bearmonauth.myharavan.com Open in urlscan Pro
103.154.102.1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bearmonauth.com/
Effective URL:
https://bearmonauth.myharavan.com/
Submission: On April 05 via automatic, source certstream-suspicious (April 5th 2023, 1:59:55 pm UTC) — Scanned from DE

Summary HTTP 93 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 11 domains to perform 93 HTTP transactions. The main IP is 103.154.102.1, located in Viet Nam and belongs to HARAVAN-AS-VN HARAVAN TECHNOLOGY CORPORATION, VN. The main domain is bearmonauth.myharavan.com.
TLS certificate: Issued by R3 on March 20th 2023. Valid for: 3 months.

This is the only time bearmonauth.myharavan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3033::6815:206a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	103.154.102.1 103.154.102.1	140801 (HARAVAN-A...) (HARAVAN-AS-VN HARAVAN TECHNOLOGY CORPORATION)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
30	2606:4700:10:... 2606:4700:10::ac43:ebf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:303... 2606:4700:3038::6815:ea26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	2405:4800:105... 2405:4800:105:4:face:b00c:0:a7	18403 (FPT-AS-AP...) (FPT-AS-AP FPT Telecom Company)
93	12

1 2606:4700:3033::6815:206a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bearmonauth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.154.102.1 (Viet Nam)

ASN140801 (HARAVAN-AS-VN HARAVAN TECHNOLOGY CORPORATION, VN)

bearmonauth.myharavan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2606:4700:10::ac43:ebf (United States)

ASN13335 (CLOUDFLARENET, US)

theme.hstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stats.hstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
file.hstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ea26 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

assets.harafunnel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

app.harasocial.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:800e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

socialplugin.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2405:4800:105:4:face:b00c:0:a7 (Viet Nam)

ASN18403 (FPT-AS-AP FPT Telecom Company, VN)

scontent.fhan2-3.fna.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	hstatic.net theme.hstatic.net — Cisco Umbrella Rank: 121888 stats.hstatic.net — Cisco Umbrella Rank: 131335 file.hstatic.net — Cisco Umbrella Rank: 128258 hstatic.net — Cisco Umbrella Rank: 91018	704 KB
24	gstatic.com www.gstatic.com fonts.gstatic.com	1 MB
15	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 760 scontent.xx.fbcdn.net — Cisco Umbrella Rank: 380 scontent.fhan2-3.fna.fbcdn.net — Cisco Umbrella Rank: 37101	176 KB
13	google.com www.google.com — Cisco Umbrella Rank: 2	179 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161 socialplugin.facebook.net — Cisco Umbrella Rank: 12669	91 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	2 KB
2	myharavan.com bearmonauth.myharavan.com	58 KB
1	harasocial.com app.harasocial.com — Cisco Umbrella Rank: 409943	2 KB
1	harafunnel.com 1 redirects assets.harafunnel.com — Cisco Umbrella Rank: 506532	512 B
1	bearmonauth.com 1 redirects bearmonauth.com	612 B
93	11

	Domain	Requested by
14	theme.hstatic.net	bearmonauth.myharavan.com theme.hstatic.net
13	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
13	www.gstatic.com	www.google.com www.gstatic.com
13	www.google.com	bearmonauth.myharavan.com www.gstatic.com www.google.com
11	fonts.gstatic.com	fonts.googleapis.com www.google.com
11	file.hstatic.net	bearmonauth.myharavan.com theme.hstatic.net
4	www.facebook.com	connect.facebook.net
3	hstatic.net	bearmonauth.myharavan.com assets.harafunnel.com
2	stats.hstatic.net	bearmonauth.myharavan.com stats.hstatic.net
2	fonts.googleapis.com	bearmonauth.myharavan.com theme.hstatic.net
2	bearmonauth.myharavan.com	theme.hstatic.net
1	scontent.fhan2-3.fna.fbcdn.net	www.facebook.com
1	scontent.xx.fbcdn.net	www.facebook.com
1	socialplugin.facebook.net	connect.facebook.net
1	connect.facebook.net	hstatic.net
1	app.harasocial.com	bearmonauth.myharavan.com
1	assets.harafunnel.com	1 redirects
1	bearmonauth.com	1 redirects
93	18

This site contains links to these domains. Also see Links.

