nhadat.forum.st Open in urlscan Pro
178.33.44.177 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://nhadat.forum.st/t92156-topic
Submission: On September 16 via manual (September 16th 2019, 5:49:44 am UTC) from VN

Summary HTTP 152 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 57 IPs in 10 countries across 45 domains to perform 152 HTTP transactions. The main IP is 178.33.44.177, located in France and belongs to OVH, FR. The main domain is nhadat.forum.st.

This is the only time nhadat.forum.st was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	178.33.44.177 178.33.44.177	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
13	2606:4700:e2:... 2606:4700:e2::ac40:8a18	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
3	178.250.0.130 178.250.0.130	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:819::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
12	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
14	2606:4700:30:... 2606:4700:30::6812:3907	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a00:1450:400... 2a00:1450:400c:c0b::52	15169 (GOOGLE) (GOOGLE - Google LLC)
2 4	103.74.123.4 103.74.123.4	18403 (FPT-AS-AP...) (FPT-AS-AP The Corporation for Financing & Promoting Technology)
2	2606:4700:10:... 2606:4700:10::6814:17fa	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 3	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2606:4700:30:... 2606:4700:30::6818:787c	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	202.182.98.49 202.182.98.49	20473 (AS-CHOOPA) (AS-CHOOPA - Choopa)
1 4	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1 5	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	151.101.14.2 151.101.14.2	54113 (FASTLY) (FASTLY - Fastly)
1	178.250.2.152 178.250.2.152	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
7	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1 1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 3	2.16.186.80 2.16.186.80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700::68... 2606:4700::6810:a30d	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2606:4700:30:... 2606:4700:30::681c:e2	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
10	216.58.210.2 216.58.210.2	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.108.40.167 104.108.40.167	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1 1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	69.173.144.142 69.173.144.142	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
2 6	99.80.15.126 99.80.15.126	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	185.29.133.208 185.29.133.208	30419 (MEDIAMATH...) (MEDIAMATH-INC - MediaMath Inc)
1	69.173.144.155 69.173.144.155	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1	2600:9000:20b... 2600:9000:20bb:7a00:1f:287:d20a:ce1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET - Internap Corporation)
1	136.243.51.138 136.243.51.138	24940 (HETZNER-AS) (HETZNER-AS)
4	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1 1	185.29.135.42 185.29.135.42	30419 (MEDIAMATH...) (MEDIAMATH-INC - MediaMath Inc)
1	104.111.241.32 104.111.241.32	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1 3	136.243.49.76 136.243.49.76	24940 (HETZNER-AS) (HETZNER-AS)
2	2600:9000:20b... 2600:9000:20bb:c200:5:ae3a:ba00:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2600:9000:20b... 2600:9000:20bb:e200:5:9a4c:9b00:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2606:4700::68... 2606:4700::6810:a827	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2 4	195.216.249.67 195.216.249.67	47268 (ZANOX) (ZANOX)
1 1	85.10.231.199 85.10.231.199	24940 (HETZNER-AS) (HETZNER-AS)
2	46.236.13.147 46.236.13.147	24931 (DEDIPOWER) (DEDIPOWER)
2	46.18.188.30 46.18.188.30	60220 (AFFILI) (AFFILI)
1	2600:9000:20b... 2600:9000:20bb:5c00:9:352d:a240:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	46.236.12.250 46.236.12.250	24931 (DEDIPOWER) (DEDIPOWER)
1	85.214.124.106 85.214.124.106	6724 (STRATO ST...) (STRATO STRATO AG)
1 2	172.217.21.198 172.217.21.198	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	13.32.222.166 13.32.222.166	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:819::2013	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.16.143.160 52.16.143.160	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
152	57

2 178.33.44.177 (France)

ASN16276 (OVH, FR)

nhadat.forum.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:e2::ac40:8a18 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

illiweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:30::6812:3907 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

i.servimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0b::52 (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)

mudim.googlecode.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.74.123.4 (Viet Nam) 2 redirects

ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN)
PTR: cp123004.bkns.com.vn

www.sonsochu.com.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6814:17fa (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

remitano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.206.2 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:30::6818:787c (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

hitsk.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.182.98.49 (Heiwajima, Japan)

ASN20473 (AS-CHOOPA - Choopa, LLC, US)
PTR: 202.182.98.49.vultr.com

www.bandatnendongnai.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.210.248.44 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:825::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.152 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.186.80 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-80.deploy.static.akamaitechnologies.com

b.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:a30d (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681c:e2 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

connect.topicit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 216.58.210.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.40.167 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-40-167.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States) 1 redirects

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.142 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

optimized-by.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 99.80.15.126 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-99-80-15-126.eu-west-1.compute.amazonaws.com

api.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.133.208 (United Kingdom)

ASN30419 (MEDIAMATH-INC - MediaMath Inc, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.155 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

beacon-eu2.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20bb:7a00:1f:287:d20a:ce1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET - Internap Corporation, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.51.138 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.138.51.243.136.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.233.201 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.135.42 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC - MediaMath Inc, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.241.32 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-241-32.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 136.243.49.76 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.76.49.243.136.clients.your-server.de

hal90005.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20bb:c200:5:ae3a:ba00:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20bb:e200:5:9a4c:9b00:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

beacon.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a827 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.11teamsports.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 195.216.249.67 (France) 2 redirects

ASN47268 (ZANOX, FR)

ad.zanox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.10.231.199 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: 85-10-231-199.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.236.13.147 (United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.18.188.30 (Germany)

ASN60220 (AFFILI, DE)

banners.webmasterplan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20bb:5c00:9:352d:a240:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.236.12.250 (United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 46-236-12-250.servers.dedipower.net

diapi.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.214.124.106 (Berlin, Germany)

ASN6724 (STRATO STRATO AG, DE)
PTR: h2491987.stratoserver.net

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.21.198 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s12-in-f198.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.230.142 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.222.166 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-222-166.fra56.r.cloudfront.net

d2hkbi3gan6yg6.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

w-it.m-t.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.143.160 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-16-143-160.eu-west-1.compute.amazonaws.com

webgains.withcubed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	doubleclick.net 3 redirects googleads.g.doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net	257 KB
14	servimg.com i.servimg.com	193 KB
13	illiweb.com illiweb.com	25 KB
9	viglink.com 2 redirects cdn.viglink.com api.viglink.com	33 KB
8	googletagservices.com www.googletagservices.com	182 KB
8	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	60 KB
7	mathtag.com 1 redirects tags.mathtag.com pixel.mathtag.com sync.mathtag.com	5 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com Failed	200 KB
5	google.de adservice.google.de www.google.de	1 KB
5	google-analytics.com 1 redirects www.google-analytics.com	35 KB
4	zanox.com 2 redirects ad.zanox.com	2 KB
4	redintelligence.net 1 redirects hal9000.redintelligence.net hal90005.redintelligence.net	6 KB
4	s-onetag.com get.s-onetag.com onetag-geo.s-onetag.com beacon.s-onetag.com	22 KB
4	rubiconproject.com ads.rubiconproject.com optimized-by.rubiconproject.com beacon-eu2.rubiconproject.com eus.rubiconproject.com	11 KB
4	facebook.com staticxx.facebook.com www.facebook.com
4	sonsochu.com.vn 2 redirects www.sonsochu.com.vn	211 B
3	webgains.com track.webgains.com diapi.webgains.com	15 KB
3	scorecardresearch.com 1 redirects b.scorecardresearch.com	2 KB
3	addthis.com 1 redirects s7.addthis.com	115 KB
3	hitsk.in hitsk.in	2 KB
3	google.com 1 redirects www.google.com adservice.google.com	1 KB
3	criteo.net static.criteo.net	26 KB
3	facebook.net connect.facebook.net	60 KB
2	m-t.io w-it.m-t.io	238 B
2	webmasterplan.com banners.webmasterplan.com	1 KB
2	taboola.com cdn.taboola.com	130 KB
2	remitano.com remitano.com	55 KB
2	googlecode.com mudim.googlecode.com
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	34 KB
2	forum.st nhadat.forum.st	71 KB
1	withcubed.com webgains.withcubed.com	674 B
1	cloudfront.net d2hkbi3gan6yg6.cloudfront.net	19 KB
1	congstar.de banner.congstar.de
1	webgains.io analytics.webgains.io	13 KB
1	media01.eu 1 redirects pb.media01.eu	970 B
1	11teamsports.com www.11teamsports.com
1	bluekai.com stags.bluekai.com	733 B
1	lijit.com ce.lijit.com	532 B
1	addthisedge.com v1.addthisedge.com	373 B
1	topicit.net connect.topicit.net	2 KB
1	gstatic.com www.gstatic.com	92 KB
1	criteo.com bidder.criteo.com	212 B
1	bandatnendongnai.vn www.bandatnendongnai.vn	244 KB
1	googleadservices.com partner.googleadservices.com	728 B
1	googletagmanager.com www.googletagmanager.com	26 KB
152	45

	Domain	Requested by
14	i.servimg.com	nhadat.forum.st
13	illiweb.com	nhadat.forum.st pagead2.googlesyndication.com
10	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net nhadat.forum.st
8	www.googletagservices.com	nhadat.forum.st pagead2.googlesyndication.com securepubads.g.doubleclick.net
7	platform.twitter.com	nhadat.forum.st ajax.googleapis.com platform.twitter.com
6	api.viglink.com	2 redirects cdn.viglink.com
5	www.google-analytics.com	1 redirects www.googletagmanager.com nhadat.forum.st
4	ad.zanox.com	2 redirects hal90005.redintelligence.net nhadat.forum.st
4	pixel.mathtag.com	tags.mathtag.com nhadat.forum.st
4	adservice.google.de	pagead2.googlesyndication.com www.googletagservices.com
4	www.sonsochu.com.vn	2 redirects nhadat.forum.st
4	pagead2.googlesyndication.com	nhadat.forum.st pagead2.googlesyndication.com
3	hal90005.redintelligence.net	1 redirects nhadat.forum.st
3	www.facebook.com	ajax.googleapis.com connect.facebook.net
3	cdn.viglink.com	nhadat.forum.st
3	b.scorecardresearch.com	1 redirects cdn.taboola.com nhadat.forum.st
3	s7.addthis.com	1 redirects nhadat.forum.st s7.addthis.com
3	hitsk.in	nhadat.forum.st
3	static.criteo.net	nhadat.forum.st
3	connect.facebook.net	nhadat.forum.st connect.facebook.net
2	w-it.m-t.io	analytics.webgains.io
2	ad.doubleclick.net	1 redirects nhadat.forum.st
2	banners.webmasterplan.com	hal90005.redintelligence.net banners.webmasterplan.com
2	track.webgains.com	nhadat.forum.st
2	onetag-geo.s-onetag.com	get.s-onetag.com beacon.s-onetag.com
2	cm.g.doubleclick.net	1 redirects nhadat.forum.st
2	tags.mathtag.com	optimized-by.rubiconproject.com tags.mathtag.com
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	cdn.taboola.com	nhadat.forum.st cdn.taboola.com
2	remitano.com	nhadat.forum.st
2	mudim.googlecode.com	nhadat.forum.st
2	www.google.com	1 redirects nhadat.forum.st
2	nhadat.forum.st	nhadat.forum.st
1	webgains.withcubed.com	d2hkbi3gan6yg6.cloudfront.net
1	d2hkbi3gan6yg6.cloudfront.net	analytics.webgains.io
1	eus.rubiconproject.com	nhadat.forum.st
1	banner.congstar.de	banners.webmasterplan.com
1	diapi.webgains.com	track.webgains.com
1	analytics.webgains.io	track.webgains.com
1	pb.media01.eu	1 redirects
1	www.11teamsports.com	hal90005.redintelligence.net
1	beacon.s-onetag.com	get.s-onetag.com
1	stags.bluekai.com	tags.mathtag.com
1	sync.mathtag.com	1 redirects
1	hal9000.redintelligence.net	nhadat.forum.st
1	ce.lijit.com	nhadat.forum.st
1	get.s-onetag.com	nhadat.forum.st
1	beacon-eu2.rubiconproject.com	optimized-by.rubiconproject.com
1	optimized-by.rubiconproject.com	ads.rubiconproject.com
1	syndication.twitter.com	1 redirects
1	ads.rubiconproject.com	securepubads.g.doubleclick.net
1	v1.addthisedge.com	s7.addthis.com
1	connect.topicit.net	nhadat.forum.st
1	fonts.googleapis.com	ajax.googleapis.com
1	staticxx.facebook.com	connect.facebook.net
1	www.google.de	nhadat.forum.st
1	stats.g.doubleclick.net	1 redirects
1	adservice.google.com	pagead2.googlesyndication.com
1	www.gstatic.com	www.google.com
1	bidder.criteo.com	static.criteo.net
1	www.bandatnendongnai.vn	nhadat.forum.st
1	partner.googleadservices.com	nhadat.forum.st
1	www.googletagmanager.com	nhadat.forum.st
1	ajax.googleapis.com	nhadat.forum.st
152	65

This site contains links to these domains. Also see Links.

Domain
louiscity.net
www.sonsochu.com.vn
www.ttc-group.vn
remitano.com
www.goldmarkcity136.vn
duanngoinhamoi.com
www.forumvi.com
help.forumotion.com

Subject Issuer	Validity	Valid
	`1970-01-01` - `1970-01-01`	a few seconds	crt.sh
*.googleapis.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
illiweb.com CloudFlare Inc ECC CA-2	`2018-10-18` - `2019-10-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-08-24` - `2019-10-19`	2 months	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2019-03-26` - `2020-03-30`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
www.google.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
servimg.com CloudFlare Inc ECC CA-2	`2018-10-19` - `2019-10-19`	a year	crt.sh
caodangmientrung.com cPanel, Inc. Certification Authority	`2019-07-24` - `2019-10-22`	3 months	crt.sh
ssl516184.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-24` - `2020-03-01`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
sni165043.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-09-09` - `2020-03-17`	6 months	crt.sh
bandatnendongnai.vn COMODO RSA Domain Validation Secure Server CA	`2018-08-15` - `2020-08-14`	2 years	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2019-06-06` - `2020-09-04`	a year	crt.sh
*.google.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
www.google.de GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2018-11-19` - `2019-11-27`	a year	crt.sh
topicit.net CloudFlare Inc ECC CA-2	`2018-11-06` - `2019-11-06`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2018-01-26` - `2020-04-16`	2 years	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2019-01-25` - `2020-04-25`	a year	crt.sh
*.s-onetag.com Amazon	`2019-06-25` - `2020-07-25`	a year	crt.sh
11teamsports.com CloudFlare Inc ECC CA-2	`2019-02-11` - `2020-02-11`	a year	crt.sh
ad.zanox.com Thawte RSA CA 2018	`2019-06-17` - `2021-07-16`	2 years	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2019-05-20` - `2021-06-08`	2 years	crt.sh
banners.webmasterplan.com GlobalSign Organization Validation CA - SHA256 - G2	`2018-02-21` - `2020-02-22`	2 years	crt.sh
*.webgains.io Amazon	`2019-05-08` - `2020-06-08`	a year	crt.sh
*.congstar.de COMODO RSA Organization Validation Secure Server CA	`2017-10-24` - `2021-01-21`	3 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
w-it.m-t.io Let's Encrypt Authority X3	`2019-08-15` - `2019-11-13`	3 months	crt.sh

This page contains 23 frames:

Primary Page: http://nhadat.forum.st/t92156-topic
Frame ID: CE931DEC779925C34D50692FCF1919E4
Requests: 86 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/show_ads_impl.js
Frame ID: 11274F2864A108CAFB954100C42C224C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190911/r20190131/zrt_lookup.html
Frame ID: A462728BF5ECE31A8FF2EA547191D9CE
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: ED9231A2FE845F7EF3D293BC52C79156
Requests: 7 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: DD167AA9A109F41BD0267EAD59302EBE
Requests: 7 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 87D4EF1A3988D025E273ABEC53C5EDBA
Requests: 7 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: CC63B5C106FA9335685A65731D43A648
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1679833670506844&output=html&adk=4230865854&adf=2465371114&lmt=1568612966&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&ea=0&flash=0&pra=5&wgl=1&dt=1568612966930&bpp=7&bdt=336&idt=167&shv=r20190911&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=8368609802174&frm=20&pv=2&ga_vid=947736523.1568612967&ga_sid=1568612967&ga_hid=778057032&ga_fc=1&iag=0&icsg=172544&dssz=63&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20040013%2C248427477%2C21061796&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=0&uci=0.8148pjodwqth&fsb=1&dtd=185
Frame ID: A05AE64D5276FF09FF2A7B32E33F10AA
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?locale=en_GB&href=http%3A%2F%2Fnhadat.forum.st%2Ft92156-&send=false&layout=standard&width=60&show_faces=false&action=like&colorscheme=light&font&height=60
Frame ID: 5DEF15CA4FA9FA11D3AD6A9FEEF8B4AE
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=350870611723837&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df24f282c3108234%26domain%3Dnhadat.forum.st%26origin%3Dhttp%253A%252F%252Fnhadat.forum.st%252Ff24b04559618998%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&layout=button_count&locale=vi_VN&sdk=joey&share=false&show_faces=false
Frame ID: AA4033EDE89739ADF5DF20A1A9F95CBC
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d9084ca5af1ffbe01c8d444cfadfa6fe.html?origin=http%3A%2F%2Fnhadat.forum.st
Frame ID: 6D4F4564617CA9E61A92B4DA4960CA88
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.d9084ca5af1ffbe01c8d444cfadfa6fe.vi.html
Frame ID: D5023687EB797CDBB44C52C7E3305C74
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.d9084ca5af1ffbe01c8d444cfadfa6fe.vi.html
Frame ID: CEDFD6233D9A89CC1AB8748CCF6DFF01
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1
Frame ID: 783185BFBA4A7A60C465EC23A53D61F1
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUobUkBekZuiL9jJdg709Bs7RsoDRde1vMYuUX8eebUesukP070GOwmiuHWDacFz8Du5B0QAbyp08O_kTM9LEh9aW-ro-lo9a7jKKoTwMsqfOKkiL0Ov35dPkgO6tnrkS5OP8uWfnQrvDwdb7F6VniFCl5IBNfUP081W5m7I77s7HBnTyDDfeqq9DOPNDoTBSa4dnvF-jC9r19BgV4n0sOMcP0LEgntxx6VXEQLD855YkZKLOEbtx6yliHFFD2yw&sig=Cg0ArKJSzJ57SRdSegHPEAE&urlfix=1&adurl=
Frame ID: 1FCDF130930DB0BF940FE7176A5C0811
Requests: 28 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 640F581409F6C135E415F1D08D1431E1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1
Frame ID: 7B1499EAA528F6274CCD18AE0918F834
Requests: 1 HTTP requests in this frame

Frame: https://www.11teamsports.com/de-de/htlp-webgains
Frame ID: FE8191D841D8B5F842A9A755948349D5
Requests: 1 HTTP requests in this frame

Frame: https://ad.zanox.com/ppv/images/onepixel.gif?foo=45475836C666538628SV1yq87397758032435045753821034658242yb5yb7T2608555801107074048&dyn_id=
Frame ID: DB57555A23FF4DFF5437D609F2AF4928
Requests: 1 HTTP requests in this frame

Frame: https://banners.webmasterplan.com/pvdi.aspx?ref=203506&js=1&site=4655&b=1249&subid=41696300018865800951453010988005&target=_blank&title=congstar+-+Du+willst+es.+Du+kriegst+es.
Frame ID: 8746A16AC8FABCD6A0F60F8E9B05D457
Requests: 1 HTTP requests in this frame

