1568556590499&idt=356&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adx=354&ady=1785&adk=3788786385&uci=z0aulyh6jr6&ifi=1&ifk=3350182160&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=http%3A%2F%2Fnhadat.forum.st%2Ft91829-topic&top=nhadat.forum.st&dssz=2&icsg=10&std=0&vis=1&scr_x=0&scr_y=0&blev=1&bisch=1&ga_vid=1166616448.1568556590&ga_sid=1568556591&ga_hid=1538527557&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

7c6f50515f572b67d3aa7c9dfab1683a24a09d15521c6686a09b42823aa0b9b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 1994
x-xss-protection: 0
google-lineitem-id: 2378356
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138237774710
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://nhadat.forum.st
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019082901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame FAFA 66 KB
25 KB 43ms
43ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

05e529a757d25aa9d160d28e57c20041eee3f973870c0f0ad4ac7c21937254b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Aug 2019 13:06:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 25315
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:09:50 GMT

GET container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame FAFA 0
0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 112B 4 KB
2 KB 198ms
198ms XHR
text/plain 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2145008705592387&correlator=571225415613811&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fif&eid=21064591&vrg=2019082901&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=0&sfv=1-0-35&ecs=20190915&iu=%2F3324476%2F300x250&sz=300x250&eri=6&cookie_enabled=1&bc=23&lmt=1568556590&dt=1568556590883&dlt=1568556590502&idt=375&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adx=718&ady=1785&adk=3788786385&uci=q5fnxhl5e2vo&ifi=1&ifk=3350182160&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=http%3A%2F%2Fnhadat.forum.st%2Ft91829-topic&top=nhadat.forum.st&dssz=2&icsg=10&std=0&vis=1&scr_x=0&scr_y=0&blev=1&bisch=1&ga_vid=1166616448.1568556590&ga_sid=1568556591&ga_hid=2127529606&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

8afbaf1ede0aac711700778ba8583d233c16cf8c11e058d59fc6ab4053742558

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 2014
x-xss-protection: 0
google-lineitem-id: 2378356
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138237774710
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://nhadat.forum.st
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019082901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 112B 66 KB
25 KB 43ms
43ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

05e529a757d25aa9d160d28e57c20041eee3f973870c0f0ad4ac7c21937254b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Aug 2019 13:06:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 25315
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:09:50 GMT

GET container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame 112B 0
0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 9045 4 KB
2 KB 326ms
325ms XHR
text/plain 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1320326856189268&correlator=3343283125787966&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fif&eid=21064551%2C21062452%2C21064170%2C21064388&vrg=2019082901&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=0&sfv=1-0-35&ecs=20190915&iu=%2F3324476%2F728x90-top&sz=728x90&eri=6&cookie_enabled=1&bc=23&lmt=1568556590&dt=1568556590902&dlt=1568556590464&idt=427&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adx=322&ady=488&adk=1505497364&uci=dlhspj8htjk9&ifi=1&ifk=527450665&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=http%3A%2F%2Fnhadat.forum.st%2Ft91829-topic&top=nhadat.forum.st&dssz=2&icsg=10&std=0&vis=1&scr_x=0&scr_y=0&blev=1&bisch=1&ga_vid=1166616448.1568556590&ga_sid=1568556591&ga_hid=1130891982&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js?21064551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

bf330aa965183616509e478ba1a7f179b02397e2fc8684921ee3f7699065f164

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 2187
x-xss-protection: 0
google-lineitem-id: 2395036
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 101399530636
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://nhadat.forum.st
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019082901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 9045 66 KB
25 KB 45ms
44ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082901.js?21064551

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js?21064551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

05e529a757d25aa9d160d28e57c20041eee3f973870c0f0ad4ac7c21937254b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Aug 2019 13:06:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 25315
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:09:50 GMT

GET container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame 9045 0
0

GET
H/1.1

204
No Content

b2
b.scorecardresearch.com/
Redirect Chain

http://b.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1568556590921&ns_c=UTF-8&cv=3.1&c8=B%C3%A1n%20%C4%91%E1%BA%A5t%20h%E1%BB%93%20tr%C3%A0m%20xuy%C3%AAn%20m%E1%BB%99c&c7=http%3A%...
http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1568556590921&ns_c=UTF-8&cv=3.1&c8=B%C3%A1n%20%C4%91%E1%BA%A5t%20h%E1%BB%93%20tr%C3%A0m%20xuy%C3%AAn%20m%E1%BB%99c&c7=http%3A...