Domain
policies.google.com
www.haravan.com
m.me

Subject Issuer	Validity	Valid
*.myharavan.com R3	`2023-03-20` - `2023-06-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-12` - `2023-04-12`	3 months	crt.sh
*.socialplugin.facebook.net DigiCert SHA2 High Assurance Server CA	`2023-01-12` - `2023-04-12`	3 months	crt.sh
*.fhan2-3.fna.fbcdn.net DigiCert SHA2 High Assurance Server CA	`2023-03-24` - `2023-06-22`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://bearmonauth.myharavan.com/
Frame ID: E21929001CEF6EC1EF56CA328F29121B
Requests: 46 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdD18MUAAAAAHqKl3Avv8W-tREL6LangePxQLM-&co=aHR0cHM6Ly9iZWFybW9uYXV0aC5teWhhcmF2YW4uY29tOjQ0Mw..&hl=de&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=309h0cd49wd1
Frame ID: 00A6A1FD7E1E5EDA6D962EB9DA5072C0
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdD18MUAAAAAHqKl3Avv8W-tREL6LangePxQLM-&co=aHR0cHM6Ly9iZWFybW9uYXV0aC5teWhhcmF2YW4uY29tOjQ0Mw..&hl=de&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=357916of4271
Frame ID: 450D5A87671215514BE6BFA0FB8B30BB
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdD18MUAAAAAHqKl3Avv8W-tREL6LangePxQLM-&co=aHR0cHM6Ly9iZWFybW9uYXV0aC5teWhhcmF2YW4uY29tOjQ0Mw..&hl=de&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=2537uabc1h29
Frame ID: 7CB61BEBDF98F30F5938B0F5273E3574
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdD18MUAAAAAHqKl3Avv8W-tREL6LangePxQLM-&co=aHR0cHM6Ly9iZWFybW9uYXV0aC5teWhhcmF2YW4uY29tOjQ0Mw..&hl=de&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=bymm0tkcmar
Frame ID: 4851E4F682DBCAF44FBFB15F253C60F8
Requests: 11 HTTP requests in this frame

Frame: https://www.facebook.com/v12.0/plugins/page.php?adapt_container_width=true&app_id=363772567412181&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2907ba87d555f%26domain%3Dbearmonauth.myharavan.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbearmonauth.myharavan.com%252Fff8ba26f691cb%26relation%3Dparent.parent&container_width=335&height=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fharavan.official&locale=vi_VN&sdk=joey&show_facepile=true&show_posts=false&small_header=false
Frame ID: D3F633CB60921FADF71D1C76BB6CD210
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bear Mon user

Page URL History Show full URLs

https://bearmonauth.com/ HTTP 301
https://bearmonauth.myharavan.com/ Page URL

Detected technologies

Haravan (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

haravan.*\.js

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

93
Requests

99 %
HTTPS

92 %
IPv6

11
Domains

18
Subdomains

12
IPs

3
Countries

2333 kB
Transfer

5090 kB
Size

4
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.haravan.com/?utm_campaign=poweredby&utm_medium=haravan&utm_source=onlinestore
Title: Powered by Haravan

Search URL Search Domain Scan URL

URL: https://m.me/108520260558644

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bearmonauth.com/ HTTP 301
https://bearmonauth.myharavan.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://assets.harafunnel.com/widget/108520260558644.js?_=1680703187589 HTTP 301
https://app.harasocial.com/widget/108520260558644.js?_=1680703187589

93 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
bearmonauth.myharavan.com/
Redirect Chain

https://bearmonauth.com/
https://bearmonauth.myharavan.com/

278 KB
58 KB

738ms
248ms

Document
text/html

103.154.102.1
HARAVAN-AS-VN HAR...

General

Check archive.org

Show headers Download Go to

Full URL

https://bearmonauth.myharavan.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.154.102.1 , Viet Nam, ASN140801 (HARAVAN-AS-VN HARAVAN TECHNOLOGY CORPORATION, VN),