Frame: https://banner.congstar.de/cookie?afid=203506-41696300018865800951453010988005&affmt=1&affmn=1249
Frame ID: FD460B9E0AE6B77C2C95FF4CE49F3DA2
Requests: 1 HTTP requests in this frame

Frame: http://hal90005.redintelligence.net/request_content.php?s=41696300018865800951453010988005&a=72696b24
Frame ID: BE707DA61EE9F85F92B7D298FD7BF37D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 0EE3051EB0B2E43AD6756C718DF2C806
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

VigLink (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:^[^\/]*\/\/[^\/]*viglink\.com\/api\/|vglnk\.js)/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

152
Requests

76 %
HTTPS

47 %
IPv6

45
Domains

65
Subdomains

57
IPs

10
Countries

1934 kB
Transfer

4627 kB
Size

33
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://louiscity.net/

Search URL Search Domain Scan URL

URL: https://www.sonsochu.com.vn/

Search URL Search Domain Scan URL

URL: http://www.ttc-group.vn/trang-tuyen-dung#nhan-vien-kinh-doanh

Search URL Search Domain Scan URL

URL: https://remitano.com/vn?ref=dnn2018

Search URL Search Domain Scan URL

URL: http://www.goldmarkcity136.vn/

Search URL Search Domain Scan URL

URL: http://duanngoinhamoi.com/
Title: ngôi nhà mới

Search URL Search Domain Scan URL

URL: https://www.sonsochu.com.vn/dang-ky-mo-dai-ly-phan-phoi-son-sochu-nano-nhat-ban
Title: tìm đại lý phân phối sơn

Search URL Search Domain Scan URL

URL: http://www.forumvi.com/
Title: Free forum

Search URL Search Domain Scan URL

URL: https://www.forumvi.com/phpbb
Title: phpBB

Search URL Search Domain Scan URL

URL: https://help.forumotion.com/
Title: Free forum support

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://www.sonsochu.com.vn/wp-content/uploads/2017/11/banner1.png HTTP 302
https://www.sonsochu.com.vn/cgi-sys/suspendedpage.cgi

Request Chain 33

http://s7.addthis.com/js/300/addthis_widget.js HTTP 308
https://s7.addthis.com/js/300/addthis_widget.js

Request Chain 37

https://www.sonsochu.com.vn/wp-content/uploads/2017/11/banners-2.png HTTP 302
https://www.sonsochu.com.vn/cgi-sys/suspendedpage.cgi

Request Chain 45

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 61

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=778057032&t=pageview&_s=1&dl=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&ul=en-us&de=UTF-8&dt=%C6%AFu%20%C4%91%C3%A3i%2C%203%20su%E1%BA%A5t%20ngo%E1%BA%A1i%20giao%20%C4%91%E1%BA%A5t%20n%E1%BB%81n%20th%E1%BB%95%20c%C6%B0%20tr%E1%BA%A3ng%20bom%20gi%C3%A1%20r%E1%BA%BB&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1475000715&gjid=1660414006&cid=947736523.1568612967&tid=UA-144347007-1&_gid=842361769.1568612967&_r=1&gtm=2ou941&z=1033275650 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-144347007-1&cid=947736523.1568612967&jid=1475000715&_gid=842361769.1568612967&gjid=1660414006&_v=j79&z=1033275650 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144347007-1&cid=947736523.1568612967&jid=1475000715&_v=j79&z=1033275650 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144347007-1&cid=947736523.1568612967&jid=1475000715&_v=j79&z=1033275650&slf_rd=1&random=3468998517

Request Chain 68

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1900947165&utmhn=nhadat.forum.st&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C6%AFu%20%C4%91%C3%A3i%2C%203%20su%E1%BA%A5t%20ngo%E1%BA%A1i%20giao%20%C4%91%E1%BA%A5t%20n%E1%BB%81n%20th%E1%BB%95%20c%C6%B0%20tr%E1%BA%A3ng%20bom%20gi%C3%A1%20r%E1%BA%BB&utmhid=778057032&utmr=-&utmp=%2Ft92156-topic&utmht=1568612967082&utmac=UA-26327096-1&utmcc=__utma%3D258443733.947736523.1568612967.1568612967.1568612967.1%3B%2B__utmz%3D258443733.1568612967.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1391576888&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1900947165&utmhn=nhadat.forum.st&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C6%AFu%20%C4%91%C3%A3i%2C%203%20su%E1%BA%A5t%20ngo%E1%BA%A1i%20giao%20%C4%91%E1%BA%A5t%20n%E1%BB%81n%20th%E1%BB%95%20c%C6%B0%20tr%E1%BA%A3ng%20bom%20gi%C3%A1%20r%E1%BA%BB&utmhid=778057032&utmr=-&utmp=%2Ft92156-topic&utmht=1568612967082&utmac=UA-26327096-1&utmcc=__utma%3D258443733.947736523.1568612967.1568612967.1568612967.1%3B%2B__utmz%3D258443733.1568612967.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1391576888&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~

Request Chain 69

http://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=748863774&utmhn=nhadat.forum.st&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C6%AFu%20%C4%91%C3%A3i%2C%203%20su%E1%BA%A5t%20ngo%E1%BA%A1i%20giao%20%C4%91%E1%BA%A5t%20n%E1%BB%81n%20th%E1%BB%95%20c%C6%B0%20tr%E1%BA%A3ng%20bom%20gi%C3%A1%20r%E1%BA%BB&utmhid=778057032&utmr=-&utmp=%2Ft92156-topic&utmht=1568612967087&utmac=UA-26327096-1&utmcc=__utma%3D258443733.947736523.1568612967.1568612967.1568612967.1%3B%2B__utmz%3D258443733.1568612967.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qAAAAAAAAAAAAAAAQAABAAAE~ HTTP 307
https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=748863774&utmhn=nhadat.forum.st&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C6%AFu%20%C4%91%C3%A3i%2C%203%20su%E1%BA%A5t%20ngo%E1%BA%A1i%20giao%20%C4%91%E1%BA%A5t%20n%E1%BB%81n%20th%E1%BB%95%20c%C6%B0%20tr%E1%BA%A3ng%20bom%20gi%C3%A1%20r%E1%BA%BB&utmhid=778057032&utmr=-&utmp=%2Ft92156-topic&utmht=1568612967087&utmac=UA-26327096-1&utmcc=__utma%3D258443733.947736523.1568612967.1568612967.1568612967.1%3B%2B__utmz%3D258443733.1568612967.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qAAAAAAAAAAAAAAAQAABAAAE~

Request Chain 81

http://b.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1568612967313&ns_c=UTF-8&cv=3.1&c8=%C6%AFu%20%C4%91%C3%A3i%2C%203%20su%E1%BA%A5t%20ngo%E1%BA%A1i%20giao%20%C4%91%E1%BA%A5t%20n%E1%BB%81n%20th%E1%BB%95%20c%C6%B0%20tr%E1%BA%A3ng%20bom%20gi%C3%A1%20r%E1%BA%BB&c7=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&c9= HTTP 302
http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1568612967313&ns_c=UTF-8&cv=3.1&c8=%C6%AFu%20%C4%91%C3%A3i%2C%203%20su%E1%BA%A5t%20ngo%E1%BA%A1i%20giao%20%C4%91%E1%BA%A5t%20n%E1%BB%81n%20th%E1%BB%95%20c%C6%B0%20tr%E1%BA%A3ng%20bom%20gi%C3%A1%20r%E1%BA%BB&c7=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&c9=

Request Chain 109

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 116

http://api.viglink.com/api/sync.js?key=9019de09e2fbd24ca1be00a9fededd9e HTTP 302
http://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js

Request Chain 117

http://api.viglink.com/api/sync.gif?key=9019de09e2fbd24ca1be00a9fededd9e HTTP 302
http://ce.lijit.com/merge?pid=8008&3pid=8a8d2a8b5f1a909090dc11c0db9d388b

Request Chain 124

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_cm&google_hm=ZmRiYzEwZTgtODMxMC1lNjgxLTAwMDAtMDAwMDAwMDAwMDAw HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=4&mt_ec=64ws&mt_exuid=&google_gid=CAESEJz6ysyBwpfhyoAkt16CCoU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=XBtdfyJnSwG6pjaSjHV61g

Request Chain 126

http://hal90005.redintelligence.net/request.php?zone=dap2i2xhbauc&nw=20&renderingType=javascript&namespace=322763d28d&subid=&uid=9c08b1602b09652c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3840426219413825383%26mt_id%3D6622478%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3D5c1b5d7f-2267-4b01-baa6-36928c757ad6%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F87178f81-e015-458f-a966-8840ed969677%2F%26redirect%3D&documentReferer=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&ancestorOrigins=http%3A%2F%2Fnhadat.forum.st%2Chttp%3A%2F%2Fnhadat.forum.st&random=6042641983108&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
http://hal90005.redintelligence.net/request.php?zone=dap2i2xhbauc&nw=20&renderingType=javascript&namespace=322763d28d&subid=&uid=9c08b1602b09652c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3840426219413825383%26mt_id%3D6622478%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3D5c1b5d7f-2267-4b01-baa6-36928c757ad6%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F87178f81-e015-458f-a966-8840ed969677%2F%26redirect%3D&documentReferer=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&ancestorOrigins=http%3A%2F%2Fnhadat.forum.st%2Chttp%3A%2F%2Fnhadat.forum.st&random=6042641983108&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 131

https://ad.zanox.com/tpv/?45475836C666538628T&zpar0=41696300018865800951453010988005 HTTP 302
https://pb.media01.eu/view.aspx?trackid=91C09AA007C123F60FDC6F5FD61F1F1B&dt_subid1=45475836C666538628SV1yq87397758032435045753821034658242yb5yb7T2608555801107074048&dt_subid2=&actionid=879111&produktid=postbankratenkredit&dt_url=https%3A%2F%2Fad.zanox.com%2Fppv%2Fimages%2Fonepixel.gif%3Ffoo%3D45475836C666538628SV1yq87397758032435045753821034658242yb5yb7T2608555801107074048 HTTP 301
https://ad.zanox.com/ppv/images/onepixel.gif?foo=45475836C666538628SV1yq87397758032435045753821034658242yb5yb7T2608555801107074048&dyn_id=

Request Chain 133

https://ad.zanox.com/ppv/?45475836C666538628&zpar0=41696300018865800951453010988005 HTTP 302
https://ad.zanox.com/ppv/images/onepixel.gif

Request Chain 140

https://ad.doubleclick.net/ddm/trackimp/N38306.287239AFFILINET.DE/B8594688.214760858;dc_trk_aid=413832474;dc_trk_cid=64219029;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.287239AFFILINET.DE/B8594688.214760858;dc_pre=CPymktbS1OQCFVSuewod5mwEUA;dc_trk_aid=413832474;dc_trk_cid=64219029;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

152 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request t92156-topic Show response
nhadat.forum.st/ 65 KB
16 KB 220ms
200ms Document
text/html 178.33.44.177
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://nhadat.forum.st/t92156-topic

Protocol

HTTP/1.1

Server

178.33.44.177 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

159a70b8a1c5e98aa2f5e15fa34e792f05ee5d984ac93d0b7f61929a3f036b27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0; mode=block

Request headers

Host: nhadat.forum.st
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 16 Sep 2019 05:49:26 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache
Pragma: no-cache
Expires: Mon, 16 Sep 2019 00:00:00 GMT
Last-Modified: Mon, 16 Sep 2019 05:49:26 GMT
Vary: User-Agent
X-Content-Type-Options: nosniff
X-XSS-Protection: 0; mode=block
Access-Control-Allow-Origin: *
X-Cache-NE: EXPIRED
Content-Encoding: gzip

GET
H/1.1 200
OK 0-ltr.css
nhadat.forum.st/ 151 KB
55 KB 233ms
213ms Stylesheet
text/css 178.33.44.177
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://nhadat.forum.st/0-ltr.css

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

HTTP/1.1

Security

, ,

Server

178.33.44.177 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

02cacbeea77ab51ac15b735d9042374e4b18f653c7391a7ea6eec581bc41f17c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 16 Sep 2019 05:49:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16 Sep 2019 00:00:00 GMT
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
X-Cache-NE: EXPIRED
Content-Length: 55838
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 93 KB
33 KB 25ms
7ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 26 Aug 2019 12:09:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1791592
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 33845
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Aug 2020 12:09:34 GMT

GET
H2 200 vi.js Show response
illiweb.com/rs3/51/frm/lang/ 70 KB
16 KB 96ms
16ms Script
application/x-javascript 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/51/frm/lang/vi.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4542c5ce6094ffbc5d0f25ce86fa947d99391476498220916fe8823125b27fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 402485
cf-polished: origSize=71234
status: 200
x-xss-protection: 1; mode=block
x-cache-ne: EXPIRED
last-modified: Mon, 09 Sep 2019 08:07:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
expires: Tue, 15 Sep 2020 05:49:26 GMT
cache-control: public, max-age=31536000
x-cache-pr: EXPIRED
cf-ray: 51708ea1dda6bed3-FRA
cf-bgj: minify

GET
H2 200 all.js Show response
connect.facebook.net/vi_VN/ 3 KB
2 KB 56ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/all.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

48b4a1029a115e27980be8feba2959c04ec72fed6cb89eea5310eb6ddf9f11cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: PH2APe/JIguceKIEWQYcFg==
status: 200
vary: Accept-Encoding
content-length: 1780
x-fb-debug: G190KcERYptj9zGaljLBXzhjs8z+Mo0QSYx/AvMfSCwgB9Wyfzq8qJqWDQXnGlVX/rcC0/3uvDswA5L3fdZI6w==
x-fb-trip-id: 420120009
x-fb-content-md5: 6b059ce03d1f67a6dd9f2f216b308206
etag: "6905d3eb700e3573118a880a731ba70a"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 16 Sep 2019 05:54:56 GMT

GET
H2 200 fb_login.js Show response
illiweb.com/rs3/51/frm/ograph/ 2 KB
730 B 90ms
15ms Script
application/x-javascript 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/51/frm/ograph/fb_login.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a25ffd0157934358e43303fb3d068256095cf6bc686fc8b1c72b39fe222e73d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 402757
status: 200
cf-bgj: minify
x-xss-protection: 1; mode=block
x-cache-ne: MISS
last-modified: Tue, 27 Aug 2019 14:00:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-cache-pr: MISS
cf-ray: 51708ea1dda7bed3-FRA
expires: Tue, 15 Sep 2020 05:49:26 GMT

GET
H2 200 ticker.css
illiweb.com/rs3/51/frm/jquery/ticker/ 388 B
618 B 84ms
12ms Stylesheet
text/css 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/51/frm/jquery/ticker/ticker.css

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0915a998c8a41f69e82331eca861ccb6635aac2eeb5639348f370e6e189c663c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 402758
cf-polished: origSize=390
status: 200
x-xss-protection: 1; mode=block
x-cache-ne: MISS
last-modified: Tue, 27 Aug 2019 14:00:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
expires: Tue, 15 Sep 2020 05:49:26 GMT
cache-control: public, max-age=31536000
x-cache-pr: MISS
cf-ray: 51708ea1dda3bed3-FRA
cf-bgj: minify

GET
H2 200 ticker.js Show response
illiweb.com/rs3/51/frm/jquery/ticker/ 7 KB
1 KB 87ms
17ms Script
application/x-javascript 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/51/frm/jquery/ticker/ticker.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3682a82a1dd6c67a32cb888e738e45bba2b1aace5ce26a4479cd18a007841399

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 402750
cf-polished: origSize=8803
status: 200
x-xss-protection: 1; mode=block
x-cache-ne: HIT
last-modified: Tue, 27 Aug 2019 14:00:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
expires: Tue, 15 Sep 2020 05:49:26 GMT
cache-control: public, max-age=31536000
x-cache-pr: HIT
cf-ray: 51708ea1dda8bed3-FRA
cf-bgj: minify

GET
H/1.1 200
OK publishertag.js Show response
static.criteo.net/js/ld/ 82 KB
25 KB 80ms
18ms Script
text/javascript 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 6f965e91fcd9010bc9f4d1225479b4996cecf25c4bff92f99df371bf159379f3

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:26 GMT
content-encoding: gzip
last-modified: Wed, 24 Jul 2019 22:21:06 GMT
server: nginx
etag: W/"5d38d9d2-14765"
transfer-encoding: chunked
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Tue, 17 Sep 2019 05:49:26 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 69 KB
26 KB 23ms
16ms Script
application/javascript 2a00:1450:4001:819::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-144347007-1

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2d8b76ce721e4684e231dce5ac0c227a4220a2c054c94613924835750824b544

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:26 GMT
content-encoding: br
last-modified: Mon, 16 Sep 2019 03:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 26911
x-xss-protection: 0
expires: Mon, 16 Sep 2019 05:49:26 GMT

GET
H2 200 jquery.cookie.js Show response
illiweb.com/rs3/51/frm/jquery/cookie/ 1011 B
512 B 80ms
12ms Script
application/x-javascript 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/51/frm/jquery/cookie/jquery.cookie.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 402758
status: 200
cf-bgj: minify
x-xss-protection: 1; mode=block
x-cache-ne: MISS
last-modified: Tue, 27 Aug 2019 14:00:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-cache-pr: MISS
cf-ray: 51708ea1dda9bed3-FRA
expires: Tue, 15 Sep 2020 05:49:26 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 762 B
618 B 23ms
18ms Script
text/javascript 2a00:1450:4001:81f::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

c2be71422735c4c62ae840477bd44581ba2006ae2ed94b381a3d25fb60300ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 448
x-xss-protection: 1; mode=block
expires: Mon, 16 Sep 2019 05:49:26 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 96 KB
35 KB 58ms
22ms Script
text/javascript 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

2ea955cabe710b582d2dab5a5659f00c789af91e5a1fb8a1678e5cc69c82f107

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Mon, 16 Sep 2019 05:49:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 13665209909426514778
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 35377
X-XSS-Protection: 0
Expires: Mon, 16 Sep 2019 05:49:26 GMT

GET
H2 200 okok0110.gif
i.servimg.com/u/f49/16/89/24/22/ 62 KB
62 KB 86ms
18ms Image
image/gif 2606:4700:30::6812:3907
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f49/16/89/24/22/okok0110.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3907 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b55324a12c6a457bef25d9b69a12e32c82fcc4e4de60f327497a68e79faad754

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 56408
status: 200
content-length: 62979
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Nov 2014 12:23:45 GMT
server: cloudflare
etag: "5458c551-f603"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51708ea1efa95976-VIE
expires: Tue, 15 Sep 2020 05:49:26 GMT

GET
H/1.1 404
Not Found mudim-0.8-r126.js
mudim.googlecode.com/files/ 0
0 30ms
14ms Script
text/html 2a00:1450:400c:c0b::52
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://mudim.googlecode.com/files/mudim-0.8-r126.js
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Security: , ,
Server: 2a00:1450:400c:c0b::52 Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 empty.gif
illiweb.com/fa/ 42 B
161 B 12ms
12ms Image
image/gif 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/empty.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 17989627
status: 200
content-length: 42
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-2a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51708ea22df9bed3-FRA
expires: Tue, 15 Sep 2020 05:49:26 GMT

GET
H2 200 tranh_10.png
i.servimg.com/u/f49/16/89/24/22/ 817 B
927 B 16ms
16ms Image
image/png 2606:4700:30::6812:3907
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f49/16/89/24/22/tranh_10.png

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3907 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c989150dada9ab8cd2b204788e7f30ea067372f849833b9ead2938a096db9eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 56408
status: 200
content-length: 817
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Nov 2014 12:23:44 GMT
server: cloudflare
etag: "5458c550-331"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51708ea24fd25976-VIE
expires: Tue, 15 Sep 2020 05:49:26 GMT