0
248 B

38ms
36ms

Image
text/plain

2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1568556590921&ns_c=UTF-8&cv=3.1&c8=B%C3%A1n%20%C4%91%E1%BA%A5t%20h%E1%BB%93%20tr%C3%A0m%20xuy%C3%AAn%20m%E1%BB%99c&c7=http%3A%2F%2Fnhadat.forum.st%2Ft91829-topic&c9=
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic
Protocol: HTTP/1.1
Security: , ,
Server: 2.16.186.80 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 15 Sep 2019 14:09:51 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1568556590921&ns_c=UTF-8&cv=3.1&c8=B%C3%A1n%20%C4%91%E1%BA%A5t%20h%E1%BB%93%20tr%C3%A0m%20xuy%C3%AAn%20m%E1%BB%99c&c7=http%3A%2F%2Fnhadat.forum.st%2Ft91829-topic&c9=
Pragma: no-cache
Date: Sun, 15 Sep 2019 14:09:50 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

jot.html
platform.twitter.com/ Frame 8D57
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

6ms
6ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4187) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: null
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 15 Sep 2019 14:09:51 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Mon, 09 Sep 2019 22:21:05 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/4187)
X-Cache: HIT
Content-Length: 80

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Sun, 15 Sep 2019 14:09:51 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Sun, 15 Sep 2019 14:09:51 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_f
strict-transport-security: max-age=631138519
x-connection-hash: 7c813adde99d98e745d336fcfc378e87
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 119
x-transaction: 0019448600d1ec67
x-tsa-request-body-time: 0
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame E3FB 0
0 28ms
6ms Document
text/html 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-35/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://nhadat.forum.st/t91829-topic
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t91829-topic

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 3491
date: Sun, 15 Sep 2019 08:43:29 GMT
expires: Mon, 14 Sep 2020 08:43:29 GMT
last-modified: Fri, 21 Jun 2019 14:35:26 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 19582
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame FAFA 77 KB
29 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fa6c0d77f097497e1a53b31c22f0aac13947e9a7a72a5202806411bebf7c916a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568373336498356"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29135
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:09:51 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame 2A8A 0
0 16ms
6ms Document
text/html 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-35/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://nhadat.forum.st/t91829-topic
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t91829-topic

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 3491
date: Sun, 15 Sep 2019 08:43:29 GMT
expires: Mon, 14 Sep 2020 08:43:29 GMT
last-modified: Fri, 21 Jun 2019 14:35:26 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 19582
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 112B 77 KB
29 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fa6c0d77f097497e1a53b31c22f0aac13947e9a7a72a5202806411bebf7c916a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568373336498356"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29135
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:09:51 GMT

POST
H/1.1 200
OK ping Show response
api.viglink.com/api/ 339 B
1020 B 93ms
56ms XHR
text/javascript 99.80.15.126
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/ping
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: , ,
Server: 99.80.15.126 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-99-80-15-126.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 20c045729ee789ae579ce93a117a22eddf654e2385a0ac67b32955fac9aa9501

Request headers

Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sun, 15 Sep 2019 14:09:51 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://nhadat.forum.st
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 339
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 18A7 0
57 B 47ms
46ms Fetch
image/gif 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-r2exEWfd9FPlAbN5uCQmj5rurks4D6PYqXKRQzABkvDqYgKXLXBTHslURtI_S7Ds2lZrrDAAVdofuUxaJA_MAEvzthOFTuZj9R3cSJAA1pVHdb-49-ORe7BIz1tLe9Qnc1pKLBBQ3C3Lg1DsuJieMpj-hODGlYnlQh3_bbzRnrVeMAMY4sRljXxat9osW-cJr6kkY_Y87mdLSH-TPpiLj-XRWtrHCgrVo-unz6phBpOp-MwIEy2zeZmtV0DicEI&sig=Cg0ArKJSzJ-184mNlMVaEAE&urlfix=1&adurl=

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 15 Sep 2019 14:09:51 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK 11662.js Show response
ads.rubiconproject.com/ad/ Frame 18A7 26 KB
8 KB 40ms
39ms Script
text/javascript 23.8.3.174
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/11662.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082901.js?21064551
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.8.3.174 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-8-3-174.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: d02197080b9680999381b5f5337fedd92674e5a1550ddfcc0c70612d3170a5e3

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 15 Sep 2019 14:09:51 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=6290
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 7558
Expires: Sun, 15 Sep 2019 15:54:41 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 18A7 78 KB
29 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082901.js?21064551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5ae991940db5f8d052ab0ff33ec4be064db50ed1f3f649a4576af4687bff8d21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568373336498356"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29635
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:09:51 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9045 77 KB
29 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js?21064551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fa6c0d77f097497e1a53b31c22f0aac13947e9a7a72a5202806411bebf7c916a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568373336498356"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29135
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:09:51 GMT

GET
H/1.1

200
OK

tag.min.js Show response
get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/
Redirect Chain

http://api.viglink.com/api/sync.js?key=9019de09e2fbd24ca1be00a9fededd9e
http://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js

43 KB
14 KB

12ms
6ms

Script
text/javascript

2600:9000:2057:7000:1f:287:d20a:ce1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic
Protocol: HTTP/1.1
Security: , ,
Server: 2600:9000:2057:7000:1f:287:d20a:ce1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4581a8ee1f3b5103458e5ad88a90c847bacce216bb021fc8a21d9d9f9e0e3d1b

Request headers

Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: ZHambxBZf8oDBVbsA2eKvhosoGHeIUKy
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Fri, 06 Sep 2019 22:23:21 GMT
Server: AmazonS3
Age: 2298
Date: Sun, 15 Sep 2019 13:32:51 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: R8-Ko67LyQUKsiZl7_3CPlv3fy23iYKJlB7_taKzSz6L1HGk7vx07g==