Reverse DNS

Software

openresty /

Resource Hash

e286f6dc09bf19f49fa6fcf09a9718915ea7e1e1f087a437dc04dd33c44e3ff9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'self' https://*.haravan.com; upgrade-insecure-requests
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-security-policy: block-all-mixed-content; frame-ancestors 'self' https://*.haravan.com; upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Wed, 05 Apr 2023 13:59:46 GMT
etag: W/"ce41093e45cd4e029230b792f8f9ba4b"
p3p: CP="NOI DSP COR NID ADMa OPTa OUR NOR"
server: openresty
strict-transport-security: max-age=7889238
x-cache: hit, server
x-cache-ver: 41
x-content-type-options: nosniff
x-requestid: 9c621e77c163e336542fbcabc8071a47
x-shopid: 200000696195
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7b32503d7ed28fe2-FRA
content-length: 0
content-security-policy: frame-ancestors 'self';
date: Wed, 05 Apr 2023 13:59:46 GMT
location: https://bearmonauth.myharavan.com/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="NOI DSP COR NID ADMa OPTa OUR NOR"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zaO7r7emUDrOoZvH%2F3Al8iryedKTV2kRWeaCdgov%2BIRV50kTZ5ILxUhJ0EkdFjO2fjU9Xd0heOWeoo6NgjNI2tRng7wGPQQv%2BlQSpoLdWfPVXqxBWiB1%2FPnOrAf%2B6F3eHz%2Frfsw2xXGJEeg7g6U%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-requestid: a7e01b0dcc9f3727982fff0e6c001ab3
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1 KB 84ms
33ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,300i,400,400i,500,500i,600,600i,700,700i&subset=vietnamese

Requested by

Host: bearmonauth.myharavan.com
URL: https://bearmonauth.myharavan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6c0f5cc343b8d3bd4358d6d993877e4ef4c6f230ea7f56034ceb32e994b4a4fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bearmonauth.myharavan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Apr 2023 13:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 13:59:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Apr 2023 13:59:46 GMT

GET
H2 200 styles.css
theme.hstatic.net/200000696195/1001033798/14/ 147 KB
28 KB 304ms
238ms Stylesheet
text/css 2606:4700:10::ac43:ebf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theme.hstatic.net/200000696195/1001033798/14/styles.css?v=1
Requested by: Host: bearmonauth.myharavan.com
URL: https://bearmonauth.myharavan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd45e08105d39663f3f8125b5d7df24e777d51cfd38c41eafb542da7832ce461

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bearmonauth.myharavan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:47 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
x-requestid: 0HMPKCFLKOP6B:0000003E
x-envoy-upstream-service-time: 22
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 05 Apr 2023 10:48:36 GMT
server: cloudflare
etag: W/"2fead267d69bd7625806e31472966f7f"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b325048a91a3669-FRA
expires: Wed, 05 Apr 2023 12:01:47 GMT

GET
H2 200 jquery.min.1.11.0.js Show response
theme.hstatic.net/200000696195/1001033798/14/ 94 KB
34 KB 325ms
260ms Script
application/javascript 2606:4700:10::ac43:ebf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theme.hstatic.net/200000696195/1001033798/14/jquery.min.1.11.0.js?v=1
Requested by: Host: bearmonauth.myharavan.com
URL: https://bearmonauth.myharavan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8869e934593472f09a542ff1e1643c188fd850b37591919759113671e5e1ebbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bearmonauth.myharavan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:47 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
x-requestid: 0HMPKCFLKOP0P:00000118
x-envoy-upstream-service-time: 33
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 05 Apr 2023 10:48:24 GMT
server: cloudflare
etag: W/"abed2a9134f90d590707a6fa9a586099"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b325048a91c3669-FRA
expires: Wed, 05 Apr 2023 12:01:48 GMT

GET
H2 200 beacon.min.js Show response
stats.hstatic.net/ 32 KB
10 KB 51ms
31ms Script
application/javascript 2606:4700:10::ac43:ebf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.hstatic.net/beacon.min.js
Requested by: Host: bearmonauth.myharavan.com
URL: https://bearmonauth.myharavan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e881def1372246e024cc6bb1df05dac69e3f1baaa46dcec15770bddd8430e19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bearmonauth.myharavan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Feb 2023 02:59:51 GMT
server: cloudflare
age: 1410
etag: W/"1d945a090c45241"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7b32504a9bc93669-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
909 B 96ms
44ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LdD18MUAAAAAHqKl3Avv8W-tREL6LangePxQLM-