GET
H2 200 dien_d13.png
i.servimg.com/u/f49/16/89/24/22/ 811 B
889 B 16ms
16ms Image
image/png 2606:4700:30::6812:3907
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f49/16/89/24/22/dien_d13.png

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3907 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4b1ec13fc84d5296e1b1332ebff97d5e783238341bfc5adcec2e3d1631d7b09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 56408
status: 200
content-length: 811
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Nov 2014 12:23:44 GMT
server: cloudflare
etag: "5458c550-32b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51708ea26fdf5976-VIE
expires: Tue, 15 Sep 2020 05:49:26 GMT

GET
H2 200 tro_gi13.png
i.servimg.com/u/f49/16/89/24/22/ 750 B
828 B 16ms
16ms Image
image/png 2606:4700:30::6812:3907
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f49/16/89/24/22/tro_gi13.png

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3907 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1bd7d449c312e3f1395dade6040e69514b646a495051dbd87f6cff386239eec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 56408
status: 200
content-length: 750
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Nov 2014 12:23:44 GMT
server: cloudflare
etag: "5458c550-2ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51708ea27fe55976-VIE
expires: Tue, 15 Sep 2020 05:49:26 GMT

GET
H2 200 tim_ki13.png
i.servimg.com/u/f49/16/89/24/22/ 685 B
763 B 16ms
16ms Image
image/png 2606:4700:30::6812:3907
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f49/16/89/24/22/tim_ki13.png

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3907 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec4fb05ff94d7a46463cf9920e089852f81ad10bdfd03b4f3741c88602ee00b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 56408
status: 200
content-length: 685
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Nov 2014 12:23:44 GMT
server: cloudflare
etag: "5458c550-2ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51708ea28ff15976-VIE
expires: Tue, 15 Sep 2020 05:49:26 GMT

GET
H2 200 thanh_13.png
i.servimg.com/u/f49/16/89/24/22/ 789 B
868 B 19ms
19ms Image
image/png 2606:4700:30::6812:3907
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f49/16/89/24/22/thanh_13.png

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3907 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a525e9410427b0509fe2214292dcf2f342dbaaaafe41a3eb33e3b6a28688f7f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 56408
status: 200
content-length: 789
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Nov 2014 12:23:44 GMT
server: cloudflare
etag: "5458c550-315"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51708ea28ffc5976-VIE
expires: Tue, 15 Sep 2020 05:49:26 GMT

GET
H2 200 dang_k13.png
i.servimg.com/u/f49/16/89/24/22/ 860 B
939 B 16ms
16ms Image
image/png 2606:4700:30::6812:3907
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f49/16/89/24/22/dang_k13.png

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3907 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a2ac2019375eb1e51e20fdd63a65eb9c94964a8da0633fe76718d6d0c7decff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 56408
status: 200
content-length: 860
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Nov 2014 12:23:45 GMT
server: cloudflare
etag: "5458c551-35c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51708ea298085976-VIE
expires: Tue, 15 Sep 2020 05:49:26 GMT

GET
H2 200 dang_n13.png
i.servimg.com/u/f49/16/89/24/22/ 861 B
940 B 17ms
17ms Image
image/png 2606:4700:30::6812:3907
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f49/16/89/24/22/dang_n13.png

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3907 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ef7a93fa3f7be107e4de1d65b50da318841b0f08bdeafff4a62277f17e7c6cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 56408
status: 200
content-length: 861
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Nov 2014 12:23:45 GMT
server: cloudflare
etag: "5458c551-35d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51708ea2a8135976-VIE
expires: Tue, 15 Sep 2020 05:49:26 GMT

GET
H2

200

suspendedpage.cgi
www.sonsochu.com.vn/cgi-sys/
Redirect Chain

https://www.sonsochu.com.vn/wp-content/uploads/2017/11/banner1.png
https://www.sonsochu.com.vn/cgi-sys/suspendedpage.cgi

0
0

272ms
271ms

Image
text/html

103.74.123.4
FPT-AS-AP The Cor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sonsochu.com.vn/cgi-sys/suspendedpage.cgi
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.74.123.4 , Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS: cp123004.bkns.com.vn
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date: Mon, 16 Sep 2019 05:49:26 GMT
server: LiteSpeed
status: 302
content-type: text/html
location: https://www.sonsochu.com.vn/cgi-sys/suspendedpage.cgi
cache-control: no-cache, no-store, must-revalidate, max-age=0
alt-svc: quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length: 681

GET
H2 200 louis-10.gif
i.servimg.com/u/f11/16/90/56/73/ 18 KB
18 KB 17ms
17ms Image
image/gif 2606:4700:30::6812:3907
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f11/16/90/56/73/louis-10.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3907 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c78642b1b256f276db999a53f10c1c638abc3d01f31aadd48894c18d4bc215f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 56408
status: 200
content-length: 18171
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Aug 2017 10:41:03 GMT
server: cloudflare
etag: "598843bf-46fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51708ea2c8245976-VIE
expires: Tue, 15 Sep 2020 05:49:26 GMT

GET
H2 200 21010110.gif
i.servimg.com/u/f11/16/90/56/73/ 18 KB
18 KB 16ms
15ms Image
image/gif 2606:4700:30::6812:3907
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f11/16/90/56/73/21010110.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3907 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b41fda21beefc30d61f983ea8764572e82499e3bd7ccf1d25ee0701b3acb79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 56408
status: 200
content-length: 18386
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Sep 2017 02:53:31 GMT
server: cloudflare
etag: "59b0b4ab-47d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51708ea2e82c5976-VIE
expires: Tue, 15 Sep 2020 05:49:26 GMT

GET
H2 200 remi970x90.png
remitano.com/banners/vn/ 29 KB
29 KB 622ms
563ms Image
image/png 2606:4700:10::6814:17fa
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://remitano.com/banners/vn/remi970x90.png
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:17fa , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c2ce2107c4196e933dd1cb15b07adb3e8245a9e6b96066562c49033aacd239f0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:27 GMT
cf-cache-status: MISS
last-modified: Fri, 13 Sep 2019 11:50:29 GMT
server: cloudflare
x-powered-by: Express
etag: W/"7416-16d2a75d788"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 51708ea37b488c86-VIE
content-length: 29718
expires: Mon, 16 Sep 2019 09:49:27 GMT

GET
H2 200 google_service.js Show response
partner.googleadservices.com/gampad/ 1 KB
728 B 21ms
5ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/google_service.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

27860bbd92fc2f77d8f4c4b0c01ab7649cc8002ad183240e7289338d217b0566

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:13:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2176
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 373
x-xss-protection: 0
server: cafe
etag: 953604975598805376
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 16 Sep 2019 06:13:10 GMT

GET
H2 200 i_down_arrow.gif
hitsk.in/t/12/15/30/ 357 B
800 B 178ms
16ms Image
image/gif 2606:4700:30::6818:787c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hitsk.in/t/12/15/30/i_down_arrow.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6818:787c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e70a5676138000a3c1c75120e9e961af1a97d62e28a5d02ce512fc54bd7b2380

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 56409
status: 200
content-length: 357
x-xss-protection: 1; mode=block
last-modified: Thu, 14 Aug 2008 14:51:53 GMT
server: cloudflare
etag: "48a44689-165"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51708ea44ec1cbc8-VIE
expires: Tue, 15 Sep 2020 05:49:27 GMT

GET
H2 200 i_icon_minipost.gif
hitsk.in/t/11/16/45/ 790 B
892 B 180ms
19ms Image
image/gif 2606:4700:30::6818:787c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hitsk.in/t/11/16/45/i_icon_minipost.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6818:787c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

facb3e5741e7c0bdef290f3b75a5b221b30908330d428630e4bea4e1e7555ffa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 56409
status: 200
content-length: 790
x-xss-protection: 1; mode=block
last-modified: Wed, 27 Oct 2010 15:00:26 GMT
server: cloudflare
etag: "4cc83e8a-316"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51708ea44ec2cbc8-VIE
expires: Tue, 15 Sep 2020 05:49:27 GMT

GET
H2 200 ban-dat-trang-bom-an-vien.jpg
www.bandatnendongnai.vn/wp-content/uploads/2019/04/ 243 KB
244 KB 806ms
262ms Image
image/jpeg 202.182.98.49
Choopa

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bandatnendongnai.vn/wp-content/uploads/2019/04/ban-dat-trang-bom-an-vien.jpg
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.182.98.49 Heiwajima, Japan, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS: 202.182.98.49.vultr.com
Software: Nginx / Bandatnendongnai
Resource Hash: 6868d74127ba9b30860f736c99cbdc77e7e4979a03d9028e525552b252d52143

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:27 GMT
last-modified: Thu, 18 Jul 2019 02:50:00 GMT
server: Nginx
x-powered-by: Bandatnendongnai
etag: "5d2fde58-3cc7c"
content-type: image/jpeg
status: 200
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 248956
expires: Wed, 16 Oct 2019 05:49:27 GMT

GET
H2 200 newmem10.jpg
i.servimg.com/u/f73/12/53/31/94/ 1 KB
1 KB 26ms
21ms Image
image/jpeg 2606:4700:30::6812:3907
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f73/12/53/31/94/newmem10.jpg

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3907 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c662377c5cb31fe72c72e0162b44a2cbf811720aab0a80d8cfc30aac9a1376e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 56408
status: 200
content-length: 1369
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Dec 2008 04:41:08 GMT
server: cloudflare
etag: "4934bc64-559"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51708ea3485a5976-VIE
expires: Tue, 15 Sep 2020 05:49:26 GMT

GET
H2 200 icon_user_profile_en.gif
illiweb.com/fa/subsilver3/ 659 B
768 B 14ms
9ms Image
image/gif 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/subsilver3/icon_user_profile_en.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

21fdee7b0b8fe6e50ae8757d088eec9d41f83e2e6b1fafd73dea3deb5452c81e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19086128
status: 200
content-length: 659
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:02:05 GMT
server: cloudflare
etag: "5739a8ad-293"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51708ea34eeebed3-FRA
expires: Tue, 15 Sep 2020 05:49:26 GMT

GET
H2 200 i_up_arrow.gif
hitsk.in/t/12/15/30/ 356 B
436 B 177ms
17ms Image
image/gif 2606:4700:30::6818:787c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hitsk.in/t/12/15/30/i_up_arrow.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6818:787c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8aee7e72f173d63fbd15c24521847ab7d25f3a570d1bc132d5be26653bcedd8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 56409
status: 200
content-length: 356
x-xss-protection: 1; mode=block
last-modified: Thu, 14 Aug 2008 14:51:53 GMT
server: cloudflare
etag: "48a44689-164"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51708ea44ec3cbc8-VIE
expires: Tue, 15 Sep 2020 05:49:27 GMT

GET
H2

200

addthis_widget.js Show response
s7.addthis.com/js/300/
Redirect Chain

http://s7.addthis.com/js/300/addthis_widget.js
https://s7.addthis.com/js/300/addthis_widget.js

349 KB
113 KB

28ms
10ms

Script
application/javascript

23.210.248.44
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

bf39734c6b0b0aa2a63217dc803eaba3d79520d3bdd30c4018ee10a181b2b2fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 11 Sep 2019 20:38:55 GMT
server: nginx/1.15.8
etag: "5d795b5f-5755d"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
date: Mon, 16 Sep 2019 05:49:26 GMT
x-host: s7.addthis.com
content-length: 115051

Redirect headers

Date: Mon, 16 Sep 2019 05:49:26 GMT
Server: nginx/1.15.8
X-Distribution: 99
Content-Type: text/html
Location: https://s7.addthis.com/js/300/addthis_widget.js
X-Host: s7.addthis.com
Connection: keep-alive
Content-Length: 171

GET
H2 200 icon_mini_search.gif
illiweb.com/fa/ 238 B
322 B 15ms
11ms Image
image/gif 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/icon_mini_search.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

605183a8594eb65a3db95a7735ad7adac28b7b9814a70334837fe630bdd8d5f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 17948471
status: 200
content-length: 238
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51708ea34eefbed3-FRA
expires: Tue, 15 Sep 2020 05:49:26 GMT

GET
H2 200 dien_d10.gif
i.servimg.com/u/f49/16/89/24/22/ 21 KB
21 KB 25ms
22ms Image
image/gif 2606:4700:30::6812:3907
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f49/16/89/24/22/dien_d10.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3907 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

79da493095f8897605de282590eb6f2746fe9a72a0d4c2a499b048565a04ede6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 56408
status: 200
content-length: 21600
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Nov 2014 12:23:46 GMT
server: cloudflare
etag: "5458c552-5460"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51708ea3485c5976-VIE
expires: Tue, 15 Sep 2020 05:49:26 GMT

GET
H2 200 remi200x200.png
remitano.com/banners/vn/ 26 KB
26 KB 580ms
553ms Image
image/png 2606:4700:10::6814:17fa
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://remitano.com/banners/vn/remi200x200.png
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:17fa , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 80e452e1f9cc09e9f4afc6ea675ffd329c0c375af071ccd3dde49e9e3f8c3be0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:27 GMT
cf-cache-status: MISS
last-modified: Fri, 13 Sep 2019 11:50:29 GMT
server: cloudflare
x-powered-by: Express
etag: W/"6687-16d2a75d788"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 51708ea37b498c86-VIE
content-length: 26247
expires: Mon, 16 Sep 2019 09:49:27 GMT

GET
H2

200

suspendedpage.cgi
www.sonsochu.com.vn/cgi-sys/
Redirect Chain

https://www.sonsochu.com.vn/wp-content/uploads/2017/11/banners-2.png
https://www.sonsochu.com.vn/cgi-sys/suspendedpage.cgi

0
0

281ms
281ms

Image
text/html

103.74.123.4
FPT-AS-AP The Cor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sonsochu.com.vn/cgi-sys/suspendedpage.cgi
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.74.123.4 , Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS: cp123004.bkns.com.vn
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date: Mon, 16 Sep 2019 05:49:26 GMT
server: LiteSpeed
status: 302
content-type: text/html
location: https://www.sonsochu.com.vn/cgi-sys/suspendedpage.cgi
cache-control: no-cache, no-store, must-revalidate, max-age=0
alt-svc: quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length: 681

GET
H2 200 louis-11.gif
i.servimg.com/u/f11/16/90/56/73/ 34 KB
34 KB 18ms
16ms Image
image/gif 2606:4700:30::6812:3907
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f11/16/90/56/73/louis-11.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3907 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbdded36da71b3cd95ebcc0e44adca2e2f6e92cfdf60635d94735a96308f48a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 56408
status: 200
content-length: 34551
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Aug 2017 10:43:43 GMT
server: cloudflare
etag: "5988445f-86f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51708ea3485d5976-VIE
expires: Tue, 15 Sep 2020 05:49:26 GMT

GET
H2 200 goldma10.jpg
i.servimg.com/u/f11/16/90/56/73/ 32 KB
32 KB 21ms
19ms Image
image/jpeg 2606:4700:30::6812:3907
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f11/16/90/56/73/goldma10.jpg

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3907 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed46ff2bc02a51fa12d7e3223b20001a4ed8cf5acfcbfc8e9786996745f0adcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 56408
status: 200
content-length: 32680
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Aug 2017 10:02:38 GMT
server: cloudflare
etag: "5994183e-7fa8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51708ea3485e5976-VIE
expires: Tue, 15 Sep 2020 05:49:26 GMT

GET
H2 200 all.js Show response
connect.facebook.net/vi_VN/ 188 KB
56 KB 21ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/all.js?hash=75a4486034f00b1ec26ba64bd51e3a80&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

3a658ad501425052b292ef0c587fe2b280c2aeb4ec26aee2fe8c35195acfeea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: cors
Referer: http://nhadat.forum.st/t92156-topic
Origin: http://nhadat.forum.st
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 2UXelKGrvi5bU2+7OvXI5Q==
status: 200
content-length: 56481
etag: "24b3cf47e19e53568431ae930cc5eea3"
x-fb-debug: TveqqzdA+CDDU5twzAs59QucN6mDN5n/E0vAzt6zIkuuqbn8CJUCLd7WqACEVSHn3QZlr3bt3e10hmFw9EXmnQ==
x-fb-trip-id: 420120009
x-fb-content-md5: ff34d28aedb6e145f84cd2bafa7f8e72
x-frame-options: DENY
date: Mon, 16 Sep 2019 05:49:26 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Tue, 15 Sep 2020 04:54:56 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144347007-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 3953
date: Mon, 16 Sep 2019 04:43:33 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17803
expires: Mon, 16 Sep 2019 06:43:33 GMT

GET
H/1.1 200
OK loader.js Show response
cdn.taboola.com/libtrc/forforumotion-vi/ 64 KB
18 KB 14ms
7ms Script
application/javascript 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/libtrc/forforumotion-vi/loader.js
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Security: , ,
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 341c18f0561ecad04421132132fdd7306fa3134f65aa6e7e4a0a8b78dd929051

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: 7L.p.klH3dM9grh.mNQTo9hZBR7XkSI8
Content-Encoding: gzip
ETag: "1738146ca3e16eae031224532cfa1eb7"
Age: 140
X-Cache: HIT
Connection: keep-alive
Content-Length: 17615
x-amz-id-2: bRB13n5I4YdHWkx2/PopyfQh6NPhhr40Qd3tO6aho3nHh+ehEnuNAKGI9FPtTZfdIhWsSBVfuR0=
X-Served-By: cache-fra19132-FRA
Last-Modified: Wed, 11 Sep 2019 14:55:29 GMT
Server: AmazonS3
X-Timer: S1568612967.931900,VS0,VE1
Date: Mon, 16 Sep 2019 05:49:26 GMT
Vary: Accept-Encoding
x-amz-request-id: 94BFC363E5667429
Via: 1.1 varnish
Cache-Control: private,max-age=14401
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
abp: 94
X-Cache-Hits: 1

POST
H/1.1 204
No Content cdb Show response
bidder.criteo.com/ 0
212 B 78ms
65ms XHR
text/plain 178.250.2.152
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: http://bidder.criteo.com/cdb?ptv=68&profileId=206&cb=81120757397
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: HTTP/1.1
Security: , ,
Server: 178.250.2.152 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: http://nhadat.forum.st
Date: Mon, 16 Sep 2019 05:49:26 GMT
Access-Control-Allow-Credentials: true
Server: Finatra
Timing-Allow-Origin: *
Vary: Origin

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/api2/v1566858990656/ 264 KB
92 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:817::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/api2/v1566858990656/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

bd3cad6b7ba79270dee54a5ba1482ac6b522b147dc8f9d04791050711ada7865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 07:38:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Aug 2019 23:45:00 GMT
server: sffe
age: 1462284
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 94196
x-xss-protection: 0
expires: Sat, 29 Aug 2020 07:38:02 GMT

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

6ms
5ms

Script
text/javascript

2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 5897
date: Mon, 16 Sep 2019 04:11:09 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17168
expires: Mon, 16 Sep 2019 06:11:09 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 404
Not Found mudim-0.8-r126.js
mudim.googlecode.com/files/ 0
0 15ms
14ms Script
text/html 2a00:1450:400c:c0b::52
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://mudim.googlecode.com/files/mudim-0.8-r126.js
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Security: , ,
Server: 2a00:1450:400c:c0b::52 Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 bg_header.gif
illiweb.com/fa/prosilver/ 682 B
766 B 10ms
9ms Image
image/gif 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/prosilver/bg_header.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cdfe222dd349c5abe81b9b8c535d16c1c5d6b04950651558ca41d4078e30d00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/0-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1221916
status: 200
content-length: 682
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-2aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51708ea34ee9bed3-FRA
expires: Tue, 15 Sep 2020 05:49:26 GMT