Redirect headers

Pragma: no-cache
Date: Sun, 15 Sep 2019 14:09:51 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Location: http://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

http://api.viglink.com/api/sync.gif?key=9019de09e2fbd24ca1be00a9fededd9e
http://ce.lijit.com/merge?pid=8008&3pid=ebd87084024bb024650118f1dfa8af3e

0
532 B

60ms
38ms

Image
text/html

72.251.249.14
Internap Corporation

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ce.lijit.com/merge?pid=8008&3pid=ebd87084024bb024650118f1dfa8af3e
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic
Protocol: HTTP/1.1
Security: , ,
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 15 Sep 2019 14:09:51 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ap1ams1
Content-Type: text/html;charset=utf-8
X-Application-Context: application:prod:9080
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 15 Sep 2019 14:09:51 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Location: http://ce.lijit.com/merge?pid=8008&3pid=ebd87084024bb024650118f1dfa8af3e
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK domains Show response
api.viglink.com/api/ 42 B
488 B 67ms
49ms XHR
text/javascript 99.80.15.126
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/domains
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: , ,
Server: 99.80.15.126 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-99-80-15-126.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: f7cf592c3a648adbf5baa57ebe538baba951ca626719d9513fc712e696461200

Request headers

Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sun, 15 Sep 2019 14:09:51 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://nhadat.forum.st
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 151162-2.js Show response
optimized-by.rubiconproject.com/a/11662/36432/ Frame 18A7 2 KB
2 KB 120ms
100ms Script
text/javascript 69.173.144.141
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: http://optimized-by.rubiconproject.com/a/11662/36432/151162-2.js?&cb=0.7150934066368857&tk_st=1&rf=http%3A//nhadat.forum.st/t91829-topic&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=36432_2
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/11662.js
Protocol: HTTP/1.1
Security: , ,
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: a29990295fe62dcf36197da8df3ce3fe5d27c8461dd9cac06ebc7d27b8d4fc3f

Request headers

Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 15 Sep 2019 14:09:51 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=5, max=385
Content-Length: 928
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK insert Show response
api.viglink.com/api/ 530 B
977 B 67ms
52ms XHR
text/javascript 99.80.15.126
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/insert
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: , ,
Server: 99.80.15.126 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-99-80-15-126.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 4f581b96549f8755e8e650141bc9424cf505e3b4a96f90fe0041e0f65bc8f610

Request headers

Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sun, 15 Sep 2019 14:09:50 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://nhadat.forum.st
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 530
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 400
Bad Request optimize Show response
api.viglink.com/api/ 986 B
1 KB 40ms
40ms XHR
text/html 99.80.15.126
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/optimize
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: , ,
Server: 99.80.15.126 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-99-80-15-126.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 4192f7a925a86b25b87e422c509071dc6d5222fef92358406b627882ee2c22af

Request headers

Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sun, 15 Sep 2019 14:09:51 GMT
Server: Apache-Coyote/1.1
Content-Language: en
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://nhadat.forum.st
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html;charset=utf-8
Content-Length: 986
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK / Show response
onetag-geo.s-onetag.com/ 23 B
597 B 12ms
6ms XHR
application/json 2600:9000:2057:6e00:5:ae3a:ba00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: http://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
Protocol: HTTP/1.1
Security: , ,
Server: 2600:9000:2057:6e00:5:ae3a:ba00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: ad16e1b37490fca28df99d039d6373d2fee4d894fcd279d95b90ae872f4d860f

Request headers

Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 15 Sep 2019 14:09:19 GMT
Via: 1.1 fc3a4fa8a6bf80fc624a0bc082bb5b4e.cloudfront.net (CloudFront), 1.1 89c822bb1ce1445a7be6d1057088cfbf.cloudfront.net (CloudFront)
Connection: keep-alive
Age: 31
x-amzn-RequestId: 2e58970f-a8bb-4035-9182-9c3ab91bbf73
X-Cache: Hit from cloudfront
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
X-Amz-Cf-Pop: FRA56, FRA6-C1
x-amz-apigw-id: AD_igEdbSK4FeAg=
Content-Length: 23
X-Amz-Cf-Id: kopFqQQj-wqVxIgnIyX7xm-XH_5Nmyz8ZqaLJsFVLIN6AyviZmvlFg==

GET
H2 200 beacon.min.js Show response
beacon.s-onetag.com/ 18 KB
6 KB 21ms
6ms Script
application/javascript 2600:9000:2057:e600:5:9a4c:9b00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.s-onetag.com/beacon.min.js
Requested by: Host: get.s-onetag.com
URL: http://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:e600:5:9a4c:9b00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 662fa6bcdf71d8f92e29010d3e2e270e0071e5d19b1d14ce205654a78aa0a7a9

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: dQ2IPgbwW_sArXQW0CBb3eN5W57SqoQ0
content-encoding: gzip
last-modified: Thu, 04 Apr 2019 09:35:05 GMT
server: AmazonS3
age: 879
date: Sun, 15 Sep 2019 13:55:13 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: jaEpNvltol5YKm6f_pAdBR0P7W4xa6PndQZeWRg5GowQFAhe5YBhuA==
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)