Requested by

Host: bearmonauth.myharavan.com
URL: https://bearmonauth.myharavan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

854d70c7852b8e06e808bff5840588755ffcdb50934307fc75ef6aa929554032

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bearmonauth.myharavan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 589
x-xss-protection: 1; mode=block
expires: Wed, 05 Apr 2023 13:59:47 GMT

GET
H2 200 slid01_e89a0f8aa2874ef0849de530c10408e8.jpg
file.hstatic.net/1000300454/file/ 167 KB
168 KB 429ms
267ms Image
image/jpeg 2606:4700:10::ac43:ebf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.hstatic.net/1000300454/file/slid01_e89a0f8aa2874ef0849de530c10408e8.jpg
Requested by: Host: bearmonauth.myharavan.com
URL: https://bearmonauth.myharavan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce97cedeaa09854c646a537c9c6f6453df08db3a7716c6cf256d92922855f718

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bearmonauth.myharavan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:48 GMT
via: 1.1 google
cf-cache-status: HIT
x-requestid: 0HMJEF1AO65AO:00001F54
cf-polished: degrade=85, origSize=203979, status=webp_bigger
x-envoy-upstream-service-time: 36
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 171163
cf-bgj: imgq:85,h2pri
last-modified: Tue, 23 Jun 2020 07:39:39 GMT
server: cloudflare
etag: "cdb79680f0912c72f6062ff797dcb8c3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b32504b8cfb3669-FRA
expires: Tue, 26 Jul 2022 03:55:47 GMT

GET
H2 200 spm1.png
theme.hstatic.net/200000696195/1001033798/14/ 3 KB
3 KB 224ms
221ms Image
image/webp 2606:4700:10::ac43:ebf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.hstatic.net/200000696195/1001033798/14/spm1.png?v=1
Requested by: Host: bearmonauth.myharavan.com
URL: https://bearmonauth.myharavan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c0af2189c901519861c5b7f3c869d7c0b070d03e52b4a06c9855e6f9f4a7aa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bearmonauth.myharavan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:47 GMT
via: 1.1 google
cf-cache-status: HIT
x-requestid: 0HMPKCFLKOP7U:0000002F
cf-polished: origFmt=png, origSize=4713
x-envoy-upstream-service-time: 23
content-disposition: inline; filename="spm1.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2980
cf-bgj: imgq:85,h2pri
last-modified: Wed, 05 Apr 2023 10:48:12 GMT
server: cloudflare
etag: "a55351552a4545b3de080ab6f7914803"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b32504a8ba23669-FRA
expires: Wed, 05 Apr 2023 12:01:49 GMT

GET
H2 200 spm2.png
theme.hstatic.net/200000696195/1001033798/14/ 4 KB
4 KB 247ms
245ms Image
image/webp 2606:4700:10::ac43:ebf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.hstatic.net/200000696195/1001033798/14/spm2.png?v=1
Requested by: Host: bearmonauth.myharavan.com
URL: https://bearmonauth.myharavan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9369cf7cc91b293dfc4c3064c937d047e9945abeabe914df92aa3b6b3d5b2b40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bearmonauth.myharavan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:47 GMT
via: 1.1 google
cf-cache-status: HIT
x-requestid: 0HMPKCFLKOP85:00000023
cf-polished: origFmt=png, origSize=5224
x-envoy-upstream-service-time: 21
content-disposition: inline; filename="spm2.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3710
cf-bgj: imgq:85,h2pri
last-modified: Wed, 05 Apr 2023 10:48:13 GMT
server: cloudflare
etag: "37646e19c3c88167708af70bb88b9d08"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b32504a8ba33669-FRA
expires: Wed, 05 Apr 2023 12:01:50 GMT

GET
H2 200 spm3.png
theme.hstatic.net/200000696195/1001033798/14/ 6 KB
6 KB 237ms
235ms Image
image/webp 2606:4700:10::ac43:ebf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.hstatic.net/200000696195/1001033798/14/spm3.png?v=1
Requested by: Host: bearmonauth.myharavan.com
URL: https://bearmonauth.myharavan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f5b3cda30718c74f75bcb0c5deaa01dbfe9cc231fc242b31eee9f8e7cf14fa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bearmonauth.myharavan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:47 GMT
via: 1.1 google
cf-cache-status: HIT
x-requestid: 0HMPKCFLKOP45:000000BF
cf-polished: origFmt=png, origSize=8277
x-envoy-upstream-service-time: 21
content-disposition: inline; filename="spm3.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6192
cf-bgj: imgq:85,h2pri
last-modified: Wed, 05 Apr 2023 10:48:13 GMT
server: cloudflare
etag: "0cce95100d09b3576e813e4f77fed95a"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b32504a8ba43669-FRA
expires: Wed, 05 Apr 2023 12:01:51 GMT