GET
H2 200 corners_left.gif
illiweb.com/fa/prosilver/ 55 B
139 B 11ms
10ms Image
image/gif 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/prosilver/corners_left.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3c89e05bf4302b8521538f38f4117d88f59e34a3251b9daa330a1ac1bbfe23b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/0-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10639649
status: 200
content-length: 55
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-37"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51708ea34eecbed3-FRA
expires: Tue, 15 Sep 2020 05:49:26 GMT

GET
H2 200 corners_right.gif
illiweb.com/fa/prosilver/ 54 B
161 B 9ms
9ms Image
image/gif 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/prosilver/corners_right.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e004ee77cdd0e83653c2bd53ed833fe6a25d73e2371ece3d081f1c2b16de2478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/0-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19086461
status: 200
content-length: 54
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:00:36 GMT
server: cloudflare
etag: "5739a854-36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51708ea34eedbed3-FRA
expires: Tue, 15 Sep 2020 05:49:26 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
476 B 38ms
15ms Script
application/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nhadat.forum.st

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Sep 2019 05:49:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
323 B 15ms
14ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nhadat.forum.st

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Sep 2019 05:49:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/ 222 KB
82 KB 53ms
33ms Script
text/javascript 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

794fe0486515f44881ce168acf0fb4ba478b6971fe3448ae96176f50075fadca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 84018
x-xss-protection: 0
server: cafe
etag: 7346031692830552506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Sep 2019 05:49:26 GMT

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/ Frame 1127 222 KB
83 KB 43ms
27ms Script
text/javascript 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

794fe0486515f44881ce168acf0fb4ba478b6971fe3448ae96176f50075fadca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 84018
x-xss-protection: 0
server: cafe
etag: 7346031692830552506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Sep 2019 05:49:26 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190911/r20190131/ Frame A462 0
0 6ms
5ms Document
text/html 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20190911/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20190911/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://nhadat.forum.st/t92156-topic
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t92156-topic

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 12 Sep 2019 14:02:12 GMT
expires: Thu, 26 Sep 2019 14:02:12 GMT
content-type: text/html; charset=UTF-8
etag: 14866779439905550351
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 7273
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 316034
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 sprite_prosilver_navbar.png
illiweb.com/fa/ 3 KB
3 KB 10ms
8ms Image
image/png 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/sprite_prosilver_navbar.png

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

913bbda58746d2834fa514a1960eddd741c0dad41288fdcca43afb0203fde631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/0-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 18931833
status: 200
content-length: 2994
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:50 GMT
server: cloudflare
etag: "5739a89e-bb2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51708ea36f0abed3-FRA
expires: Tue, 15 Sep 2020 05:49:26 GMT

GET
H2 200 bg_button.gif
illiweb.com/fa/prosilver/ 174 B
285 B 11ms
9ms Image
image/gif 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/prosilver/bg_button.gif

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e8a79a702c74305fd3a2a0e10d8fadc1752d72ea159b0a4b25825acf3ef42ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/0-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 17952392
status: 200
content-length: 174
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51708ea36f0cbed3-FRA
expires: Tue, 15 Sep 2020 05:49:26 GMT

GET
H/1.1 200
OK pixel.gif
static.criteo.net/images/ 43 B
400 B 29ms
15ms Image
image/gif 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Security: , ,
Server: 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:26 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 10 Sep 2020 05:49:26 GMT

GET
H/1.1 200
OK pixel.gif
static.criteo.net/images/ 43 B
400 B 29ms
14ms Image
image/gif 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Security: , ,
Server: 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:26 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 10 Sep 2020 05:49:26 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 94 KB
28 KB 13ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Security: , ,
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40DF) /
Resource Hash: 01d6aaec4ff29f98c9a96f9ecdeffa2168e4f8e3e4e2ca8ee9aa73e858f38323

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 16 Sep 2019 05:49:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Sep 2019 22:21:05 GMT
Server: ECS (fcn/40DF)
Etag: "e1e1dc1ca60d338ed4a19d4b34207784+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28436

GET
H2 200 all.js Show response
connect.facebook.net/vi_VI/ 3 KB
2 KB 41ms
41ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VI/all.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

c1d4399cd476fedb06b5540eb58e2fbc9e474f961015dcf5c69d9738f5bb46ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: XXK4Z2N4xRej3af11ywXmg==
status: 200
content-length: 1777
etag: "fa572b80df53806735af3ad3a59506b1"
x-fb-debug: KUD4N9ri73bhcNQ00emkHmPwmKiWeIut/Tlw9bm8Yrjr9CEGZUgobiTfcIHxMqTk0gqjgL26tXsyP+l+ZG+d6Q==
x-fb-trip-id: 420120009
x-fb-content-md5: 10ab4ed42dc94996bebb36e471ea6f9f
x-frame-options: DENY
date: Mon, 16 Sep 2019 05:49:26 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 16 Sep 2019 06:09:26 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=778057032&t=pageview&_s=1&dl=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&ul=en-us&de=UTF-8&dt=%C6%AFu%20%C4%91%C3%A3i%2C%203%20su%E1%BA%A5t%2...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-144347007-1&cid=947736523.1568612967&jid=1475000715&_gid=842361769.1568612967&gjid=1660414006&_v=j79&z=1033275650
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144347007-1&cid=947736523.1568612967&jid=1475000715&_v=j79&z=1033275650
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144347007-1&cid=947736523.1568612967&jid=1475000715&_v=j79&z=1033275650&slf_rd=1&random=3468998517

42 B
109 B

19ms
18ms

Image
image/gif

2a00:1450:4001:81c::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144347007-1&cid=947736523.1568612967&jid=1475000715&_v=j79&z=1033275650&slf_rd=1&random=3468998517

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Sep 2019 05:49:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 16 Sep 2019 05:49:27 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144347007-1&cid=947736523.1568612967&jid=1475000715&_v=j79&z=1033275650&slf_rd=1&random=3468998517
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK impl.20190911-24-RELEASE.js Show response
cdn.taboola.com/libtrc/ 393 KB
112 KB 6ms
5ms Script
application/javascript 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/libtrc/impl.20190911-24-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/forforumotion-vi/loader.js
Protocol: HTTP/1.1
Security: , ,
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 079c6baf748d3b543bd11d58558f93c92619dfc023b34b66a1c3648a4f01feee

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: Blzyav7I7Fqr90naydKIw6WeS8AJ8pk2
Content-Encoding: gzip
ETag: "46435c29fa55e5bb182a8089f8899af1"
Age: 34
X-Cache: HIT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 113770
x-amz-id-2: FELoEKgaI/DrtIDrmVjST3PIPcoUFhciEGdu/rHoHou0MDpgtmL4Ttd8JmZIRzxAIZmtMmi1cm0=
X-Served-By: cache-fra19132-FRA
Last-Modified: Wed, 11 Sep 2019 13:41:59 GMT
Server: AmazonS3
X-Timer: S1568612967.998268,VS0,VE0
Date: Mon, 16 Sep 2019 05:49:26 GMT
Vary: Accept-Encoding
x-amz-request-id: 7C1E695CC51D6438
Via: 1.1 varnish
Cache-Control: private,max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
abp: 49
X-Cache-Hits: 143

GET
H/1.1 200
OK beacon.js Show response
b.scorecardresearch.com/ 1 KB
1 KB 15ms
6ms Script
application/x-javascript 2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://b.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/forforumotion-vi/loader.js
Protocol: HTTP/1.1
Security: , ,
Server: 2.16.186.80 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 16 Sep 2019 05:49:27 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 901
Expires: Tue, 17 Sep 2019 05:49:27 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame ED92 40 KB
13 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5157c74ae444beef78edd3537ae7d89c520646b87186139f84496f6fb51a0f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "280 / 31 of 1000 / last-modified: 1568323734"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 12662
x-xss-protection: 0
expires: Mon, 16 Sep 2019 05:49:27 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame DD16 41 KB
13 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

76ae2a71f0853ebc2535d93b1e9c454a9f28617c168afed14329394a86ed766f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "280 / 469 of 1000 / last-modified: 1568323759"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 13175
x-xss-protection: 0
expires: Mon, 16 Sep 2019 05:49:27 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 87D4 41 KB
13 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

2e18c2a8149953fcc039ee711d6b160e3c66c9da9bc0cd5ecc5476b0032af9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "280 / 776 of 1000 / last-modified: 1568323759"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 13175
x-xss-protection: 0
expires: Mon, 16 Sep 2019 05:49:27 GMT

GET
H2 200 xd_arbiter.php
staticxx.facebook.com/connect/ Frame CC63 0
0 7ms
6ms Document
text/html 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/all.js?hash=75a4486034f00b1ec26ba64bd51e3a80&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter.php?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://nhadat.forum.st/t92156-topic
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t92156-topic

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Sat, 12 Sep 2020 21:59:33 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: QLVhFGDSCP5+LvocwwXSnO8csHowjRRQT1crSmzQh3rSvoas/8/2rz4kW7SdA3qJxfIPMCRB1ENRofN7PBLihA==
content-length: 11795
x-fb-trip-id: 420120009
date: Mon, 16 Sep 2019 05:49:27 GMT

GET
H2

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1900947165&utmhn=nhadat.forum.st&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C6%A...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1900947165&utmhn=nhadat.forum.st&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C6%...

35 B
101 B

14ms
14ms

Image
image/gif

2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1900947165&utmhn=nhadat.forum.st&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C6%AFu%20%C4%91%C3%A3i%2C%203%20su%E1%BA%A5t%20ngo%E1%BA%A1i%20giao%20%C4%91%E1%BA%A5t%20n%E1%BB%81n%20th%E1%BB%95%20c%C6%B0%20tr%E1%BA%A3ng%20bom%20gi%C3%A1%20r%E1%BA%BB&utmhid=778057032&utmr=-&utmp=%2Ft92156-topic&utmht=1568612967082&utmac=UA-26327096-1&utmcc=__utma%3D258443733.947736523.1568612967.1568612967.1568612967.1%3B%2B__utmz%3D258443733.1568612967.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1391576888&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Sep 2019 05:49:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1900947165&utmhn=nhadat.forum.st&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C6%AFu%20%C4%91%C3%A3i%2C%203%20su%E1%BA%A5t%20ngo%E1%BA%A1i%20giao%20%C4%91%E1%BA%A5t%20n%E1%BB%81n%20th%E1%BB%95%20c%C6%B0%20tr%E1%BA%A3ng%20bom%20gi%C3%A1%20r%E1%BA%BB&utmhid=778057032&utmr=-&utmp=%2Ft92156-topic&utmht=1568612967082&utmac=UA-26327096-1&utmcc=__utma%3D258443733.947736523.1568612967.1568612967.1568612967.1%3B%2B__utmz%3D258443733.1568612967.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1391576888&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~
Non-Authoritative-Reason: HSTS

GET
H2

200

__utm.gif
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=748863774&utmhn=nhadat.forum.st&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C6%AFu%...
https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=748863774&utmhn=nhadat.forum.st&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C6%AFu...

35 B
99 B

6ms
6ms

Image
image/gif

2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=748863774&utmhn=nhadat.forum.st&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C6%AFu%20%C4%91%C3%A3i%2C%203%20su%E1%BA%A5t%20ngo%E1%BA%A1i%20giao%20%C4%91%E1%BA%A5t%20n%E1%BB%81n%20th%E1%BB%95%20c%C6%B0%20tr%E1%BA%A3ng%20bom%20gi%C3%A1%20r%E1%BA%BB&utmhid=778057032&utmr=-&utmp=%2Ft92156-topic&utmht=1568612967087&utmac=UA-26327096-1&utmcc=__utma%3D258443733.947736523.1568612967.1568612967.1568612967.1%3B%2B__utmz%3D258443733.1568612967.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qAAAAAAAAAAAAAAAQAABAAAE~

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Sep 2019 22:42:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1062389
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=748863774&utmhn=nhadat.forum.st&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C6%AFu%20%C4%91%C3%A3i%2C%203%20su%E1%BA%A5t%20ngo%E1%BA%A1i%20giao%20%C4%91%E1%BA%A5t%20n%E1%BB%81n%20th%E1%BB%95%20c%C6%B0%20tr%E1%BA%A3ng%20bom%20gi%C3%A1%20r%E1%BA%BB&utmhid=778057032&utmr=-&utmp=%2Ft92156-topic&utmht=1568612967087&utmac=UA-26327096-1&utmcc=__utma%3D258443733.947736523.1568612967.1568612967.1568612967.1%3B%2B__utmz%3D258443733.1568612967.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qAAAAAAAAAAAAAAAQAABAAAE~
Non-Authoritative-Reason: HSTS

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame A05A 0
0 26ms
26ms Document
text/html 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1679833670506844&output=html&adk=4230865854&adf=2465371114&lmt=1568612966&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&ea=0&flash=0&pra=5&wgl=1&dt=1568612966930&bpp=7&bdt=336&idt=167&shv=r20190911&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=8368609802174&frm=20&pv=2&ga_vid=947736523.1568612967&ga_sid=1568612967&ga_hid=778057032&ga_fc=1&iag=0&icsg=172544&dssz=63&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20040013%2C248427477%2C21061796&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=0&uci=0.8148pjodwqth&fsb=1&dtd=185

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1679833670506844&output=html&adk=4230865854&adf=2465371114&lmt=1568612966&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&ea=0&flash=0&pra=5&wgl=1&dt=1568612966930&bpp=7&bdt=336&idt=167&shv=r20190911&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=8368609802174&frm=20&pv=2&ga_vid=947736523.1568612967&ga_sid=1568612967&ga_hid=778057032&ga_fc=1&iag=0&icsg=172544&dssz=63&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20040013%2C248427477%2C21061796&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=0&uci=0.8148pjodwqth&fsb=1&dtd=185
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://nhadat.forum.st/t92156-topic
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t92156-topic

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 16 Sep 2019 05:49:27 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 16-Sep-2019 06:04:27 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
expires: Mon, 16 Sep 2019 05:49:27 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 77 KB
29 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fa6c0d77f097497e1a53b31c22f0aac13947e9a7a72a5202806411bebf7c916a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568373336498356"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29135
x-xss-protection: 0
expires: Mon, 16 Sep 2019 05:49:27 GMT

GET
H/1.1 200
OK vglnk.js Show response
cdn.viglink.com/api/ 78 KB
28 KB 32ms
19ms Script
text/javascript 2606:4700::6810:a30d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.viglink.com/api/vglnk.js
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700::6810:a30d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27a1b8a51741d0473ab2eab70188657fd20d755ba84e0b3e6a51e6f94d7e3a4b

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 16 Sep 2019 05:49:27 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 1760072
CF-RAY: 51708ea4afaccbc4-VIE
Connection: keep-alive
Content-Length: 27531
x-amz-id-2: QQEpphTl7TxKUL6dQMqJ/Q57rCsnyZunZv5Vk6t1uzRmKAfzGf4hFzJt65dol/WwwvmfCmRIcnw=
Last-Modified: Mon, 29 Jul 2019 20:54:38 GMT
Server: cloudflare
ETag: "bdefbb6abea5b94d18f16f50ec3ebaae"
Vary: Accept-Encoding
x-amz-request-id: 4E5EC98B2C1F3F7D
Cache-Control: public, max-age=1800
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Mon, 16 Sep 2019 06:19:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
822 B 47ms
27ms Font
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

2b7caf43d9c84f7b05243a68e7bc41555f0b873a115a1e1c691f86bed97dd4d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://nhadat.forum.st/t92156-topic
Origin: http://nhadat.forum.st
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 16 Sep 2019 05:49:27 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Mon, 16 Sep 2019 05:49:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection: 0
expires: Mon, 16 Sep 2019 05:49:27 GMT

GET
H2 200 like.php
www.facebook.com/plugins/ Frame 5DEF 0
0 85ms
52ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?locale=en_GB&href=http%3A%2F%2Fnhadat.forum.st%2Ft92156-&send=false&layout=standard&width=60&show_faces=false&action=like&colorscheme=light&font&height=60

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?locale=en_GB&href=http%3A%2F%2Fnhadat.forum.st%2Ft92156-&send=false&layout=standard&width=60&show_faces=false&action=like&colorscheme=light&font&height=60
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://nhadat.forum.st/t92156-topic
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t92156-topic

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: QmZKQNokiQNTDMOqzEP/3+hPWh5ajETItr/HbviLNyag4kfTl7sI3hLp29V7jyuvAS4xJfCj1vNizbdGADW9Sg==
date: Mon, 16 Sep 2019 05:49:27 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 94 KB
28 KB 43ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js?_=1568612967153
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40B5) /
Resource Hash: 01d6aaec4ff29f98c9a96f9ecdeffa2168e4f8e3e4e2ca8ee9aa73e858f38323

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 16 Sep 2019 05:49:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Sep 2019 22:21:05 GMT
Server: ECS (fcn/40B5)
Etag: "e1e1dc1ca60d338ed4a19d4b34207784+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-control-allow-origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28436

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 62ms
31ms Fetch
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=350870611723837&input_token&origin=1&redirect_uri=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/all.js?hash=75a4486034f00b1ec26ba64bd51e3a80&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: cors
Referer: http://nhadat.forum.st/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
status: 200
content-length: 0
pragma: no-cache
x-fb-debug: yQvjXZmEFpQb5A0gO3pxGWrff6DRsAunuWz9oqWDDEyf/q7DVTBNKvdd3FBk7Z95EY1QDIaMxp82D65RzVK6Zg==
fb-s: unknown
cache-control: private, no-cache, no-store, must-revalidate
date: Mon, 16 Sep 2019 05:49:27 GMT
x-frame-options: DENY
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://nhadat.forum.st
access-control-expose-headers: fb-s
fb-error-description: "This endpoint may only be called from an HTTPS Origin."
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 connect.js Show response
connect.topicit.net/scripts/ 3 KB
2 KB 86ms
20ms Script
application/javascript 2606:4700:30::681c:e2
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.topicit.net/scripts/connect.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:e2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

39ce845fc0203d4cb00559dff89d9448765e0ebd65ebbaf76623cc9850827542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3915
cf-polished: origSize=5437
status: 200
last-modified: Tue, 27 Aug 2019 14:04:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
etag: W/"5d653880-153d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 51708ea538a18cb6-VIE
expires: Tue, 17 Sep 2019 05:49:27 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/forumotion/ 166 B
373 B 178ms
176ms Script
application/javascript 23.210.248.44
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/forumotion/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.8.v20180619) /
Resource Hash: 4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:27 GMT
surrogate-key: forumotion
server: Jetty(9.4.8.v20180619)
etag: 659743217
cache-tag: forumotion
status: 200
cache-control: public, max-age=34, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-type: application/javascript;charset=utf-8
content-length: 166

GET
H2 200 like.php
www.facebook.com/plugins/ Frame AA40 0
0 418ms
418ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?action=like&app_id=350870611723837&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df24f282c3108234%26domain%3Dnhadat.forum.st%26origin%3Dhttp%253A%252F%252Fnhadat.forum.st%252Ff24b04559618998%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&layout=button_count&locale=vi_VN&sdk=joey&share=false&show_faces=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/all.js?hash=75a4486034f00b1ec26ba64bd51e3a80&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?action=like&app_id=350870611723837&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df24f282c3108234%26domain%3Dnhadat.forum.st%26origin%3Dhttp%253A%252F%252Fnhadat.forum.st%252Ff24b04559618998%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&layout=button_count&locale=vi_VN&sdk=joey&share=false&show_faces=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://nhadat.forum.st/t92156-topic
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t92156-topic

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: egmPsXBaBh4aDb5iSld3u4/jTwVwmCu7emgHThfZPfU8tBLxhNhYMYJIDDTfPlyFJF+yUNyKGv2RqHjjF6CYOA==
date: Mon, 16 Sep 2019 05:49:27 GMT

GET
H/1.1 200
OK widget_iframe.d9084ca5af1ffbe01c8d444cfadfa6fe.html
platform.twitter.com/widgets/ Frame 6D4F 0
0 43ms
42ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.d9084ca5af1ffbe01c8d444cfadfa6fe.html?origin=http%3A%2F%2Fnhadat.forum.st
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41A3) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: http://nhadat.forum.st/t92156-topic
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t92156-topic

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 16 Sep 2019 05:49:27 GMT
Etag: "7d3f6ed140174a20e7c8be261a70a863+gzip"
Last-Modified: Mon, 09 Sep 2019 22:11:15 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/41A3)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5816

GET
H/1.1

204
No Content

b2
b.scorecardresearch.com/
Redirect Chain

http://b.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1568612967313&ns_c=UTF-8&cv=3.1&c8=%C6%AFu%20%C4%91%C3%A3i%2C%203%20su%E1%BA%A5t%20ngo%E1%BA%A1i%20giao%20%C4%91%E1%BA%A5t%20n...
http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1568612967313&ns_c=UTF-8&cv=3.1&c8=%C6%AFu%20%C4%91%C3%A3i%2C%203%20su%E1%BA%A5t%20ngo%E1%BA%A1i%20giao%20%C4%91%E1%BA%A5t%20...