POST
H/1.1 202
Accepted inserted Show response
api.viglink.com/api/ 0
406 B 35ms
35ms XHR
text/plain 99.80.15.126
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/inserted
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: , ,
Server: 99.80.15.126 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-99-80-15-126.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sun, 15 Sep 2019 14:09:50 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://nhadat.forum.st
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 18A7 41 KB
13 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: optimized-by.rubiconproject.com
URL: http://optimized-by.rubiconproject.com/a/11662/36432/151162-2.js?&cb=0.7150934066368857&tk_st=1&rf=http%3A//nhadat.forum.st/t91829-topic&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=36432_2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b0a55cd6ac476adf475714e621d8a8c3eedff93c7fa90698dc80179bd5fae956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "279 / 353 of 1000 / last-modified: 1568323759"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 13176
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:09:51 GMT

GET
H/1.1 200
OK 7cf90e36-65bb-4205-b723-6eb04d36641b
beacon-eu2.rubiconproject.com/beacon/d/ Frame 18A7 43 B
268 B 75ms
54ms Image
image/webp 69.173.144.155
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://beacon-eu2.rubiconproject.com/beacon/d/7cf90e36-65bb-4205-b723-6eb04d36641b?oo=0&accountId=11662&siteId=36432&zoneId=151162&sizeId=2&e=6A1E40E384DA563BB3DB02EF2A1EB4D15B4618173B75AEB9B5BA1E0CA830C280924463D87F1608E033047D8316937A8BE4A9AFA6E089EF84BD7E53D087B64532A22230110ACC352B3E728AA336738FC01C45189F33B502F0956270D897C40F9B07A61D121EA4336FF782A36A5CC40F7CB1A7D9D35A9A062283009FDB9DE7981633F8630F2FDB6069
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic
Protocol: HTTP/1.1
Security: , ,
Server: 69.173.144.155 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 15 Sep 2019 14:09:50 GMT
Cache-Control: private, max-age=0, no-cache
Server: Rubicon Project
Content-Type: image/webp
Content-Length: 43
Expires: 01 Jan 1970 10:00:00 GMT

GET
H2 200 pubads_impl_2019090501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 18A7 159 KB
58 KB 43ms
42ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

1f948056b50b22854611638a2a293c1f4eb05e9b72c29b2e3f41eefabd789788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Sep 2019 13:05:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 59665
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:09:51 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame 18A7 113 B
175 B 16ms
16ms Script
application/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=nhadat.forum.st

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 15 Sep 2019 14:09:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 108
x-xss-protection: 0

POST
H/1.1 400
Bad Request optimize Show response
api.viglink.com/api/ 986 B
1 KB 36ms
35ms XHR
text/html 99.80.15.126
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/optimize
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: , ,
Server: 99.80.15.126 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-99-80-15-126.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 4192f7a925a86b25b87e422c509071dc6d5222fef92358406b627882ee2c22af

Request headers

Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sun, 15 Sep 2019 14:09:51 GMT
Server: Apache-Coyote/1.1
Content-Language: en
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://nhadat.forum.st
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html;charset=utf-8
Content-Length: 986
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 18A7 3 KB
2 KB 197ms
196ms XHR
text/plain 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1423641771966263&correlator=3813130735185938&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fif&eid=21064552%2C21064526&vrg=2019090501&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=0&sfv=1-0-35&ecs=20190915&iu=%2F1150267%2FEtoxicSarl_2019_728x90&sz=728x90&eri=6&cookie=ID%3D81e4627482a6a0f9%3AT%3D1568556590%3AS%3DALNI_Ma_C6efKvqiqxzK9_V7ERqmWAipxw&cdm=nhadat.forum.st&bc=23&lmt=1568556591&dt=1568556591557&dlt=1568556591257&idt=278&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adx=322&ady=488&adk=442451065&uci=w6pysgppvmp9&ifi=1&ifk=3537051449&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=http%3A%2F%2Fnhadat.forum.st%2Ft91829-topic&top=nhadat.forum.st&dssz=10&icsg=90&mso=1&std=0&vis=1&scr_x=0&scr_y=0&ga_vid=1166616448.1568556590&ga_sid=1568556591&ga_hid=1199359898&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

0e4ccdf93bc836b87c8309e3e05d0e43a999808f6fc78076a5ed22e3cf915cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 1841
x-xss-protection: 0
google-lineitem-id: 227269977
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 80630180577
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://nhadat.forum.st
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019090501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 18A7 63 KB
24 KB 46ms
45ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

4021f17f04d1808610fd53096d9a57e97d86a7d8c94cd86b970640c4f99a70c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Sep 2019 13:05:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 24375
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:09:51 GMT

GET container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame 18A7 0
0

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 1411 0
0 118ms
40ms Document
text/html 104.111.230.142
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=uk
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: http://nhadat.forum.st/t91829-topic
Accept-Encoding: gzip, deflate, br
Cookie: khaos=K0L23FV6-18-WPT; rsid=1|Bcy8MVRC7ODdRTOg1ss9JhXtu58fJrGXvHdRGdGfflUb8MzBUmLjR8SYYdWKiObOR3Pz/D+4CT3teUmnRib/RTSi8WxX1W0O+i8xat3aC097/wWnYPMdYvqpGPCHYzCUAaSYkhNgUzPw0vw2ZKBWw/V7Vauefz+Q; ses2=36432^1; vis2=36432^1; audit=1|hLZGFuTafB1Xn7Tv5bzl/be6PYAK0FqvTQwmDE/H8ZVfCria4zb4zR0BKKXrPws8a5659H+SqPWAF7qA5WC/AGtQLX+YcKga
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t91829-topic