GET
H2 200 spm4.png
theme.hstatic.net/200000696195/1001033798/14/ 6 KB
6 KB 265ms
263ms Image
image/webp 2606:4700:10::ac43:ebf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.hstatic.net/200000696195/1001033798/14/spm4.png?v=1
Requested by: Host: bearmonauth.myharavan.com
URL: https://bearmonauth.myharavan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05f34536a3a5164f433b3fd15064bcd645e362b35e7be049ec5f16e87cbd3296

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bearmonauth.myharavan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:47 GMT
via: 1.1 google
cf-cache-status: HIT
x-requestid: 0HMPKCFLKOP4Q:000000B5
cf-polished: origFmt=png, origSize=7648
x-envoy-upstream-service-time: 33
content-disposition: inline; filename="spm4.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6292
cf-bgj: imgq:85,h2pri
last-modified: Wed, 05 Apr 2023 10:48:13 GMT
server: cloudflare
etag: "11d16ba787b423f8b19acdb385ae167f"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b32504a8ba63669-FRA
expires: Wed, 05 Apr 2023 12:01:52 GMT

GET
H2 200 logo_bct_019590229b4c4dfda690236b67f7aff4.png
file.hstatic.net/1000300454/file/ 8 KB
8 KB 196ms
34ms Image
image/webp 2606:4700:10::ac43:ebf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.hstatic.net/1000300454/file/logo_bct_019590229b4c4dfda690236b67f7aff4.png
Requested by: Host: bearmonauth.myharavan.com
URL: https://bearmonauth.myharavan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19aae15688157b49540a52f9edb81b35037782cc1c93615351e0b7881208a362

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bearmonauth.myharavan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:47 GMT
via: 1.1 google
cf-cache-status: HIT
x-requestid: 0HMJU5ARUG7FN:00000014
age: 5469943
cf-polished: origFmt=png, origSize=14816
x-envoy-upstream-service-time: 64
content-disposition: inline; filename="logo_bct_019590229b4c4dfda690236b67f7aff4.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8386
cf-bgj: imgq:85,h2pri
last-modified: Mon, 08 Jun 2020 07:47:18 GMT
server: cloudflare
etag: "3e6521c076eae3bfabb4a0d26407d779"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b32504b8cff3669-FRA
expires: Mon, 15 Aug 2022 01:24:34 GMT

GET
H2 200 option_selection.js Show response
hstatic.net/0/0/global/ 19 KB
5 KB 51ms
33ms Script
application/javascript 2606:4700:10::ac43:ebf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hstatic.net/0/0/global/option_selection.js
Requested by: Host: bearmonauth.myharavan.com
URL: https://bearmonauth.myharavan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 905749f258a2caaa92b915686b2aba91980c08e5684bffda40ea26d52d066250

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bearmonauth.myharavan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:47 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
x-requestid: 0HM861KL1OGMF:00000016
age: 5473324
x-envoy-upstream-service-time: 19
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 20 Apr 2019 03:53:02 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b32504a5b473669-FRA
expires: Tue, 06 Sep 2022 04:27:21 GMT

GET
H2 200 api.jquery.js Show response
hstatic.net/0/0/global/ 13 KB
3 KB 32ms
32ms Script
application/javascript 2606:4700:10::ac43:ebf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hstatic.net/0/0/global/api.jquery.js
Requested by: Host: bearmonauth.myharavan.com
URL: https://bearmonauth.myharavan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f3e2ca21a3e030e50abd661916c10060a26b250d36334f5b31e95d5db57ea35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bearmonauth.myharavan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:47 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
x-requestid: 0HM861KL1OF48:000002C6
age: 5473324
x-envoy-upstream-service-time: 16
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 20 Apr 2019 03:53:30 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b32504a6b763669-FRA
expires: Thu, 08 Sep 2022 05:55:25 GMT