0
248 B

6ms
6ms

Image
text/plain

2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1568612967313&ns_c=UTF-8&cv=3.1&c8=%C6%AFu%20%C4%91%C3%A3i%2C%203%20su%E1%BA%A5t%20ngo%E1%BA%A1i%20giao%20%C4%91%E1%BA%A5t%20n%E1%BB%81n%20th%E1%BB%95%20c%C6%B0%20tr%E1%BA%A3ng%20bom%20gi%C3%A1%20r%E1%BA%BB&c7=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&c9=
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Security: , ,
Server: 2.16.186.80 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Sep 2019 05:49:27 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1568612967313&ns_c=UTF-8&cv=3.1&c8=%C6%AFu%20%C4%91%C3%A3i%2C%203%20su%E1%BA%A5t%20ngo%E1%BA%A1i%20giao%20%C4%91%E1%BA%A5t%20n%E1%BB%81n%20th%E1%BB%95%20c%C6%B0%20tr%E1%BA%A3ng%20bom%20gi%C3%A1%20r%E1%BA%BB&c7=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&c9=
Pragma: no-cache
Date: Mon, 16 Sep 2019 05:49:27 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2019082901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame ED92 158 KB
59 KB 35ms
15ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

ec6c461b6a7da1d28c5bb10b93c755c080ccdaed59821bdf1076bdc3866cc956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Aug 2019 13:06:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 59716
x-xss-protection: 0
expires: Mon, 16 Sep 2019 05:49:27 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame ED92 113 B
178 B 15ms
15ms Script
application/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=nhadat.forum.st

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Sep 2019 05:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 108
x-xss-protection: 0

GET
H2 200 pubads_impl_2019090901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame DD16 157 KB
58 KB 33ms
24ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

d2064583dc074f40b117a6e11043ea853c50bc49954b5ac936a48d9482d36fa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 09 Sep 2019 13:07:13 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 59061
x-xss-protection: 0
expires: Mon, 16 Sep 2019 05:49:27 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame DD16 113 B
175 B 15ms
15ms Script
application/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=nhadat.forum.st

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Sep 2019 05:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 108
x-xss-protection: 0

GET
H2 200 pubads_impl_2019090901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 87D4 157 KB
58 KB 21ms
19ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js?21064600

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

d2064583dc074f40b117a6e11043ea853c50bc49954b5ac936a48d9482d36fa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 09 Sep 2019 13:07:13 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 59061
x-xss-protection: 0
expires: Mon, 16 Sep 2019 05:49:27 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame 87D4 113 B
175 B 15ms
15ms Script
application/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=nhadat.forum.st

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Sep 2019 05:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 108
x-xss-protection: 0

GET
H/1.1 200
OK pixel.gif
cdn.viglink.com/images/ 43 B
552 B 21ms
20ms Image
image/gif 2606:4700::6810:a30d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.viglink.com/images/pixel.gif?ch=1&rn=1.323710334669981
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700::6810:a30d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 16 Sep 2019 05:49:27 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 10 Feb 2015 03:29:39 GMT
Server: cloudflare
Age: 11
ETag: "221d8352905f2c38b3cb2bd191d630b0"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=15, must-revalidate
Content-Length: 43
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 51708ea60a87cbc4-VIE
x-amz-request-id: 17C4A8DE225C39CC
x-amz-id-2: 7zuEfQ4DpkW+9tJkXi8rP8iettvh+76JESNEiC2oce55OzYsGCX5L7L3JH9FaLiL2fA40c84AC0=

GET
H/1.1 200
OK pixel.gif
cdn.viglink.com/images/ 43 B
552 B 37ms
25ms Image
image/gif 2606:4700::6810:a30d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.viglink.com/images/pixel.gif?ch=2&rn=1.323710334669981
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700::6810:a30d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 16 Sep 2019 05:49:27 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 10 Feb 2015 03:29:39 GMT
Server: cloudflare
Age: 11
ETag: "221d8352905f2c38b3cb2bd191d630b0"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=15, must-revalidate
Content-Length: 43
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 51708ea6194759b2-VIE
x-amz-request-id: 17C4A8DE225C39CC
x-amz-id-2: 7zuEfQ4DpkW+9tJkXi8rP8iettvh+76JESNEiC2oce55OzYsGCX5L7L3JH9FaLiL2fA40c84AC0=

GET
H2 200 client.vi.min.json Show response
s7.addthis.com/l10n/ 4 KB
2 KB 22ms
9ms XHR
application/json 23.210.248.44
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/l10n/client.vi.min.json

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

177956c92b2e1a8845baa7dd3f06d8ae1f1b5181563566710e6eef565888028a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode: cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 20 Aug 2019 19:33:54 GMT
server: nginx/1.15.8
status: 200
etag: W/"5d5c4b22-e76"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, s-maxage=604800
date: Mon, 16 Sep 2019 05:49:27 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 1664

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame ED92 4 KB
2 KB 379ms
379ms XHR
text/plain 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2770580047204319&correlator=3262762203344110&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fif&eid=21062818%2C21064368&vrg=2019082901&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=0&sfv=1-0-35&ecs=20190916&iu=%2F3324476%2F728x90-top&sz=728x90&eri=6&cookie_enabled=1&bc=23&lmt=1568612967&dt=1568612967390&dlt=1568612967006&idt=368&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adx=322&ady=488&adk=1505497364&uci=7ac45s2riuj8&ifi=1&ifk=2529259803&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&top=nhadat.forum.st&dssz=2&icsg=10&std=0&vis=1&scr_x=0&scr_y=0&ga_vid=947736523.1568612967&ga_sid=1568612967&ga_hid=622297503&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

94a64f292945bcbae4770721450364470f6930dbf6016645cbcb06eb1e5d519c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 2192
x-xss-protection: 0
google-lineitem-id: 2395396
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 101399525116
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://nhadat.forum.st
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019082901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame ED92 66 KB
25 KB 14ms
13ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

05e529a757d25aa9d160d28e57c20041eee3f973870c0f0ad4ac7c21937254b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Aug 2019 13:06:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 25315
x-xss-protection: 0
expires: Mon, 16 Sep 2019 05:49:27 GMT

GET container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame ED92 0
0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 87D4 9 KB
5 KB 288ms
288ms XHR
text/plain 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1970809483762099&correlator=1229400898619503&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fif&eid=21064600%2C21064440&vrg=2019090901&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=0&sfv=1-0-35&ecs=20190916&iu=%2F3324476%2F300x250&sz=300x250&eri=6&cookie_enabled=1&bc=23&lmt=1568612967&dt=1568612967416&dlt=1568612967056&idt=348&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adx=718&ady=1562&adk=3788786385&uci=rg9tkgj3kxiv&ifi=1&ifk=3508167448&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&top=nhadat.forum.st&dssz=2&icsg=10&std=0&vis=1&scr_x=0&scr_y=0&ga_vid=947736523.1568612967&ga_sid=1568612967&ga_hid=2101394476&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js?21064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

8a59fc01818cd00d57f63e26980280bf895bf0c4c7118697badcb1bf89f609c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 4611
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://nhadat.forum.st
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019090901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 87D4 62 KB
24 KB 23ms
23ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090901.js?21064600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js?21064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

f92613e18f86a27550aa6d749c835105da1adcb8144563d352341a871cf7e8ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 09 Sep 2019 13:07:13 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 24115
x-xss-protection: 0
expires: Mon, 16 Sep 2019 05:49:27 GMT

GET container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame 87D4 0
0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame DD16 4 KB
2 KB 392ms
391ms XHR
text/plain 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=788487736862941&correlator=1066982200110502&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fif&eid=21064571%2C21061864%2C21062833%2C21063793%2C21064211%2C21064370%2C21064545&vrg=2019090901&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=0&sfv=1-0-35&ecs=20190916&iu=%2F3324476%2F300x250&sz=300x250&eri=6&cookie_enabled=1&bc=23&lmt=1568612967&dt=1568612967496&dlt=1568612967050&idt=429&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adx=354&ady=1562&adk=3788786385&uci=tlubiduvueqn&ifi=1&ifk=3508167448&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&top=nhadat.forum.st&dssz=2&icsg=10&std=0&vis=1&scr_x=0&scr_y=0&ga_vid=947736523.1568612967&ga_sid=1568612967&ga_hid=573202590&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e884b3e21bb0b5367f826e6de44cdea745eb3e0a3b083b2da2ad7c49f5a33cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 2018
x-xss-protection: 0
google-lineitem-id: 2378356
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138237774710
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://nhadat.forum.st
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019090901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame DD16 62 KB
24 KB 45ms
44ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

f92613e18f86a27550aa6d749c835105da1adcb8144563d352341a871cf7e8ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 09 Sep 2019 13:07:13 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 24115
x-xss-protection: 0
expires: Mon, 16 Sep 2019 05:49:27 GMT

GET container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame DD16 0
0

GET
H/1.1 200
OK button.fc9ebf951a9289ff2153fdd98b8fd4a4.js Show response
platform.twitter.com/js/ 7 KB
3 KB 7ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.fc9ebf951a9289ff2153fdd98b8fd4a4.js
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E6) /
Resource Hash: 713ee1f99eb3fea3d726a797e55dcc0b6b8ab5eb1db72bc2ac7430d6c6c5e1c5

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 16 Sep 2019 05:49:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Sep 2019 22:11:07 GMT
Server: ECS (fcn/40E6)
Etag: "0f356c4c57ab07dd2a1b3edb361aa130+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 2294

GET
H/1.1 200
OK tweet_button.d9084ca5af1ffbe01c8d444cfadfa6fe.vi.html
platform.twitter.com/widgets/ Frame D502 0
0 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.d9084ca5af1ffbe01c8d444cfadfa6fe.vi.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41A4) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: http://nhadat.forum.st/t92156-topic
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t92156-topic

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-control-allow-origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 16 Sep 2019 05:49:27 GMT
Etag: "cc41d771a7f9110588318da4d5fb07f9+gzip"
Last-Modified: Mon, 09 Sep 2019 22:11:15 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/41A4)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 12528

GET
H/1.1 200
OK tweet_button.d9084ca5af1ffbe01c8d444cfadfa6fe.vi.html
platform.twitter.com/widgets/ Frame CEDF 0
0 15ms
9ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.d9084ca5af1ffbe01c8d444cfadfa6fe.vi.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/418A) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: http://nhadat.forum.st/t92156-topic
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t92156-topic

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 16 Sep 2019 05:49:27 GMT
Etag: "cc41d771a7f9110588318da4d5fb07f9+gzip"
Last-Modified: Mon, 09 Sep 2019 22:11:15 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/418A)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 12528

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame 7831 0
0 30ms
10ms Document
text/html 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090901.js?21064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-35/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://nhadat.forum.st/t92156-topic
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t92156-topic

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 3491
date: Thu, 12 Sep 2019 17:35:26 GMT
expires: Fri, 11 Sep 2020 17:35:26 GMT
last-modified: Fri, 21 Jun 2019 14:35:26 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 303241
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 87D4 77 KB
29 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js?21064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fa6c0d77f097497e1a53b31c22f0aac13947e9a7a72a5202806411bebf7c916a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568373336498356"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29135
x-xss-protection: 0
expires: Mon, 16 Sep 2019 05:49:27 GMT

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 1FCD 0
64 B 18ms
17ms Fetch
image/gif 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUobUkBekZuiL9jJdg709Bs7RsoDRde1vMYuUX8eebUesukP070GOwmiuHWDacFz8Du5B0QAbyp08O_kTM9LEh9aW-ro-lo9a7jKKoTwMsqfOKkiL0Ov35dPkgO6tnrkS5OP8uWfnQrvDwdb7F6VniFCl5IBNfUP081W5m7I77s7HBnTyDDfeqq9DOPNDoTBSa4dnvF-jC9r19BgV4n0sOMcP0LEgntxx6VXEQLD855YkZKLOEbtx6yliHFFD2yw&sig=Cg0ArKJSzJ57SRdSegHPEAE&urlfix=1&adurl=

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Sep 2019 05:49:27 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK 11662.js Show response
ads.rubiconproject.com/ad/ Frame 1FCD 26 KB
8 KB 24ms
6ms Script
text/javascript 104.108.40.167
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/11662.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082901.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.40.167 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-108-40-167.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: d02197080b9680999381b5f5337fedd92674e5a1550ddfcc0c70612d3170a5e3

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 16 Sep 2019 05:49:27 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2078
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 7558
Expires: Mon, 16 Sep 2019 06:24:05 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1FCD 78 KB
29 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5ae991940db5f8d052ab0ff33ec4be064db50ed1f3f649a4576af4687bff8d21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568373336498356"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29635
x-xss-protection: 0
expires: Mon, 16 Sep 2019 05:49:27 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame ED92 77 KB
29 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fa6c0d77f097497e1a53b31c22f0aac13947e9a7a72a5202806411bebf7c916a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568373336498356"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29135
x-xss-protection: 0
expires: Mon, 16 Sep 2019 05:49:27 GMT

GET
H/1.1

200
OK

jot.html
platform.twitter.com/ Frame 640F
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

7ms
6ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/419D) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: null
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 16 Sep 2019 05:49:27 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Mon, 09 Sep 2019 22:21:05 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/419D)
X-Cache: HIT
Content-Length: 80

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Mon, 16 Sep 2019 05:49:27 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Mon, 16 Sep 2019 05:49:27 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_o
strict-transport-security: max-age=631138519
x-connection-hash: bd85d470815c66e07c61766392b9d88e
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 117
x-transaction: 008dda7c00f2414f
x-tsa-request-body-time: 0
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

GET
H/1.1 200
OK 151372-2.js Show response
optimized-by.rubiconproject.com/a/11662/36512/ Frame 1FCD 3 KB
3 KB 85ms
77ms Script
text/javascript 69.173.144.142
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: http://optimized-by.rubiconproject.com/a/11662/36512/151372-2.js?&cb=0.036185983250738296&tk_st=1&rf=http%3A//nhadat.forum.st/t92156-topic&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=36512_2
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/11662.js
Protocol: HTTP/1.1
Security: , ,
Server: 69.173.144.142 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: f01dbfc1427e926e2b1e7f38a7046ec06d95e40d723154f2ce83e75172df9ccd

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Sep 2019 05:49:27 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=5, max=131
Content-Length: 1979
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK ping Show response
api.viglink.com/api/ 340 B
1021 B 70ms
43ms XHR
text/javascript 99.80.15.126
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/ping
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: , ,
Server: 99.80.15.126 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-99-80-15-126.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 087035ac616554cdce2604675ffd6812d616e75889ac6defc352760eedd4b7b9

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 16 Sep 2019 05:49:27 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://nhadat.forum.st
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 340
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame 7B14 0
0 7ms
6ms Document
text/html 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-35/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://nhadat.forum.st/t92156-topic
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t92156-topic

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 3491
date: Thu, 12 Sep 2019 17:35:26 GMT
expires: Fri, 11 Sep 2020 17:35:26 GMT
last-modified: Fri, 21 Jun 2019 14:35:26 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 303241
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame DD16 77 KB
29 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fa6c0d77f097497e1a53b31c22f0aac13947e9a7a72a5202806411bebf7c916a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568373336498356"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29135
x-xss-protection: 0
expires: Mon, 16 Sep 2019 05:49:27 GMT

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 1FCD 2 KB
2 KB 44ms
29ms Script
application/x-javascript 185.29.133.208
MediaMath Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIwLyAvWm1SaVl6RXdaVGd0T0RNeE1DMWxOamd4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzM4NDA0MjYyMTk0MTM4MjUzODMvNjYyMjQ3OC80NTYyMzU1LzkvODB2X0hyWWIwVHJNeG9UMVNVbm5sYW5wZDBfbzM0aW1uMzJrZEVqZFZQZy8xLzkvMC8wLzk1NjgwMy8yNDIwOTI3Nzc0LzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8zODQwNDI2MjE5NDEzODI1MzgzL3pyaC8wLzM1Ny8zMi85OTkvNDAvMTQ0Ljc2LjEwOS4wLzAuMDAwLzE1Njg2MTI5Njcv/4wVLdyj9y4tcGpSMJ3F4Uxj8000&nodeid=725&auctionid=3840426219413825383&exch=ruc&sid=4562355&cid=6622478&price=7FF00CD929E26837&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&group=eu&bp=a_aceaaa&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F87178f81-e015-458f-a966-8840ed969677%2F
Requested by: Host: optimized-by.rubiconproject.com
URL: http://optimized-by.rubiconproject.com/a/11662/36512/151372-2.js?&cb=0.036185983250738296&tk_st=1&rf=http%3A//nhadat.forum.st/t92156-topic&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=36512_2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.208 , United Kingdom, ASN30419 (MEDIAMATH-INC - MediaMath Inc, US),
Reverse DNS
Software: MMBD/3.154.1 /
Resource Hash: d8ccc5f977b1e1ea66e780d67ef01d2499689809e10d5d237f7d1143a83eedd1

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 16 Sep 2019 05:49:27 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1568612967
Last-Modified: Mon, 16 Sep 2019 05:49:27 GMT
Server: MMBD/3.154.1
x-mm-latency: 3 (1)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: count
Cache-Control: no-cache
x-mm-host: zrh-router-x40, zrh-bidder-x78
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Mon, 16 Sep 2019 05:49:26 GMT