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 11 Sep 2019 18:27:19 GMT
Content-Encoding: gzip
Content-Length: 7614
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=34000
Expires: Sun, 15 Sep 2019 23:36:31 GMT
Date: Sun, 15 Sep 2019 14:09:51 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 18A7 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 337f2f350f4f7d63acf06b700e4683b5e02f3ddacb0e8db451648856fc2ac2bc

Request headers

Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame D9B8 0
57 B 46ms
46ms Fetch
image/gif 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBPv49Ezpjpt2657G00Ikw7YATCUc926HmhBT-J8DTKKu0leBXnkSbVnjjOZS_VsTBOGtF4DFYtKKC6syaoai6QjLfO98X81TNsFDLQOcPSWN1y9vS_sv_cWZhBZ16Pt0wGJCt4q26wMSG_2sje4nl6T-3mJXliY6m-SZGL58nw3Qan8smYacWdFxu77IphI_KmQCGmNA13mPRUxYqiks5TXW6nM3q4PRFRtE5almJmOS0QbcJJI_K3PzWQ2TfwodakBCAnv9bzTplL0Pg&sig=Cg0ArKJSzKO2xcayG7gQEAE&urlfix=1&adurl=

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t91829-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 15 Sep 2019 14:09:51 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK banner
b.a2gw.com/ Frame F6FC 0
0 139ms
33ms Document
text/html 34.249.204.108
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://b.a2gw.com/banner?dfp=21773487228&cw=728&ch=90&_cb=609200477
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090501.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.204.108 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-249-204-108.eu-west-1.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash

Request headers

Host: b.a2gw.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: http://nhadat.forum.st/t91829-topic
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t91829-topic

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Sun, 15 Sep 2019 14:09:51 GMT
Expires: 0
Server: nginx/1.14.1
Content-Length: 280
Connection: keep-alive

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame D9B8 78 KB
29 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5ae991940db5f8d052ab0ff33ec4be064db50ed1f3f649a4576af4687bff8d21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568373336498356"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29635
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:09:51 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 18A7 77 KB
29 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fa6c0d77f097497e1a53b31c22f0aac13947e9a7a72a5202806411bebf7c916a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:09:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568373336498356"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29135
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:09:51 GMT

GET
DATA 200
OK truncated
/ Frame D9B8 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b079d08890dd6ba7f99e385dfc053c5e6985b631786bc35ca49e4469d1e4d61b

Request headers

Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 18A7 42 B
178 B 15ms
14ms Image
image/gif 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuz4IDlFJE5vjZdo3nsdh5jwbqC0Mz3rWmfqPBx9RxOv9v3b6DBSu8MjiHBwypWExpXS50i2KcQSLKZOl2SiWj1kRAxMpyYO6gNlwbvGTU&sig=Cg0ArKJSzDI11Z3hGV1dEAE&adk=1505497364&tt=1361&bs=1585%2C1200&mtos=1021,1021,1021,1021,1021&tos=1021,0,0,0,0&p=0,0,90,728&mcvt=1021&rs=3&ht=0&tfs=345&tls=1366&mc=1&lte=1&bas=0&bac=0&met=0&avms=nio&niot_obs=6&niot_cbk=26&md=2&lm=2&rst=1568556591262&rpt=318&isd=0&oseid=3&xdi=0&ps=1585%2C2648&ss=1600%2C1200&pt=7&bin=1&deb=1-1-1-9-14-8-16-13-0-0-0&tvt=1362&is=728%2C90&iframe_loc=http%3A%2F%2Fnhadat.forum.st%2Ft91829-topic&r=v&id=osdim&vs=4&uc=11&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20190913

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Sep 2019 14:09:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D9B8 42 B
110 B 15ms
14ms Image
image/gif 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuJb_7Hqj_VZynSf-u_4glCLBUTdtkYN_1XUmnaZsm9nsTTMvh8T8DwGenvgdnEJMDS8QckwOXYD0Q4khDhdrFycgG-m6keP0WUiaV9-MI&sig=Cg0ArKJSzAqrxp499ou2EAE&adk=442451065&tt=1131&bs=1585%2C1200&mtos=1029,1029,1029,1029,1029&tos=1029,0,0,0,0&p=0,0,90,728&mcvt=1029&rs=3&ht=0&tfs=106&tls=1135&mc=1&lte=1&bas=0&bac=0&met=0&avms=nio&niot_obs=4&niot_cbk=8&md=2&lm=2&rst=1568556591778&rpt=132&isd=0&oseid=3&xdi=0&ps=1585%2C2648&ss=1600%2C1200&pt=5&bin=1&deb=1-1-1-14-12-6-15-11-0-0-0&tvt=1132&is=728%2C90&iframe_loc=http%3A%2F%2Fnhadat.forum.st%2Ft91829-topic&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20190913