GET
H2 200 plugins.js Show response
theme.hstatic.net/200000696195/1001033798/14/ 199 KB
51 KB 1320ms
1317ms Script
application/javascript 2606:4700:10::ac43:ebf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theme.hstatic.net/200000696195/1001033798/14/plugins.js?v=1
Requested by: Host: bearmonauth.myharavan.com
URL: https://bearmonauth.myharavan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5095656dbf4e6253aed4af0ec4d89e4107b150781131d93e11467a7a39797f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bearmonauth.myharavan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:48 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
x-requestid: 0HMPKCFLKOOKL:00000178
x-envoy-upstream-service-time: 39
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 05 Apr 2023 10:48:23 GMT
server: cloudflare
etag: W/"604a0ecaccae3d7b8e8317fccec316af"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b32504a8b9f3669-FRA
expires: Wed, 05 Apr 2023 12:01:47 GMT

GET
H2 200 scripts.js Show response
theme.hstatic.net/200000696195/1001033798/14/ 24 KB
7 KB 278ms
275ms Script
application/javascript 2606:4700:10::ac43:ebf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theme.hstatic.net/200000696195/1001033798/14/scripts.js?v=1
Requested by: Host: bearmonauth.myharavan.com
URL: https://bearmonauth.myharavan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8731e2e27266b75ed3b9254a22b64cd81f42ff58d21ef5bddc4ebb5a9119e59f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bearmonauth.myharavan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:47 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
x-requestid: 0HMPKCFLKOP6B:0000003D
x-envoy-upstream-service-time: 23
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 05 Apr 2023 10:48:36 GMT
server: cloudflare
etag: W/"4d88ec9d8f17c2588c49bdeb76905f51"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b32504a8ba13669-FRA
expires: Wed, 05 Apr 2023 12:01:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
571 B 32ms
32ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Quicksand:300,400,500,700&subset=vietnamese

Requested by

Host: theme.hstatic.net
URL: https://theme.hstatic.net/200000696195/1001033798/14/styles.css?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca773b15bef0cafa2ecf159fb8ea0c0fe64cec322105b3faa3d5aaf8b5536bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theme.hstatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Apr 2023 13:59:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 13:59:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Apr 2023 13:59:47 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ 410 KB
165 KB 77ms
22ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdD18MUAAAAAHqKl3Avv8W-tREL6LangePxQLM-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb03a90ba8e768848eccdace513b8d3a36a2c29b5497a2b43662b09dd59eed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bearmonauth.myharavan.com/
Origin: https://bearmonauth.myharavan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 09:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104009
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167953
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:02:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Apr 2024 09:06:18 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 6xKtdSZaM9iE8KbpRA_hK1QN.woff2
fonts.gstatic.com/s/quicksand/v30/ 25 KB
26 KB 76ms
23ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand:300,400,500,700&subset=vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b166007d6f54c33b3ea10ea23572bc3166f55f365840d3cbd6ef7b5dcf6674e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bearmonauth.myharavan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:52:32 GMT
x-content-type-options: nosniff
age: 97635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25672
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:12:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:52:32 GMT

GET
H2 200 icon_footer.png
theme.hstatic.net/200000696195/1001033798/14/ 2 KB
2 KB 223ms
223ms Image
image/webp 2606:4700:10::ac43:ebf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.hstatic.net/200000696195/1001033798/14/icon_footer.png?v=2
Requested by: Host: theme.hstatic.net
URL: https://theme.hstatic.net/200000696195/1001033798/14/styles.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16ba761512991e942f20ec0881b7f67ba8ba465af63ea9f9b3ff90bc3a23a114

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theme.hstatic.net/200000696195/1001033798/14/styles.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:47 GMT
via: 1.1 google
cf-cache-status: HIT
x-requestid: 0HMPKCFLKOON8:0000017D
cf-polished: origFmt=png, origSize=2967
x-envoy-upstream-service-time: 40
content-disposition: inline; filename="icon_footer.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1978
cf-bgj: imgq:85,h2pri
last-modified: Wed, 05 Apr 2023 10:48:26 GMT
server: cloudflare
etag: "c4a32af8fdde78630cd2df690f7027aa"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b32504a9bb43669-FRA
expires: Wed, 05 Apr 2023 12:01:52 GMT