GET
H/1.1 200
OK 87178f81-e015-458f-a966-8840ed969677
beacon-eu2.rubiconproject.com/beacon/d/ Frame 1FCD 43 B
268 B 42ms
9ms Image
image/webp 69.173.144.155
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://beacon-eu2.rubiconproject.com/beacon/d/87178f81-e015-458f-a966-8840ed969677?oo=0&accountId=11662&siteId=36512&zoneId=151372&sizeId=2&e=6A1E40E384DA563B0CDFD73E3603EEA154E11356754797CB135AE579EA0CD2EEA8FA511E0E58D1B0EC3C7FD436146C13172DB22D3B21A9B54ECEFD2FEC9A16E685A6F9CA9C698035510D6FB81D79FB27E581C7278562D885FD99DAC33F078020E95362172CF2D9E63C7277DA2DDEC24CB8AF48733E0490BADAD55DF1E769203C88035889FF981521987E695D9B0050C6D8E45BEB5CCD5D86D8D6E1A8B2E8E57FEBFBA2EDED8F9B873414C3451D6BFE1F21DEAB3EB1E976D53BE45C11C81FB81235FE60042111DF9AD8EFC9095A1DF1FB4620ACDF9CB6A8C8412EC3192328D16787564BED1DE5902D38940D47094D2BDD95FB8E54DFD88A113FAB791001CDAF5AB3E627CDF6374C1B28805D42597AE825BA76C2FBD9EC49A5FBC172FBA91775E6938C2B94BEF689F9046B1611E548DAD769F906FDD2F4FC6D69686FE89A90D1B30F984D56C8361623D888BD58682889188D1A1EDD315617F4E82C8DC099D34DAF7A4512289792C6D4D412D919DB7561D6D035A83E6F4D25F75F80E4DB370AA1A59B82BB21B430064CE82C8DC099D34DAF11EA0C268307A5A84BE0469B4098C398F564392DF702867AECAD5E03447294BB19E684AA7A7824AC06539B1106410B983E18C15FA2A590F72BE32183FC2C9DB83B08F20F681F7E7AE794E30949E5EBFD7D70377DD4EFD393C77669D7327B77ACA3D71F43F8BEE02DDC28B4D13A78E618368811991055DB6DB4DCFE85537E2727C51C40F6313CACA7DBAE68C3880EDC11AA22B9FFCB0C25546240B348FC26EBCF3CC4FA92AE7E271B835030A9B3B592E2CB80C29833A7591E83009FDB9DE7981686E98ECF3AF70751E9BE9703B537D7B5DE8ECD6645D88671BEEC4EC355D9D3B67A434B0144B22885C7B376701A172433
Requested by: Host: optimized-by.rubiconproject.com
URL: http://optimized-by.rubiconproject.com/a/11662/36512/151372-2.js?&cb=0.036185983250738296&tk_st=1&rf=http%3A//nhadat.forum.st/t92156-topic&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=36512_2
Protocol: HTTP/1.1
Security: , ,
Server: 69.173.144.155 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Sep 2019 05:49:27 GMT
Cache-Control: private, max-age=0, no-cache
Server: Rubicon Project
Content-Type: image/webp
Content-Length: 43
Expires: 01 Jan 1970 10:00:00 GMT

GET
H/1.1

200
OK

tag.min.js Show response
get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/
Redirect Chain

http://api.viglink.com/api/sync.js?key=9019de09e2fbd24ca1be00a9fededd9e
http://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js

43 KB
14 KB

33ms
8ms

Script
text/javascript

2600:9000:20bb:7a00:1f:287:d20a:ce1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Security: , ,
Server: 2600:9000:20bb:7a00:1f:287:d20a:ce1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4581a8ee1f3b5103458e5ad88a90c847bacce216bb021fc8a21d9d9f9e0e3d1b

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: ZHambxBZf8oDBVbsA2eKvhosoGHeIUKy
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Fri, 06 Sep 2019 22:23:21 GMT
Server: AmazonS3
Age: 3034
Date: Mon, 16 Sep 2019 04:58:55 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 1136b0fc7377c6211173282a3992a814.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56
X-Amz-Cf-Id: QMqbIDficFa0pxaoNI13O71iCrqZZgdK0UluWwcwZRQHACAUQbnw4g==

Redirect headers

Pragma: no-cache
Date: Mon, 16 Sep 2019 05:49:27 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Location: http://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

http://api.viglink.com/api/sync.gif?key=9019de09e2fbd24ca1be00a9fededd9e
http://ce.lijit.com/merge?pid=8008&3pid=8a8d2a8b5f1a909090dc11c0db9d388b

0
532 B

26ms
12ms

Image
text/html

72.251.249.9
Internap Corporation

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ce.lijit.com/merge?pid=8008&3pid=8a8d2a8b5f1a909090dc11c0db9d388b
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Security: , ,
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Sep 2019 05:49:28 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ap3ams1
Content-Type: text/html;charset=utf-8
X-Application-Context: application:prod:9080
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 16 Sep 2019 05:49:27 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Location: http://ce.lijit.com/merge?pid=8008&3pid=8a8d2a8b5f1a909090dc11c0db9d388b
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK domains Show response
api.viglink.com/api/ 42 B
488 B 40ms
28ms XHR
text/javascript 99.80.15.126
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/domains
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: , ,
Server: 99.80.15.126 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-99-80-15-126.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 7ea9d94a1c7467d45658f9fa4afffbe1799e63d4a43745970d71a0a0ea48b664

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 16 Sep 2019 05:49:27 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://nhadat.forum.st
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK insert Show response
api.viglink.com/api/ 117 B
564 B 43ms
32ms XHR
text/javascript 99.80.15.126
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/insert
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: , ,
Server: 99.80.15.126 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-99-80-15-126.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 861f08c403bd73e27672943ed1bd3215b21323dcb5ae2bf3eb9a56f5317f3ebc

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 16 Sep 2019 05:49:27 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://nhadat.forum.st
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 117
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK dap2i2xhbauc Show response
hal9000.redintelligence.net/zone/ Frame 1FCD 10 KB
3 KB 4ms
2ms Script
text/html 136.243.51.138
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://hal9000.redintelligence.net/zone/dap2i2xhbauc?subid=&rnd=3840426219413825383&extVar[]=DOUBLEBORDER:1&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3840426219413825383%26mt_id%3D6622478%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3D5c1b5d7f-2267-4b01-baa6-36928c757ad6%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F87178f81-e015-458f-a966-8840ed969677%2F%26redirect%3D
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Security: , ,
Server: 136.243.51.138 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.138.51.243.136.clients.your-server.de
Software: Apache /
Resource Hash: b817fa35ac19b0d4952dfa87263ea8565e433bc88906d142678fe96d5ffd6825

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 16 Sep 2019 05:49:27 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 2820
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 1FCD 43 B
360 B 21ms
19ms Image
image/gif 2.18.233.201
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=9&v2=3840426219413825383&v3=651871&v4=4562355&v5=6622478&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIwLyAvWm1SaVl6RXdaVGd0T0RNeE1DMWxOamd4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzM4NDA0MjYyMTk0MTM4MjUzODMvNjYyMjQ3OC80NTYyMzU1LzkvODB2X0hyWWIwVHJNeG9UMVNVbm5sYW5wZDBfbzM0aW1uMzJrZEVqZFZQZy8xLzkvMC8wLzk1NjgwMy8yNDIwOTI3Nzc0LzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8zODQwNDI2MjE5NDEzODI1MzgzL3pyaC8wLzM1Ny8zMi85OTkvNDAvMTQ0Ljc2LjEwOS4wLzAuMDAwLzE1Njg2MTI5Njcv/4wVLdyj9y4tcGpSMJ3F4Uxj8000&nodeid=725&auctionid=3840426219413825383&exch=ruc&sid=4562355&cid=6622478&price=7FF00CD929E26837&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&group=eu&bp=a_aceaaa&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F87178f81-e015-458f-a966-8840ed969677%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 1684 2519bb0 master zrh-pixel-x16 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 16 Sep 2019 05:49:27 GMT
Server: MT3 1684 2519bb0 master zrh-pixel-x16
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 16 Sep 2019 05:49:26 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 1FCD 49 B
329 B 25ms
24ms Image
image/gif 185.29.133.208
MediaMath Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=ruc&bid=3840426219413825383&st=4562355&time=1568612967&nodeid=725
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIwLyAvWm1SaVl6RXdaVGd0T0RNeE1DMWxOamd4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzM4NDA0MjYyMTk0MTM4MjUzODMvNjYyMjQ3OC80NTYyMzU1LzkvODB2X0hyWWIwVHJNeG9UMVNVbm5sYW5wZDBfbzM0aW1uMzJrZEVqZFZQZy8xLzkvMC8wLzk1NjgwMy8yNDIwOTI3Nzc0LzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8zODQwNDI2MjE5NDEzODI1MzgzL3pyaC8wLzM1Ny8zMi85OTkvNDAvMTQ0Ljc2LjEwOS4wLzAuMDAwLzE1Njg2MTI5Njcv/4wVLdyj9y4tcGpSMJ3F4Uxj8000&nodeid=725&auctionid=3840426219413825383&exch=ruc&sid=4562355&cid=6622478&price=7FF00CD929E26837&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&group=eu&bp=a_aceaaa&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F87178f81-e015-458f-a966-8840ed969677%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.208 , United Kingdom, ASN30419 (MEDIAMATH-INC - MediaMath Inc, US),
Reverse DNS
Software: MMBD/3.154.1 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 16 Sep 2019 05:49:27 GMT
Server: MMBD/3.154.1
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x32, zrh-bidder-x78
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Mon, 16 Sep 2019 05:49:26 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/sync/ Frame 1FCD 597 B
921 B 33ms
22ms Script
text/javascript 2.18.233.201
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/js?sync=auto&mt_lim=5
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIwLyAvWm1SaVl6RXdaVGd0T0RNeE1DMWxOamd4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzM4NDA0MjYyMTk0MTM4MjUzODMvNjYyMjQ3OC80NTYyMzU1LzkvODB2X0hyWWIwVHJNeG9UMVNVbm5sYW5wZDBfbzM0aW1uMzJrZEVqZFZQZy8xLzkvMC8wLzk1NjgwMy8yNDIwOTI3Nzc0LzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8zODQwNDI2MjE5NDEzODI1MzgzL3pyaC8wLzM1Ny8zMi85OTkvNDAvMTQ0Ljc2LjEwOS4wLzAuMDAwLzE1Njg2MTI5Njcv/4wVLdyj9y4tcGpSMJ3F4Uxj8000&nodeid=725&auctionid=3840426219413825383&exch=ruc&sid=4562355&cid=6622478&price=7FF00CD929E26837&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&group=eu&bp=a_aceaaa&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F87178f81-e015-458f-a966-8840ed969677%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 1684 2519bb0 master zrh-pixel-x17 /
Resource Hash: acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 16 Sep 2019 05:49:28 GMT
Server: MT3 1684 2519bb0 master zrh-pixel-x17
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Mon, 16 Sep 2019 05:49:27 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1FCD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_cm&google_hm=ZmRiYzEwZTgtODMxMC1lNjgxLTAwMDAtMDAwMDAwMDAwMDAw
https://sync.mathtag.com/sync/img?mt_exid=4&mt_ec=64ws&mt_exuid=&google_gid=CAESEJz6ysyBwpfhyoAkt16CCoU&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=XBtdfyJnSwG6pjaSjHV61g

170 B
235 B

15ms
14ms

Image
image/png

216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=XBtdfyJnSwG6pjaSjHV61g

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Sep 2019 05:49:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/png
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 16 Sep 2019 05:49:28 GMT
Server: MT3 1710 796a9e3 master cdg-pixel-x6
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=XBtdfyJnSwG6pjaSjHV61g
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 16 Sep 2019 05:49:27 GMT

GET
H/1.1 200
OK 4448
stags.bluekai.com/site/ Frame 1FCD 62 B
733 B 176ms
153ms Image
image/gif 104.111.241.32
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/4448?id=fdbc10e8-8310-e681-0000-000000000000
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIwLyAvWm1SaVl6RXdaVGd0T0RNeE1DMWxOamd4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzM4NDA0MjYyMTk0MTM4MjUzODMvNjYyMjQ3OC80NTYyMzU1LzkvODB2X0hyWWIwVHJNeG9UMVNVbm5sYW5wZDBfbzM0aW1uMzJrZEVqZFZQZy8xLzkvMC8wLzk1NjgwMy8yNDIwOTI3Nzc0LzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8zODQwNDI2MjE5NDEzODI1MzgzL3pyaC8wLzM1Ny8zMi85OTkvNDAvMTQ0Ljc2LjEwOS4wLzAuMDAwLzE1Njg2MTI5Njcv/4wVLdyj9y4tcGpSMJ3F4Uxj8000&nodeid=725&auctionid=3840426219413825383&exch=ruc&sid=4562355&cid=6622478&price=7FF00CD929E26837&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&group=eu&bp=a_aceaaa&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F87178f81-e015-458f-a966-8840ed969677%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.241.32 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-241-32.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 16 Sep 2019 05:49:28 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: 3d24
Content-Type: image/gif

GET
H/1.1

200
OK

request.php Show response
hal90005.redintelligence.net/ Frame 1FCD
Redirect Chain

http://hal90005.redintelligence.net/request.php?zone=dap2i2xhbauc&nw=20&renderingType=javascript&namespace=322763d28d&subid=&uid=9c08b1602b09652c&screenSize=1600x1200&screenSizeAvail=1600x1200&clie...
http://hal90005.redintelligence.net/request.php?zone=dap2i2xhbauc&nw=20&renderingType=javascript&namespace=322763d28d&subid=&uid=9c08b1602b09652c&screenSize=1600x1200&screenSizeAvail=1600x1200&clie...

3 KB
2 KB

63ms
61ms

Script
application/x-javascript

136.243.49.76
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://hal90005.redintelligence.net/request.php?zone=dap2i2xhbauc&nw=20&renderingType=javascript&namespace=322763d28d&subid=&uid=9c08b1602b09652c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3840426219413825383%26mt_id%3D6622478%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3D5c1b5d7f-2267-4b01-baa6-36928c757ad6%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F87178f81-e015-458f-a966-8840ed969677%2F%26redirect%3D&documentReferer=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&ancestorOrigins=http%3A%2F%2Fnhadat.forum.st%2Chttp%3A%2F%2Fnhadat.forum.st&random=6042641983108&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Security: , ,
Server: 136.243.49.76 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.76.49.243.136.clients.your-server.de
Software: Apache /
Resource Hash: a4f696c9ca5cb7fe3126c2c5b7be9b48bfb0f1487f49982473ae73d05b003b5b

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Sep 2019 05:49:28 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 41696300018865800951453010988005
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1058
Expires: Mon, 16 Sep 2019 06:49:27 +0200

Redirect headers

Pragma: no-cache
Date: Mon, 16 Sep 2019 05:49:27 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=dap2i2xhbauc&nw=20&renderingType=javascript&namespace=322763d28d&subid=&uid=9c08b1602b09652c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3840426219413825383%26mt_id%3D6622478%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3D5c1b5d7f-2267-4b01-baa6-36928c757ad6%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F87178f81-e015-458f-a966-8840ed969677%2F%26redirect%3D&documentReferer=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&ancestorOrigins=http%3A%2F%2Fnhadat.forum.st%2Chttp%3A%2F%2Fnhadat.forum.st&random=6042641983108&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Mon, 16 Sep 2019 06:49:27 +0200

POST
H/1.1 400
Bad Request optimize Show response
api.viglink.com/api/ 986 B
1 KB 61ms
61ms XHR
text/html 99.80.15.126
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/optimize
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: , ,
Server: 99.80.15.126 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-99-80-15-126.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 4192f7a925a86b25b87e422c509071dc6d5222fef92358406b627882ee2c22af

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 16 Sep 2019 05:49:27 GMT
Server: Apache-Coyote/1.1
Content-Language: en
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://nhadat.forum.st
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html;charset=utf-8
Content-Length: 986
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK / Show response
onetag-geo.s-onetag.com/ 23 B
587 B 519ms
457ms XHR
application/json 2600:9000:20bb:c200:5:ae3a:ba00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: http://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
Protocol: HTTP/1.1
Security: , ,
Server: 2600:9000:20bb:c200:5:ae3a:ba00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: ad16e1b37490fca28df99d039d6373d2fee4d894fcd279d95b90ae872f4d860f

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 16 Sep 2019 05:49:28 GMT
Via: 1.1 5755f825ee6ab59b8a6349608c249e4e.cloudfront.net (CloudFront), 1.1 d942ee6a387b745954972448a42def1c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA54, FRA56
x-amzn-RequestId: 2f06bd55-68d3-4072-b334-0ccdba692e8c
X-Cache: Miss from cloudfront
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
x-amz-apigw-id: AGJQWFnsyK4FZSQ=
Content-Length: 23
X-Amz-Cf-Id: b9ECYuZqy79IsDh74lFdDRqLLf8XdijfkfFAOnukOZxy_JORbIGXTA==

GET
H2 200 beacon.min.js Show response
beacon.s-onetag.com/ 18 KB
6 KB 55ms
35ms Script
application/javascript 2600:9000:20bb:e200:5:9a4c:9b00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.s-onetag.com/beacon.min.js
Requested by: Host: get.s-onetag.com
URL: http://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:e200:5:9a4c:9b00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 662fa6bcdf71d8f92e29010d3e2e270e0071e5d19b1d14ce205654a78aa0a7a9

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: dQ2IPgbwW_sArXQW0CBb3eN5W57SqoQ0
content-encoding: gzip
last-modified: Thu, 04 Apr 2019 09:35:05 GMT
server: AmazonS3
age: 2908
date: Mon, 16 Sep 2019 05:01:01 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: FRA56
x-amz-cf-id: 9wxN-M1ca2Pkq8YTtIe8L32i2FHsk9XPcZN54eDS-sZ5p_suaSNmNA==
via: 1.1 7a04ed7b69e0edefa91e397390fa9ad0.cloudfront.net (CloudFront)

GET
H2 200 htlp-webgains
www.11teamsports.com/de-de/ Frame FE81 0
0 52ms
51ms Document
text/html 2606:4700::6810:a827
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.11teamsports.com/de-de/htlp-webgains
Requested by: Host: hal90005.redintelligence.net
URL: http://hal90005.redintelligence.net/request.php?zone=dap2i2xhbauc&nw=20&renderingType=javascript&namespace=322763d28d&subid=&uid=9c08b1602b09652c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3840426219413825383%26mt_id%3D6622478%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3D5c1b5d7f-2267-4b01-baa6-36928c757ad6%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F87178f81-e015-458f-a966-8840ed969677%2F%26redirect%3D&documentReferer=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&ancestorOrigins=http%3A%2F%2Fnhadat.forum.st%2Chttp%3A%2F%2Fnhadat.forum.st&random=6042641983108&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:a827 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: www.11teamsports.com
:scheme: https
:path: /de-de/htlp-webgains
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://nhadat.forum.st/t92156-topic
accept-encoding: gzip, deflate, br
cookie: wgPostView=true; __cfduid=da88c9b40bb725aa6cec8c85aaff10e031568612968
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t92156-topic

Response headers

status: 200
date: Mon, 16 Sep 2019 05:49:28 GMT
content-type: text/html
content-length: 0
set-cookie: wgPostView=true; Expires=Wed, 16 Oct 2019 05:49:28 GMT; Path='/';
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 51708eaaaf38cb98-VIE

GET
H/1.1

200
OK

onepixel.gif
ad.zanox.com/ppv/images/ Frame DB57
Redirect Chain

https://ad.zanox.com/tpv/?45475836C666538628T&zpar0=41696300018865800951453010988005
https://pb.media01.eu/view.aspx?trackid=91C09AA007C123F60FDC6F5FD61F1F1B&dt_subid1=45475836C666538628SV1yq87397758032435045753821034658242yb5yb7T2608555801107074048&dt_subid2=&actionid=879111&produ...
https://ad.zanox.com/ppv/images/onepixel.gif?foo=45475836C666538628SV1yq87397758032435045753821034658242yb5yb7T2608555801107074048&dyn_id=