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Sep 2019 14:09:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
onetag-geo.s-onetag.com/ 23 B
597 B 9ms
9ms XHR
application/json 2600:9000:2057:6e00:5:ae3a:ba00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://onetag-geo.s-onetag.com/
Requested by: Host: beacon.s-onetag.com
URL: https://beacon.s-onetag.com/beacon.min.js
Protocol: HTTP/1.1
Security: , ,
Server: 2600:9000:2057:6e00:5:ae3a:ba00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: ad16e1b37490fca28df99d039d6373d2fee4d894fcd279d95b90ae872f4d860f

Request headers

Referer: http://nhadat.forum.st/t91829-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 15 Sep 2019 14:09:19 GMT
Via: 1.1 fc3a4fa8a6bf80fc624a0bc082bb5b4e.cloudfront.net (CloudFront), 1.1 89c822bb1ce1445a7be6d1057088cfbf.cloudfront.net (CloudFront)
Connection: keep-alive
Age: 41
x-amzn-RequestId: 2e58970f-a8bb-4035-9182-9c3ab91bbf73
X-Cache: Hit from cloudfront
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
X-Amz-Cf-Pop: FRA56, FRA6-C1
x-amz-apigw-id: AD_igEdbSK4FeAg=
Content-Length: 23
X-Amz-Cf-Id: hXQ5MWUSPN742Z0EddawF0FHo4t172EumCI178IYbmdv0rosgLrziw==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=2