GET
H2 200 icon_footer_1.png
theme.hstatic.net/200000696195/1001033798/14/ 294 B
626 B 223ms
222ms Image
image/webp 2606:4700:10::ac43:ebf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.hstatic.net/200000696195/1001033798/14/icon_footer_1.png?v=2
Requested by: Host: theme.hstatic.net
URL: https://theme.hstatic.net/200000696195/1001033798/14/styles.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e7e2f155ff8b5f7ca9a40794f08b6dd0e07e4c2cb099ac30ae1d332f67b697c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theme.hstatic.net/200000696195/1001033798/14/styles.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:47 GMT
via: 1.1 google
cf-cache-status: HIT
x-requestid: 0HMPKCFLKOPA4:00000402
cf-polished: origFmt=png, origSize=697
x-envoy-upstream-service-time: 30
content-disposition: inline; filename="icon_footer_1.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 294
cf-bgj: imgq:85,h2pri
last-modified: Wed, 05 Apr 2023 10:48:25 GMT
server: cloudflare
etag: "e79e8f845b078bc96b4ae71e6b1119f9"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b32504a9bb93669-FRA
expires: Wed, 05 Apr 2023 12:16:31 GMT

GET
H2 200 icon_footer_2.png
theme.hstatic.net/200000696195/1001033798/14/ 410 B
584 B 239ms
239ms Image
image/webp 2606:4700:10::ac43:ebf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.hstatic.net/200000696195/1001033798/14/icon_footer_2.png?v=2
Requested by: Host: theme.hstatic.net
URL: https://theme.hstatic.net/200000696195/1001033798/14/styles.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40441fdbf624a824049ea6e64719f284b41e670f729d0b0d6251561329e3bdc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theme.hstatic.net/200000696195/1001033798/14/styles.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:47 GMT
via: 1.1 google
cf-cache-status: HIT
x-requestid: 0HMPKCFLKOOUP:0000050E
cf-polished: origFmt=png, origSize=837
x-envoy-upstream-service-time: 27
content-disposition: inline; filename="icon_footer_2.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 410
cf-bgj: imgq:85,h2pri
last-modified: Wed, 05 Apr 2023 10:48:25 GMT
server: cloudflare
etag: "269b9ced55fd25d154bf55273772e8af"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b32504a9bba3669-FRA
expires: Wed, 05 Apr 2023 12:16:31 GMT

GET
H2 200 icon_footer_3.png
theme.hstatic.net/200000696195/1001033798/14/ 482 B
648 B 242ms
242ms Image
image/webp 2606:4700:10::ac43:ebf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.hstatic.net/200000696195/1001033798/14/icon_footer_3.png?v=2
Requested by: Host: theme.hstatic.net
URL: https://theme.hstatic.net/200000696195/1001033798/14/styles.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af4de592faf404e27774367e4cf11b055aa6b338d80ee1d50d22f573339875c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theme.hstatic.net/200000696195/1001033798/14/styles.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:47 GMT
via: 1.1 google
cf-cache-status: HIT
x-requestid: 0HMPKCFLKOPGS:000002EF
cf-polished: origFmt=png, origSize=973
x-envoy-upstream-service-time: 27
content-disposition: inline; filename="icon_footer_3.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 482
cf-bgj: imgq:85,h2pri
last-modified: Wed, 05 Apr 2023 10:48:25 GMT
server: cloudflare
etag: "4819d7ff75033c23338c8defbe9504d1"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b32504a9bc23669-FRA
expires: Wed, 05 Apr 2023 12:16:32 GMT