0
0

33ms
28ms

Document
image/gif

195.216.249.67
ZANOX

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.zanox.com/ppv/images/onepixel.gif?foo=45475836C666538628SV1yq87397758032435045753821034658242yb5yb7T2608555801107074048&dyn_id=
Requested by: Host: hal90005.redintelligence.net
URL: http://hal90005.redintelligence.net/request.php?zone=dap2i2xhbauc&nw=20&renderingType=javascript&namespace=322763d28d&subid=&uid=9c08b1602b09652c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3840426219413825383%26mt_id%3D6622478%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3D5c1b5d7f-2267-4b01-baa6-36928c757ad6%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F87178f81-e015-458f-a966-8840ed969677%2F%26redirect%3D&documentReferer=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&ancestorOrigins=http%3A%2F%2Fnhadat.forum.st%2Chttp%3A%2F%2Fnhadat.forum.st&random=6042641983108&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.216.249.67 , France, ASN47268 (ZANOX, FR),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

Host: ad.zanox.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: http://nhadat.forum.st/t92156-topic
Accept-Encoding: gzip, deflate, br
Cookie: zttpvc=5C39073S2608555801107074048T0II5C361914S2608555801107074048T0II45475836C0SV1yq87397758032435045753821034658242yb5yb7T2608555801107074048; zptpvc=5C39073S2608555801107074048T0II5C361914S2608555801107074048T0II45475836C0SV1yq87397758032435045753821034658242yb5yb7T2608555801107074048
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t92156-topic

Response headers

Content-Type: image/gif
Last-Modified: Thu, 04 May 2000 17:04:38 GMT
Accept-Ranges: bytes
ETag: "09764d4eab5bf1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
P3P: policyref="http://ad.zanox.com/w3c/p3p.xml", CP="NOI CUR OUR STP"
jobs-at-zanox: https://www.zanox.com/jobs/international
Date: Mon, 16 Sep 2019 05:49:26 GMT
Content-Length: 43
Via: 10.30.0.112%1
Vary: Accept-Encoding

Redirect headers

Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Mon, 16 Sep 2019 07:49:27 GMT
Location: https://ad.zanox.com/ppv/images/onepixel.gif?foo=45475836C666538628SV1yq87397758032435045753821034658242yb5yb7T2608555801107074048&dyn_id=
Server: Microsoft-IIS/8.5
P3P: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
X-AspNet-Version: 4.0.30319
Set-Cookie: DTU=1390F2B6AB14A33B0D5E3C63357C64D0; expires=Thu, 16-Sep-2021 05:49:27 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 16 Sep 2019 05:49:27 GMT
Content-Length: 0

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 1FCD 11 KB
12 KB 197ms
119ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2919345&wgcampaignid=99582&js=1&clickref=41696300018865800951453010988005
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: a226a5955f45f6d21cebbbb7bec9839109cd6d783c8dd4db0c99d9e4ce3c95d7

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Sep 2019 05:49:28 GMT
Last-Modified: Mon, 16 Sep 2019 05:49:28 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

onepixel.gif
ad.zanox.com/ppv/images/ Frame 1FCD
Redirect Chain

https://ad.zanox.com/ppv/?45475836C666538628&zpar0=41696300018865800951453010988005
https://ad.zanox.com/ppv/images/onepixel.gif

43 B
460 B

77ms
28ms

Image
image/gif

195.216.249.67
ZANOX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.zanox.com/ppv/images/onepixel.gif
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.216.249.67 , France, ASN47268 (ZANOX, FR),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 73e88dfcd0f3a535341fb641c5400fcf772ffe36c628241104f829d3cf48e29b

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 16 Sep 2019 05:49:27 GMT
Via: 10.30.0.117%1
Last-Modified: Thu, 04 May 2000 17:04:38 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "09764d4eab5bf1:0"
Vary: Accept-Encoding
P3P: policyref="http://ad.zanox.com/w3c/p3p.xml", CP="NOI CUR OUR STP"
jobs-at-zanox: https://www.zanox.com/jobs/international
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

Redirect headers

Pragma: no-cache
Date: Mon, 16 Sep 2019 05:49:26 GMT
Via: 10.30.2.50%1
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
P3P: policyref="http://ad.zanox.com/w3c/p3p.xml", CP="NOI CUR OUR STP"
Location: https://ad.zanox.com/ppv/images/onepixel.gif
Cache-Control: no-store
Connection: close
Content-Length: 0
jobs-at-zanox: https://www.zanox.com/jobs/international

GET
H/1.1 200
OK view.asp Show response
banners.webmasterplan.com/ Frame 1FCD 1 KB
1 KB 76ms
17ms Script
application/x-javascript 46.18.188.30
AFFILI

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.webmasterplan.com/view.asp?ref=203506&js=1&site=4655&b=1249&subid=41696300018865800951453010988005&target=_blank&title=congstar+-+Du+willst+es.+Du+kriegst+es.
Requested by: Host: hal90005.redintelligence.net
URL: http://hal90005.redintelligence.net/request.php?zone=dap2i2xhbauc&nw=20&renderingType=javascript&namespace=322763d28d&subid=&uid=9c08b1602b09652c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3840426219413825383%26mt_id%3D6622478%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3D5c1b5d7f-2267-4b01-baa6-36928c757ad6%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F87178f81-e015-458f-a966-8840ed969677%2F%26redirect%3D&documentReferer=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&ancestorOrigins=http%3A%2F%2Fnhadat.forum.st%2Chttp%3A%2F%2Fnhadat.forum.st&random=6042641983108&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 46.18.188.30 , Germany, ASN60220 (AFFILI, DE),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: aa98928f014a61c22a9ef7a2026f95f577b2ede1f529c7a95e75b8c241a50efa

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Sep 2019 05:49:27 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 4.0
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP="STP CUR OUR"
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 703
Expires: 0

GET
H2 200 clk.min.js Show response
analytics.webgains.io/ Frame 1FCD 41 KB
13 KB 47ms
14ms Script
application/javascript 2600:9000:20bb:5c00:9:352d:a240:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/clk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2919345&wgcampaignid=99582&js=1&clickref=41696300018865800951453010988005
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:5c00:9:352d:a240:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9970450f215072b755a00767e2067a87113200382cebb96eb88ca9bbef5955a

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: FzZLIst7KjxZKMgTCkDkcmGg_qap7i1n
content-encoding: gzip
last-modified: Thu, 27 Jun 2019 11:16:50 GMT
server: AmazonS3
age: 66386
date: Sun, 15 Sep 2019 11:27:51 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA56
x-amz-cf-id: FI8O4rASCfzOS066fXcj73M6I8Hqk9aW_6fF0E6ftsJQ9bqZ1AmQ2Q==
via: 1.1 6fe90cb7a4852d2683f62e862f7a790c.cloudfront.net (CloudFront)

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame 1FCD 79 B
267 B 124ms
51ms Script
text/javascript 46.236.12.250
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=NOa44iFBBNlY5Du4UXuKrnZ2CI9XkPrwXC_JEkNgvlE4yy2XElgebiYMpztNKscKsoUs_43wuZPup_nH2t05oaYAhrcpMxE6DBUr5xj6KkuJCjCBeipa2hvLG9mhORoVidPZW2AUMnGWVQdgMVQdgAYx92u2p.j.2UMnGWFfwMHDCQyG5me6sBLSsbXzU0l6sqKIrGfuzwg9wJ9wPEwHXXTSHCSPmtd0wVYPIG_qvoPfybYb5EvYTrYesS95raaKMPn0qxf7_OLgiPFMtrs1OeyjaY2rvwdqJ5RzlQdpOgkMpwoNSUC56MnGWpwoNN5uQ32SCVdVSF4Kq0puDhmr.S9RdPQSzOy_Aw7UTlf_01kKHoNv_2U.0Y.KI6Nsc2_3DqvtMsTnxMMsZPuVr914VecL57GY5BNv_urfs.3x1&wgcookie=%7B%22wgifp274615%22%3A%5B%2299582%22%2C%22274615%22%2C%222919345%22%2C%22%22%2C%221568612968%22%2C%22http%253A%252F%252Fnhadat.forum.st%252Ft92156-topic%22%2C%22%22%2C%22%22%2C%221576388968%22%2C%22%22%5D%7D&wgchecksum=2e645ede09c0cece2cd55200a4b2b44e&userIP=144.76.109.30&doAffectv=1&wgtime=1568612968
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2919345&wgcampaignid=99582&js=1&clickref=41696300018865800951453010988005
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.12.250 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-12-250.servers.dedipower.net
Software: Apache /
Resource Hash: 94bdeaea0d33cb654b89540e96e02fe28afceb1624d8ed58f7a43f3609fb4a17

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 16 Sep 2019 05:49:28 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 1FCD 3 KB
3 KB 63ms
28ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=99582&viewref=&wglinkid=2919345
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Sep 2019 05:49:28 GMT
Last-Modified: Mon, 16 Sep 2019 05:49:28 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Content-Length: 2808
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK pvdi.aspx
banners.webmasterplan.com/ Frame 8746 0
0 27ms
27ms Document
text/html 46.18.188.30
AFFILI

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.webmasterplan.com/pvdi.aspx?ref=203506&js=1&site=4655&b=1249&subid=41696300018865800951453010988005&target=_blank&title=congstar+-+Du+willst+es.+Du+kriegst+es.
Requested by: Host: banners.webmasterplan.com
URL: https://banners.webmasterplan.com/view.asp?ref=203506&js=1&site=4655&b=1249&subid=41696300018865800951453010988005&target=_blank&title=congstar+-+Du+willst+es.+Du+kriegst+es.
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 46.18.188.30 , Germany, ASN60220 (AFFILI, DE),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Host: banners.webmasterplan.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: http://nhadat.forum.st/t92156-topic
Accept-Encoding: gzip, deflate, br
Cookie: affili_0=uid=obj4oe1mblxd05jzeh2dhhba&date=2019-09-16T07:49:28; affili_4655pv=ref=203506&subid=41696300018865800951453010988005&date=2019-09-16&cltime=2019-09-16T07:49:28&oldcltime=2019-09-16T07:49:28&linkType=1&linkNb=1249&dt=9682623360FFC19EA2081B172E110C7043ACD715
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t92156-topic

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: 0
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 4.0
X-AspNet-Version: 4.0.30319
P3P: CP="STP CUR OUR"
X-Powered-By: ASP.NET
Date: Mon, 16 Sep 2019 05:49:27 GMT
Content-Length: 444

GET
H/1.1 200
200 Cookie set cookie
banner.congstar.de/ Frame FD46 0
0 27ms
27ms Document
text/html 85.214.124.106
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://banner.congstar.de/cookie?afid=203506-41696300018865800951453010988005&affmt=1&affmn=1249
Requested by: Host: banners.webmasterplan.com
URL: https://banners.webmasterplan.com/view.asp?ref=203506&js=1&site=4655&b=1249&subid=41696300018865800951453010988005&target=_blank&title=congstar+-+Du+willst+es.+Du+kriegst+es.
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.214.124.106 Berlin, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2491987.stratoserver.net
Software: /
Resource Hash

Request headers

Host: banner.congstar.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: http://nhadat.forum.st/t92156-topic
Accept-Encoding: gzip, deflate, br
Cookie: staticentry=%7B%22affmn%22%3A%221249%22%2C%22afid%22%3A%22203506-42159200025760100951393010988014%22%2C%22affmt%22%3A%221%22%7D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t92156-topic

Response headers

Date: Mon, 16 Sep 2019 05:49:28 GMT
Set-Cookie: staticentry=%7B%22affmn%22%3A%221249%22%2C%22afid%22%3A%22203506-41696300018865800951453010988005%22%2C%22affmt%22%3A%221%22%7D; Domain=.congstar.de; Expires=Mon, 23-Sep-2019 05:49:28 GMT; Path=/
Content-Length: 0
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html

GET
H2

200

B8594688.214760858;dc_pre=CPymktbS1OQCFVSuewod5mwEUA;dc_trk_aid=413832474;dc_trk_cid=64219029;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N38306.287239AFFILINET.DE/ Frame 1FCD
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.287239AFFILINET.DE/B8594688.214760858;dc_trk_aid=413832474;dc_trk_cid=64219029;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
https://ad.doubleclick.net/ddm/trackimp/N38306.287239AFFILINET.DE/B8594688.214760858;dc_pre=CPymktbS1OQCFVSuewod5mwEUA;dc_trk_aid=413832474;dc_trk_cid=64219029;dc_lat=;dc_rdid=;tag_for_child_direct...

42 B
109 B

32ms
30ms

Image
image/gif

172.217.21.198
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N38306.287239AFFILINET.DE/B8594688.214760858;dc_pre=CPymktbS1OQCFVSuewod5mwEUA;dc_trk_aid=413832474;dc_trk_cid=64219029;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.198 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s12-in-f198.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Sep 2019 05:49:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 16 Sep 2019 05:49:28 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N38306.287239AFFILINET.DE/B8594688.214760858;dc_pre=CPymktbS1OQCFVSuewod5mwEUA;dc_trk_aid=413832474;dc_trk_cid=64219029;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK request_content.php
hal90005.redintelligence.net/ Frame BE70 0
0 3ms
2ms Document
text/html 136.243.49.76
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://hal90005.redintelligence.net/request_content.php?s=41696300018865800951453010988005&a=72696b24
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Server: 136.243.49.76 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.76.49.243.136.clients.your-server.de
Software: Apache /
Resource Hash

Request headers

Host: hal90005.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://nhadat.forum.st/t92156-topic
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://nhadat.forum.st/t92156-topic

Response headers

Date: Mon, 16 Sep 2019 05:49:28 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 16 Sep 2019 06:49:28 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1354
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 0EE3 0
0 34ms
7ms Document
text/html 104.111.230.142
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: http://nhadat.forum.st/t92156-topic
Accept-Encoding: gzip, deflate, br
Cookie: khaos=K0LZNS7W-1B-HB4K; rsid=1|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxptBfrzPAh1r4H5OGjlRsLybbqMiOGkSHO3tj2oYW2peUXLM3KhKwL/tEgKgkFF9x4mVZDhR1578z/6X/8LU6/0VKHQMF//AbqBkxRgOUD0oqplIsc4qJs=; ses2=36512^1; vis2=36512^1; audit=1|hLZGFuTafB09eF0aWzeie+99qzxPzGzoZwuSYIfUVaYXyJdU9uGoHR0BKKXrPws8a5659H+SqPWAF7qA5WC/AGtQLX+YcKga
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t92156-topic

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 11 Sep 2019 18:27:19 GMT
Content-Encoding: gzip
Content-Length: 7616
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=55320
Expires: Mon, 16 Sep 2019 21:11:28 GMT
Date: Mon, 16 Sep 2019 05:49:28 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 1FCD 43 B
457 B 70ms
70ms Image
image/gif 2.18.233.201
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 1684 2519bb0 master zrh-pixel-x21 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 16 Sep 2019 05:49:28 GMT
Server: MT3 1684 2519bb0 master zrh-pixel-x21
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 16 Sep 2019 05:49:27 GMT

GET
DATA 200
OK truncated
/ Frame 1FCD 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d43b2341965ab8a10d557681faa694d5ff1718cf2ad113a51d6b6c4920d5f33d

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK visscore.tag.min.js Show response
d2hkbi3gan6yg6.cloudfront.net/ Frame 1FCD 60 KB
19 KB 27ms
11ms Script
application/javascript 13.32.222.166
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://d2hkbi3gan6yg6.cloudfront.net/visscore.tag.min.js
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/clk.min.js
Protocol: HTTP/1.1
Security: , ,
Server: 13.32.222.166 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-222-166.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6dd0c9fdb69daf68febaa88573dc153b87725f94a082913b83ab4382f70dec9a

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 15 Sep 2019 10:41:55 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Aug 2019 10:11:42 GMT
Server: AmazonS3
Age: 69020
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 6fe90cb7a4852d2683f62e862f7a790c.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56
X-Amz-Cf-Id: 8QrfBhZI0pAufNtgGddqFu6c160BbOMk5jh1oIzZlzyoHvf9wSol0A==

GET
H2 200 tag Show response
w-it.m-t.io/ Frame 1FCD 58 B
160 B 78ms
50ms Script
application/javascript 2a00:1450:4001:819::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/tag?type=impr&date=1568612968374
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:819::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 16938cbf4d7bd0e2306011ac170d859a638eaf9ed6adacf108d48bb86078e085

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Sep 2019 05:49:28 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
x-cloud-trace-context: 2ee2784cbf0f000f58715cdfb084dbb2
cache-control: private
content-length: 69

GET
H/1.1 200
OK r.js Show response
webgains.withcubed.com/ Frame 1FCD 303 B
674 B 85ms
40ms Script
application/javascript 52.16.143.160
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://webgains.withcubed.com/r.js?params=%7B%22aid%22%3A%22c-a-webgains-uk%22%2C%22vid%22%3A%22%22%2C%22sid%22%3A%22%22%2C%22referrer%22%3A%22%22%2C%22customer_id%22%3A%22%22%2C%22endpoint%22%3Anull%2C%22payload%22%3A%22%22%2C%22syncs%22%3A%5B%5D%2C%22labels%22%3A%5B%7B%22name%22%3A%22CUBEDRequestIds%22%2C%22type%22%3A%22string%22%2C%22string_value%22%3A%22v32.%3AEcZqBq1s%22%7D%5D%2C%22events%22%3A%5B%5D%2C%22full%22%3Afalse%7D
Requested by: Host: d2hkbi3gan6yg6.cloudfront.net
URL: http://d2hkbi3gan6yg6.cloudfront.net/visscore.tag.min.js
Protocol: HTTP/1.1
Security: , ,
Server: 52.16.143.160 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-16-143-160.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: be438051245778807392c8c4393b97fc06926ea3ac29660db2b61e2b403b3cf2

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 16 Sep 2019 05:49:28 GMT
Server: nginx/1.4.6 (Ubuntu)
Connection: keep-alive
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
Content-Length: 303
Content-Type: application/javascript

GET
H2 200 track Show response
w-it.m-t.io/ Frame 1FCD 0
78 B 25ms
25ms Script
application/javascript 2a00:1450:4001:819::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/track?campaignId=99582&clickId=274615_99582_15686129681866_21d98235d2&programId=274615&expiry=1576388968&type=postview&indicator=77c0d399223919cbd9154436cbf2d5bd&
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:819::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
x-cloud-trace-context: a77ac6559e86fcbe5466321d03fe6cf1
server: Google Frontend
date: Mon, 16 Sep 2019 05:49:28 GMT
content-length: 0
content-type: application/javascript;charset=utf-8

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 1FCD 42 B
178 B 15ms
14ms Image
image/gif 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstgM_imdC3L-sjEWCc0lgaIigzrVQe1-n9jRUinEmdwZ7XBKz-XE7tVlyGpvONYn6mPFA0wzYUm5C41piUT7nBe1HxzG9DOTrzupHRcP6o&sig=Cg0ArKJSzIKHGepm-qGXEAE&adk=1505497364&tt=1678&bs=1585%2C1200&mtos=1014,1014,1014,1014,1014&tos=1014,0,0,0,0&p=0,0,90,728&mcvt=1014&rs=3&ht=0&tfs=669&tls=1683&mc=1&lte=1&bas=0&bac=0&met=0&avms=nio&niot_obs=5&niot_cbk=24&md=2&lm=2&rst=1568612967788&rpt=624&isd=0&oseid=3&xdi=0&ps=1585%2C2782&ss=1600%2C1200&pt=6&bin=1&deb=1-1-1-8-17-7-29-16-0-0-0&tvt=1679&is=728%2C90&iframe_loc=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&r=v&id=osdim&vs=4&uc=12&upc=11&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20190913