Verdicts & Comments Add Verdict or Comment

371 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
eus.rubiconproject.com/	1970-01-19 05:52:12	Name: pux Value: 1512%3D85071%262249%3D85071%262307%3D85071%262861%3D85071%262974%3D85071%263778%3D85071%26goog%3D85071%26brx%3D85071%26
.rubiconproject.com/	1970-01-19 12:28:12	Name: audit Value: 1\|hLZGFuTafB1Xn7Tv5bzl/be6PYAK0FqvTQwmDE/H8ZVfCria4zb4zR0BKKXrPws8a5659H+SqPWAF7qA5WC/AGtQLX+YcKga
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|Bcy8MVRC7ODdRTOg1ss9JhXtu58fJrGXvHdRGdGfflUb8MzBUmLjR8SYYdWKiObOR3Pz/D+4CT3teUmnRib/RTSi8WxX1W0O+i8xat3aC097/wWnYPMdYvqpGPCHYzCUAaSYkhNgUzPw0vw2ZKBWw/V7Vauefz+Q
.rubiconproject.com/	1970-01-19 12:28:12	Name: khaos Value: K0L23FV6-18-WPT
nhadat.forum.st/	1970-01-19 13:12:50	Name: __atuvc Value: 1%7C38
.forum.st/	1970-01-19 21:13:48	Name: __gads Value: ID=81e4627482a6a0f9:T=1568556590:S=ALNI_Ma_C6efKvqiqxzK9_V7ERqmWAipxw
.nhadat.forum.st/	1970-01-19 03:42:37	Name: __utmt Value: 1
.nhadat.forum.st/	1970-01-19 03:42:38	Name: __utmb Value: 258443733.2.10.1568556591
nhadat.forum.st/	1970-01-19 03:42:38	Name: __atuvs Value: 5d7e462ef1a8a015000
.forum.st/	1970-01-19 03:42:36	Name: _gat_gtag_UA_144347007_1 Value: 1
.nhadat.forum.st/	1970-01-19 08:05:24	Name: __utmz Value: 258443733.1568556591.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.doubleclick.net/	1970-01-19 13:04:12	Name: IDE Value: AHWqTUlxuvw85SktDOCnihTVSuJ10bG2HoM1mIsbQPluNYCY4FiFm_RT3VakceOr
.nhadat.forum.st/	1969-12-31 23:59:59	Name: __utmc Value: 258443733
.nhadat.forum.st/	1970-01-19 21:13:48	Name: __utma Value: 258443733.1166616448.1568556590.1568556591.1568556591.1
.rubiconproject.com/	1970-01-19 03:43:37	Name: vis2 Value: 36432^1
.forum.st/	1970-01-19 21:13:48	Name: _ga Value: GA1.2.1166616448.1568556590
.rubiconproject.com/	1970-01-19 03:43:37	Name: ses2 Value: 36432^1
.forum.st/	1970-01-19 03:44:02	Name: _gid Value: GA1.2.589297989.1568556590
.nhadat.forum.st/	1970-01-19 04:04:12	Name: _fa-screen Value: %7B%22w%22%3A1600%2C%22h%22%3A1200%7D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://nhadat.forum.st/t91829-topic(Line 20) Message: {"w":1600,"h":1200}
console-api	log	URL: http://nhadat.forum.st/t91829-topic(Line 155) Message: Failed to register service worker.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.rubiconproject.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
api.viglink.com
b.a2gw.com
b.scorecardresearch.com
beacon-eu2.rubiconproject.com
beacon.s-onetag.com
bidder.criteo.com
cdn.taboola.com
cdn.viglink.com
ce.lijit.com
connect.facebook.net
connect.topicit.net
eus.rubiconproject.com
fonts.googleapis.com
get.s-onetag.com
googleads.g.doubleclick.net
hitsk.in
i.servimg.com
illiweb.com
mudim.googlecode.com
nhadat.forum.st
onetag-geo.s-onetag.com
optimized-by.rubiconproject.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
remitano.com
s7.addthis.com
securepubads.g.doubleclick.net
static.criteo.net
staticxx.facebook.com
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
v1.addthisedge.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.sonsochu.com.vn
tpc.googlesyndication.com
103.74.123.4
104.111.230.142
104.244.42.72
151.101.14.2
178.250.0.130
178.250.0.165
178.33.44.177
2.16.186.80
216.58.206.2
216.58.210.2
23.210.248.44
23.8.3.174
2600:9000:2057:6e00:5:ae3a:ba00:93a1
2600:9000:2057:7000:1f:287:d20a:ce1
2600:9000:2057:e600:5:9a4c:9b00:93a1
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6814:18fa
2606:4700:30::6812:3907
2606:4700:30::6818:797c
2606:4700:30::681c:1e2
2606:4700::6810:a20d
2606:4700:e2::ac40:8b18
2a00:1450:4001:806::200a
2a00:1450:4001:817::2003
2a00:1450:4001:819::2008
2a00:1450:4001:819::200e
2a00:1450:4001:81a::2002
2a00:1450:4001:81a::200a
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::2004
2a00:1450:4001:825::2001
2a00:1450:4001:825::2002
2a00:1450:400c:c06::9a
2a00:1450:400c:c0b::52
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.249.204.108
69.173.144.141
69.173.144.155
72.251.249.14
99.80.15.126
01d6aaec4ff29f98c9a96f9ecdeffa2168e4f8e3e4e2ca8ee9aa73e858f38323
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05e529a757d25aa9d160d28e57c20041eee3f973870c0f0ad4ac7c21937254b1
079c6baf748d3b543bd11d58558f93c92619dfc023b34b66a1c3648a4f01feee
0915a998c8a41f69e82331eca861ccb6635aac2eeb5639348f370e6e189c663c
0e4ccdf93bc836b87c8309e3e05d0e43a999808f6fc78076a5ed22e3cf915cdf
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
177956c92b2e1a8845baa7dd3f06d8ae1f1b5181563566710e6eef565888028a
1b41fda21beefc30d61f983ea8764572e82499e3bd7ccf1d25ee0701b3acb79f
1c78642b1b256f276db999a53f10c1c638abc3d01f31aadd48894c18d4bc215f
1f948056b50b22854611638a2a293c1f4eb05e9b72c29b2e3f41eefabd789788
20c045729ee789ae579ce93a117a22eddf654e2385a0ac67b32955fac9aa9501
21fdee7b0b8fe6e50ae8757d088eec9d41f83e2e6b1fafd73dea3deb5452c81e
27860bbd92fc2f77d8f4c4b0c01ab7649cc8002ad183240e7289338d217b0566
27a1b8a51741d0473ab2eab70188657fd20d755ba84e0b3e6a51e6f94d7e3a4b
2a2ac2019375eb1e51e20fdd63a65eb9c94964a8da0633fe76718d6d0c7decff
2b7caf43d9c84f7b05243a68e7bc41555f0b873a115a1e1c691f86bed97dd4d9