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Sep 2019 05:49:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
onetag-geo.s-onetag.com/ 23 B
595 B 10ms
10ms XHR
application/json 2600:9000:20bb:c200:5:ae3a:ba00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://onetag-geo.s-onetag.com/
Requested by: Host: beacon.s-onetag.com
URL: https://beacon.s-onetag.com/beacon.min.js
Protocol: HTTP/1.1
Security: , ,
Server: 2600:9000:20bb:c200:5:ae3a:ba00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: ad16e1b37490fca28df99d039d6373d2fee4d894fcd279d95b90ae872f4d860f

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 16 Sep 2019 05:49:28 GMT
Via: 1.1 5755f825ee6ab59b8a6349608c249e4e.cloudfront.net (CloudFront), 1.1 d942ee6a387b745954972448a42def1c.cloudfront.net (CloudFront)
Connection: keep-alive
Age: 10
x-amzn-RequestId: 2f06bd55-68d3-4072-b334-0ccdba692e8c
X-Cache: Hit from cloudfront
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
X-Amz-Cf-Pop: FRA54, FRA56
x-amz-apigw-id: AGJQWFnsyK4FZSQ=
Content-Length: 23
X-Amz-Cf-Id: xnjIIwZJP2_yKadmSJUyp_w1K_Vsl0yr_MsgEU6PFwltwazEEGiL7Q==

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 1FCD 43 B
589 B 45ms
44ms Image
image/gif 2.18.233.201
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 1684 2519bb0 master zrh-pixel-x19 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 16 Sep 2019 05:49:38 GMT
Server: MT3 1684 2519bb0 master zrh-pixel-x19
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 16 Sep 2019 05:49:37 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1

Verdicts & Comments Add Verdict or Comment

367 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.redintelligence.net/	1970-01-19 05:53:08	Name: 8lcfmzhxc8d6_uid Value: 26c44750f270f774
eus.rubiconproject.com/	1970-01-19 05:53:08	Name: pux Value: 1512%3D85086%262249%3D85086%262307%3D85086%262861%3D85086%262974%3D85086%263778%3D85086%26brx%3D85086%26goog%3D85086%26
.rubiconproject.com/	1970-01-19 12:29:08	Name: audit Value: 1\|hLZGFuTafB09eF0aWzeie+99qzxPzGzoZwuSYIfUVaYXyJdU9uGoHR0BKKXrPws8a5659H+SqPWAF7qA5WC/AGtQLX+YcKga
.rubiconproject.com/	1970-01-19 03:44:59	Name: vis2 Value: 36512^1
.rubiconproject.com/	1970-01-19 12:29:08	Name: khaos Value: K0LZNS7W-1B-HB4K
.congstar.de/	1970-01-19 03:53:37	Name: staticentry Value: %7B%22affmn%22%3A%221249%22%2C%22afid%22%3A%22203506-41696300018865800951453010988005%22%2C%22affmt%22%3A%221%22%7D
.webmasterplan.com/	1970-01-19 03:53:37	Name: affili_4655pv Value: ref=203506&subid=41696300018865800951453010988005&date=2019-09-16&cltime=2019-09-16T07:49:28&oldcltime=2019-09-16T07:49:28&linkType=1&linkNb=1249&dt=9682623360FFC19EA2081B172E110C7043ACD715
.googlesyndication.com/	1969-12-31 23:59:59	Name: vscr_reqid Value: xR640ckq
.zanox.com/	1970-01-19 05:53:08	Name: zptpvc Value: 5C39073S2608555801107074048T0II5C361914S2608555801107074048T0II45475836C0SV1yq87397758032435045753821034658242yb5yb7T2608555801107074048
.nhadat.forum.st/	1969-12-31 23:59:59	Name: __utmc Value: 258443733
.forum.st/	1970-01-19 03:43:33	Name: _gat_gtag_UA_144347007_1 Value: 1
.zanox.com/	1969-12-31 23:59:59	Name: zttpvc Value: 5C39073S2608555801107074048T0II5C361914S2608555801107074048T0II45475836C0SV1yq87397758032435045753821034658242yb5yb7T2608555801107074048
.webmasterplan.com/	1970-01-19 08:02:48	Name: affili_0 Value: uid=obj4oe1mblxd05jzeh2dhhba&date=2019-09-16T07:49:28
.forum.st/	1970-01-19 21:00:20	Name: vscr_vid Value: eb831f1ba32448a59a063de53a0a7453
.forum.st/	1970-01-19 03:43:34	Name: vscr_sid Value: 046c3c24c2a148e2990aeb5a78b8dec2
.nhadat.forum.st/	1970-01-19 04:05:08	Name: _fa-screen Value: %7B%22w%22%3A1600%2C%22h%22%3A1200%7D
.forum.st/	1969-12-31 23:59:59	Name: vscr_reqid Value: EcZqBq1s
nhadat.forum.st/	1970-01-19 13:13:47	Name: __atuvc Value: 1%7C38
.forum.st/	1970-01-19 21:14:44	Name: __gads Value: ID=fef6e158f45d7ad4:T=1568612967:S=ALNI_MbW-o2JjvGshRApP24RmnoH4rY69g
.11teamsports.com/	1970-01-19 12:29:08	Name: __cfduid Value: da88c9b40bb725aa6cec8c85aaff10e031568612968
.nhadat.forum.st/	1970-01-19 03:43:33	Name: __utmt Value: 1
.nhadat.forum.st/	1970-01-19 03:43:34	Name: __utmb Value: 258443733.2.10.1568612967
nhadat.forum.st/	1970-01-19 03:43:34	Name: __atuvs Value: 5d7f2267d098b3f8000
.rubiconproject.com/	1970-01-19 03:44:59	Name: ses2 Value: 36512^1
.googlesyndication.com/	1970-01-19 21:00:20	Name: vscr_vid Value: c40678592dd94e96952a8ee19bbb7dc4
.googlesyndication.com/	1970-01-19 03:43:34	Name: vscr_sid Value: f5ea4b0f263d43eb86c56dc25de7b216
.nhadat.forum.st/	1970-01-19 08:06:20	Name: __utmz Value: 258443733.1568612967.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.doubleclick.net/	1970-01-19 13:05:08	Name: IDE Value: AHWqTUmLv1IxyGMMD5hQdQLVsEALe8hU3Q9s2T48O4X8eX5xnie2-1pxgAtuXgMB
.nhadat.forum.st/	1970-01-19 21:14:44	Name: __utma Value: 258443733.947736523.1568612967.1568612967.1568612967.1
www.11teamsports.com/de-de	1970-01-19 04:26:44	Name: wgPostView Value: true
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxptBfrzPAh1r4H5OGjlRsLybbqMiOGkSHO3tj2oYW2peUXLM3KhKwL/tEgKgkFF9x4mVZDhR1578z/6X/8LU6/0VKHQMF//AbqBkxRgOUD0oqplIsc4qJs=
.forum.st/	1970-01-19 21:14:44	Name: _ga Value: GA1.2.947736523.1568612967
.forum.st/	1970-01-19 03:44:59	Name: _gid Value: GA1.2.842361769.1568612967

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://nhadat.forum.st/t92156-topic(Line 20) Message: {"w":1600,"h":1200}
console-api	log	URL: http://nhadat.forum.st/t92156-topic(Line 155) Message: Failed to register service worker.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad.zanox.com
ads.rubiconproject.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.webgains.io
api.viglink.com
b.scorecardresearch.com
banner.congstar.de
banners.webmasterplan.com
beacon-eu2.rubiconproject.com
beacon.s-onetag.com
bidder.criteo.com
cdn.taboola.com
cdn.viglink.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
connect.topicit.net
d2hkbi3gan6yg6.cloudfront.net
diapi.webgains.com
eus.rubiconproject.com
fonts.googleapis.com
get.s-onetag.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal90005.redintelligence.net
hitsk.in
i.servimg.com
illiweb.com
mudim.googlecode.com
nhadat.forum.st
onetag-geo.s-onetag.com
optimized-by.rubiconproject.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb.media01.eu
pixel.mathtag.com
platform.twitter.com
remitano.com
s7.addthis.com
securepubads.g.doubleclick.net
stags.bluekai.com
static.criteo.net
staticxx.facebook.com
stats.g.doubleclick.net
sync.mathtag.com
syndication.twitter.com
tags.mathtag.com
tpc.googlesyndication.com
track.webgains.com
v1.addthisedge.com
w-it.m-t.io
webgains.withcubed.com
www.11teamsports.com
www.bandatnendongnai.vn
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.sonsochu.com.vn
tpc.googlesyndication.com
103.74.123.4
104.108.40.167
104.111.230.142
104.111.241.32
104.244.42.136
13.32.222.166
136.243.49.76
136.243.51.138
151.101.14.2
172.217.21.198
178.250.0.130
178.250.2.152
178.33.44.177
185.29.133.208
185.29.135.42
195.216.249.67
2.16.186.80
2.18.233.201
202.182.98.49
216.58.206.2
216.58.210.2
23.210.248.44
2600:9000:20bb:5c00:9:352d:a240:93a1
2600:9000:20bb:7a00:1f:287:d20a:ce1
2600:9000:20bb:c200:5:ae3a:ba00:93a1
2600:9000:20bb:e200:5:9a4c:9b00:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6814:17fa
2606:4700:30::6812:3907
2606:4700:30::6818:787c
2606:4700:30::681c:e2
2606:4700::6810:a30d
2606:4700::6810:a827
2606:4700:e2::ac40:8a18
2a00:1450:4001:806::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:817::2003
2a00:1450:4001:818::2002
2a00:1450:4001:819::2008
2a00:1450:4001:819::2013
2a00:1450:4001:81a::2002
2a00:1450:4001:81c::2003
2a00:1450:4001:81f::2004
2a00:1450:4001:81f::200a
2a00:1450:4001:825::200e
2a00:1450:400c:c06::9a
2a00:1450:400c:c0b::52
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
46.18.188.30
46.236.12.250
46.236.13.147
52.16.143.160
69.173.144.142
69.173.144.155
72.251.249.9
85.10.231.199
85.214.124.106
99.80.15.126
01d6aaec4ff29f98c9a96f9ecdeffa2168e4f8e3e4e2ca8ee9aa73e858f38323
02cacbeea77ab51ac15b735d9042374e4b18f653c7391a7ea6eec581bc41f17c
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05e529a757d25aa9d160d28e57c20041eee3f973870c0f0ad4ac7c21937254b1
079c6baf748d3b543bd11d58558f93c92619dfc023b34b66a1c3648a4f01feee
087035ac616554cdce2604675ffd6812d616e75889ac6defc352760eedd4b7b9
0915a998c8a41f69e82331eca861ccb6635aac2eeb5639348f370e6e189c663c
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
159a70b8a1c5e98aa2f5e15fa34e792f05ee5d984ac93d0b7f61929a3f036b27
16938cbf4d7bd0e2306011ac170d859a638eaf9ed6adacf108d48bb86078e085
177956c92b2e1a8845baa7dd3f06d8ae1f1b5181563566710e6eef565888028a
1b41fda21beefc30d61f983ea8764572e82499e3bd7ccf1d25ee0701b3acb79f
1c78642b1b256f276db999a53f10c1c638abc3d01f31aadd48894c18d4bc215f
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
21fdee7b0b8fe6e50ae8757d088eec9d41f83e2e6b1fafd73dea3deb5452c81e
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
27860bbd92fc2f77d8f4c4b0c01ab7649cc8002ad183240e7289338d217b0566
27a1b8a51741d0473ab2eab70188657fd20d755ba84e0b3e6a51e6f94d7e3a4b
2a2ac2019375eb1e51e20fdd63a65eb9c94964a8da0633fe76718d6d0c7decff
2b7caf43d9c84f7b05243a68e7bc41555f0b873a115a1e1c691f86bed97dd4d9
2d8b76ce721e4684e231dce5ac0c227a4220a2c054c94613924835750824b544
2e18c2a8149953fcc039ee711d6b160e3c66c9da9bc0cd5ecc5476b0032af9ed
2ea955cabe710b582d2dab5a5659f00c789af91e5a1fb8a1678e5cc69c82f107
341c18f0561ecad04421132132fdd7306fa3134f65aa6e7e4a0a8b78dd929051
3682a82a1dd6c67a32cb888e738e45bba2b1aace5ce26a4479cd18a007841399
39ce845fc0203d4cb00559dff89d9448765e0ebd65ebbaf76623cc9850827542
3a658ad501425052b292ef0c587fe2b280c2aeb4ec26aee2fe8c35195acfeea0
4192f7a925a86b25b87e422c509071dc6d5222fef92358406b627882ee2c22af
4581a8ee1f3b5103458e5ad88a90c847bacce216bb021fc8a21d9d9f9e0e3d1b
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
48b4a1029a115e27980be8feba2959c04ec72fed6cb89eea5310eb6ddf9f11cf
4a25ffd0157934358e43303fb3d068256095cf6bc686fc8b1c72b39fe222e73d
4c989150dada9ab8cd2b204788e7f30ea067372f849833b9ead2938a096db9eb
4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028
4e8a79a702c74305fd3a2a0e10d8fadc1752d72ea159b0a4b25825acf3ef42ad
5157c74ae444beef78edd3537ae7d89c520646b87186139f84496f6fb51a0f29
5ae991940db5f8d052ab0ff33ec4be064db50ed1f3f649a4576af4687bff8d21
5ef7a93fa3f7be107e4de1d65b50da318841b0f08bdeafff4a62277f17e7c6cc
605183a8594eb65a3db95a7735ad7adac28b7b9814a70334837fe630bdd8d5f4
662fa6bcdf71d8f92e29010d3e2e270e0071e5d19b1d14ce205654a78aa0a7a9
6868d74127ba9b30860f736c99cbdc77e7e4979a03d9028e525552b252d52143
6cdfe222dd349c5abe81b9b8c535d16c1c5d6b04950651558ca41d4078e30d00
6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90
6dd0c9fdb69daf68febaa88573dc153b87725f94a082913b83ab4382f70dec9a
6f965e91fcd9010bc9f4d1225479b4996cecf25c4bff92f99df371bf159379f3
713ee1f99eb3fea3d726a797e55dcc0b6b8ab5eb1db72bc2ac7430d6c6c5e1c5
73e88dfcd0f3a535341fb641c5400fcf772ffe36c628241104f829d3cf48e29b
76ae2a71f0853ebc2535d93b1e9c454a9f28617c168afed14329394a86ed766f
794fe0486515f44881ce168acf0fb4ba478b6971fe3448ae96176f50075fadca
79da493095f8897605de282590eb6f2746fe9a72a0d4c2a499b048565a04ede6
7ea9d94a1c7467d45658f9fa4afffbe1799e63d4a43745970d71a0a0ea48b664
80e452e1f9cc09e9f4afc6ea675ffd329c0c375af071ccd3dde49e9e3f8c3be0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
861f08c403bd73e27672943ed1bd3215b21323dcb5ae2bf3eb9a56f5317f3ebc
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a59fc01818cd00d57f63e26980280bf895bf0c4c7118697badcb1bf89f609c7
8aee7e72f173d63fbd15c24521847ab7d25f3a570d1bc132d5be26653bcedd8a
913bbda58746d2834fa514a1960eddd741c0dad41288fdcca43afb0203fde631
94a64f292945bcbae4770721450364470f6930dbf6016645cbcb06eb1e5d519c
94bdeaea0d33cb654b89540e96e02fe28afceb1624d8ed58f7a43f3609fb4a17
a226a5955f45f6d21cebbbb7bec9839109cd6d783c8dd4db0c99d9e4ce3c95d7
a4542c5ce6094ffbc5d0f25ce86fa947d99391476498220916fe8823125b27fc
a4b1ec13fc84d5296e1b1332ebff97d5e783238341bfc5adcec2e3d1631d7b09
a4f696c9ca5cb7fe3126c2c5b7be9b48bfb0f1487f49982473ae73d05b003b5b
a525e9410427b0509fe2214292dcf2f342dbaaaafe41a3eb33e3b6a28688f7f1
a9970450f215072b755a00767e2067a87113200382cebb96eb88ca9bbef5955a
aa98928f014a61c22a9ef7a2026f95f577b2ede1f529c7a95e75b8c241a50efa
acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57
ad16e1b37490fca28df99d039d6373d2fee4d894fcd279d95b90ae872f4d860f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b55324a12c6a457bef25d9b69a12e32c82fcc4e4de60f327497a68e79faad754
b817fa35ac19b0d4952dfa87263ea8565e433bc88906d142678fe96d5ffd6825
bbdded36da71b3cd95ebcc0e44adca2e2f6e92cfdf60635d94735a96308f48a2
bd3cad6b7ba79270dee54a5ba1482ac6b522b147dc8f9d04791050711ada7865
be438051245778807392c8c4393b97fc06926ea3ac29660db2b61e2b403b3cf2
bf39734c6b0b0aa2a63217dc803eaba3d79520d3bdd30c4018ee10a181b2b2fb
c1d4399cd476fedb06b5540eb58e2fbc9e474f961015dcf5c69d9738f5bb46ea
c2be71422735c4c62ae840477bd44581ba2006ae2ed94b381a3d25fb60300ba8
c2ce2107c4196e933dd1cb15b07adb3e8245a9e6b96066562c49033aacd239f0
c662377c5cb31fe72c72e0162b44a2cbf811720aab0a80d8cfc30aac9a1376e8
d02197080b9680999381b5f5337fedd92674e5a1550ddfcc0c70612d3170a5e3
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
d1bd7d449c312e3f1395dade6040e69514b646a495051dbd87f6cff386239eec
d2064583dc074f40b117a6e11043ea853c50bc49954b5ac936a48d9482d36fa7
d43b2341965ab8a10d557681faa694d5ff1718cf2ad113a51d6b6c4920d5f33d
d8ccc5f977b1e1ea66e780d67ef01d2499689809e10d5d237f7d1143a83eedd1
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e004ee77cdd0e83653c2bd53ed833fe6a25d73e2371ece3d081f1c2b16de2478
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c89e05bf4302b8521538f38f4117d88f59e34a3251b9daa330a1ac1bbfe23b
e70a5676138000a3c1c75120e9e961af1a97d62e28a5d02ce512fc54bd7b2380
e884b3e21bb0b5367f826e6de44cdea745eb3e0a3b083b2da2ad7c49f5a33cf6
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
ec4fb05ff94d7a46463cf9920e089852f81ad10bdfd03b4f3741c88602ee00b4
ec6c461b6a7da1d28c5bb10b93c755c080ccdaed59821bdf1076bdc3866cc956
ed46ff2bc02a51fa12d7e3223b20001a4ed8cf5acfcbfc8e9786996745f0adcd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01dbfc1427e926e2b1e7f38a7046ec06d95e40d723154f2ce83e75172df9ccd
f92613e18f86a27550aa6d749c835105da1adcb8144563d352341a871cf7e8ec
fa6c0d77f097497e1a53b31c22f0aac13947e9a7a72a5202806411bebf7c916a
facb3e5741e7c0bdef290f3b75a5b221b30908330d428630e4bea4e1e7555ffa

nhadat.forum.st Open in urlscan Pro 178.33.44.177 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

152 Requests

76 %HTTPS

47 %IPv6

45 Domains

65 Subdomains

57 IPs

10 Countries

1934 kBTransfer

4627 kBSize

33 Cookies

10 Outgoing links

Redirected requests

152 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

nhadat.forum.st Open in urlscan Pro
178.33.44.177 Public Scan

Screenshot
Live screenshot

Full Image

152
Requests

76 %
HTTPS

47 %
IPv6

45
Domains

65
Subdomains

57
IPs

10
Countries

1934 kB
Transfer

4627 kB
Size

33
Cookies

152 HTTP transactions
1 data transactions