2c8290b8ae9591719ec9f329dd17790a6b7e633ebd941deca3467285b97e3f5d
2d8b76ce721e4684e231dce5ac0c227a4220a2c054c94613924835750824b544
2e8d6d0258b64b012f29f3c024e13342b70b49e5690640ef311d1b79efe1b4c9
2ea955cabe710b582d2dab5a5659f00c789af91e5a1fb8a1678e5cc69c82f107
31e593abc6816947d026fb60acb36b207d826a08b0d26c2e00cdce040d94dc38
337f2f350f4f7d63acf06b700e4683b5e02f3ddacb0e8db451648856fc2ac2bc
341c18f0561ecad04421132132fdd7306fa3134f65aa6e7e4a0a8b78dd929051
3682a82a1dd6c67a32cb888e738e45bba2b1aace5ce26a4479cd18a007841399
39ce845fc0203d4cb00559dff89d9448765e0ebd65ebbaf76623cc9850827542
4021f17f04d1808610fd53096d9a57e97d86a7d8c94cd86b970640c4f99a70c6
4192f7a925a86b25b87e422c509071dc6d5222fef92358406b627882ee2c22af
4581a8ee1f3b5103458e5ad88a90c847bacce216bb021fc8a21d9d9f9e0e3d1b
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
49634ba201ae609a6a5935ce7c0a3c64b8515f5b8f7fafcf7ba9c0475f7a8a6c
4a25ffd0157934358e43303fb3d068256095cf6bc686fc8b1c72b39fe222e73d
4c989150dada9ab8cd2b204788e7f30ea067372f849833b9ead2938a096db9eb
4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028
4e8a79a702c74305fd3a2a0e10d8fadc1752d72ea159b0a4b25825acf3ef42ad
4f581b96549f8755e8e650141bc9424cf505e3b4a96f90fe0041e0f65bc8f610
5ae991940db5f8d052ab0ff33ec4be064db50ed1f3f649a4576af4687bff8d21
5ef7a93fa3f7be107e4de1d65b50da318841b0f08bdeafff4a62277f17e7c6cc
605183a8594eb65a3db95a7735ad7adac28b7b9814a70334837fe630bdd8d5f4
662fa6bcdf71d8f92e29010d3e2e270e0071e5d19b1d14ce205654a78aa0a7a9
6cdfe222dd349c5abe81b9b8c535d16c1c5d6b04950651558ca41d4078e30d00
6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90
6f965e91fcd9010bc9f4d1225479b4996cecf25c4bff92f99df371bf159379f3
713ee1f99eb3fea3d726a797e55dcc0b6b8ab5eb1db72bc2ac7430d6c6c5e1c5
732c12aebb5b2bf8f7391cff1a38844f27453dd0b9f91369d7d120d6b1ad4964
794fe0486515f44881ce168acf0fb4ba478b6971fe3448ae96176f50075fadca
79da493095f8897605de282590eb6f2746fe9a72a0d4c2a499b048565a04ede6
7c6f50515f572b67d3aa7c9dfab1683a24a09d15521c6686a09b42823aa0b9b1
80e452e1f9cc09e9f4afc6ea675ffd329c0c375af071ccd3dde49e9e3f8c3be0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aee7e72f173d63fbd15c24521847ab7d25f3a570d1bc132d5be26653bcedd8a
8afbaf1ede0aac711700778ba8583d233c16cf8c11e058d59fc6ab4053742558
913bbda58746d2834fa514a1960eddd741c0dad41288fdcca43afb0203fde631
a29990295fe62dcf36197da8df3ce3fe5d27c8461dd9cac06ebc7d27b8d4fc3f
a4542c5ce6094ffbc5d0f25ce86fa947d99391476498220916fe8823125b27fc
a4b1ec13fc84d5296e1b1332ebff97d5e783238341bfc5adcec2e3d1631d7b09
a525e9410427b0509fe2214292dcf2f342dbaaaafe41a3eb33e3b6a28688f7f1
ad16e1b37490fca28df99d039d6373d2fee4d894fcd279d95b90ae872f4d860f
b079d08890dd6ba7f99e385dfc053c5e6985b631786bc35ca49e4469d1e4d61b
b0a55cd6ac476adf475714e621d8a8c3eedff93c7fa90698dc80179bd5fae956
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b55324a12c6a457bef25d9b69a12e32c82fcc4e4de60f327497a68e79faad754
bbdded36da71b3cd95ebcc0e44adca2e2f6e92cfdf60635d94735a96308f48a2
bd2d5b66b79ca6a0b08b66c2de940ab1305410c3f4b6ca44fe41daee300b9dc5
bd3cad6b7ba79270dee54a5ba1482ac6b522b147dc8f9d04791050711ada7865
bf330aa965183616509e478ba1a7f179b02397e2fc8684921ee3f7699065f164
bf39734c6b0b0aa2a63217dc803eaba3d79520d3bdd30c4018ee10a181b2b2fb
c2be71422735c4c62ae840477bd44581ba2006ae2ed94b381a3d25fb60300ba8
c2ce2107c4196e933dd1cb15b07adb3e8245a9e6b96066562c49033aacd239f0
c662377c5cb31fe72c72e0162b44a2cbf811720aab0a80d8cfc30aac9a1376e8
cafcc9a51d760f8caf35209bffaa361d8be982ef5018292042d789b8433dd2b3
d02197080b9680999381b5f5337fedd92674e5a1550ddfcc0c70612d3170a5e3
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
d1bd7d449c312e3f1395dade6040e69514b646a495051dbd87f6cff386239eec
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e004ee77cdd0e83653c2bd53ed833fe6a25d73e2371ece3d081f1c2b16de2478
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c89e05bf4302b8521538f38f4117d88f59e34a3251b9daa330a1ac1bbfe23b
e70a5676138000a3c1c75120e9e961af1a97d62e28a5d02ce512fc54bd7b2380
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
ec4fb05ff94d7a46463cf9920e089852f81ad10bdfd03b4f3741c88602ee00b4
ec6c461b6a7da1d28c5bb10b93c755c080ccdaed59821bdf1076bdc3866cc956
ed46ff2bc02a51fa12d7e3223b20001a4ed8cf5acfcbfc8e9786996745f0adcd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7cf592c3a648adbf5baa57ebe538baba951ca626719d9513fc712e696461200
f8a7191079805b6be389342e5eb467379c3d47776b59d0d24c684b7fb82c4518
fa6c0d77f097497e1a53b31c22f0aac13947e9a7a72a5202806411bebf7c916a
facb3e5741e7c0bdef290f3b75a5b221b30908330d428630e4bea4e1e7555ffa

nhadat.forum.st Open in urlscan Pro 178.33.44.177 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

138 Requests

75 %HTTPS

60 %IPv6

32 Domains

46 Subdomains

41 IPs

8 Countries

1710 kBTransfer

4459 kBSize

19 Cookies

11 Outgoing links

Redirected requests

138 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

nhadat.forum.st Open in urlscan Pro
178.33.44.177 Public Scan

Screenshot
Live screenshot

Full Image

138
Requests

75 %
HTTPS

60 %
IPv6

32
Domains

46
Subdomains

41
IPs

8
Countries

1710 kB
Transfer

4459 kB
Size

19
Cookies

138 HTTP transactions
2 data transactions