GET
H2 200 icon_footer_4.png
theme.hstatic.net/200000696195/1001033798/14/ 302 B
493 B 234ms
234ms Image
image/webp 2606:4700:10::ac43:ebf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.hstatic.net/200000696195/1001033798/14/icon_footer_4.png?v=2
Requested by: Host: theme.hstatic.net
URL: https://theme.hstatic.net/200000696195/1001033798/14/styles.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a044e0275aec72e8e6f87454ab69b553e881ef204ff18e4d2070f3c7e552cfa6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theme.hstatic.net/200000696195/1001033798/14/styles.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:47 GMT
via: 1.1 google
cf-cache-status: HIT
x-requestid: 0HMPKCFLKOP7V:00000470
cf-polished: origFmt=png, origSize=691
x-envoy-upstream-service-time: 55
content-disposition: inline; filename="icon_footer_4.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 302
cf-bgj: imgq:85,h2pri
last-modified: Wed, 05 Apr 2023 10:48:26 GMT
server: cloudflare
etag: "21c12abd8c9de3a0a664cbe830e0f45d"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b32504a9bc33669-FRA
expires: Wed, 05 Apr 2023 12:16:32 GMT

GET
H3 200 fontawesome.woff
theme.hstatic.net/200000696195/1001033798/14/ 105 KB
106 KB 276ms
251ms Font
application/font-woff 2606:4700:10::ac43:ebf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theme.hstatic.net/200000696195/1001033798/14/fontawesome.woff?v=2
Requested by: Host: theme.hstatic.net
URL: https://theme.hstatic.net/200000696195/1001033798/14/styles.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b2081076dc85b42ad34b5ddf6d4f95741efc8727da7f044c3b925f08aee4efd

Request headers

Referer: https://theme.hstatic.net/200000696195/1001033798/14/styles.css?v=1
Origin: https://bearmonauth.myharavan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:47 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
x-requestid: 0HMPKCFLKOON8:000003EA
x-envoy-upstream-service-time: 47
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 05 Apr 2023 10:48:24 GMT
server: cloudflare
etag: W/"9d2d4a9faae9eeb20b075cf291e522c1"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b32504ab96abb95-FRA
expires: Wed, 05 Apr 2023 12:12:47 GMT

GET
H2 200 6xKtdSZaM9iE8KbpRA_hJVQNcOM.woff2
fonts.gstatic.com/s/quicksand/v30/ 22 KB
22 KB 92ms
45ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hJVQNcOM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand:300,400,500,700&subset=vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd0696ea5d7cd294b7921ddb1b74a7a89de7ff7eedf8cda7ada92ef045004e9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bearmonauth.myharavan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 12:03:28 GMT
x-content-type-options: nosniff
age: 93379
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22164
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:21:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 12:03:28 GMT

GET
H2 200 6xKtdSZaM9iE8KbpRA_hJFQNcOM.woff2
fonts.gstatic.com/s/quicksand/v30/ 7 KB
7 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hJFQNcOM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand:300,400,500,700&subset=vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4300f8b2fe7c4584f81acd4797abeab846f74378ef6d7d6420f6e6fe95b2dd9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bearmonauth.myharavan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 16:36:23 GMT
x-content-type-options: nosniff
age: 77004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6764
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:21:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 16:36:23 GMT

GET
H2

200

108520260558644.js Show response
app.harasocial.com/widget/
Redirect Chain

https://assets.harafunnel.com/widget/108520260558644.js?_=1680703187589
https://app.harasocial.com/widget/108520260558644.js?_=1680703187589

3 KB
2 KB

94ms
28ms

Script
application/javascript

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.harasocial.com/widget/108520260558644.js?_=1680703187589

Requested by

Host: bearmonauth.myharavan.com
URL: https://bearmonauth.myharavan.com/

Protocol

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96dc8bdbf12f13ee666cc41e04b50457dcccfe4545f31f161d963df0febcd198

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bearmonauth.myharavan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: block-all-mixed-content; upgrade-insecure-requests
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-requestid: d60900edb613dd1084d2831d976e5058
age: 120149
cf-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 11 Mar 2023 09:22:26 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2fMjYTA0J1LusTRTfpayQx%2FMFblP5KS3P60zyWo9iubTzUw9yuicUl1vJAYyv%2FjbArbU6YNG6IBZFT5S4TsImcVZ4c2RXeznjmB%2BnXpkHQ%2FTXvI5tpvewwxXTQAxC0GICKPhZAGq328WE3%2B8LpFnEE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 7b325056387837fe-FRA

Redirect headers

date: Wed, 05 Apr 2023 13:59:49 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TAVlQAYsG26tr2zAwpfWhFXLoDpaFUSFmJAOZUpY6v7qgFJ5PsRnYaal0N7cuiaeQ2hinkvH1uQMUpdpav8%2BbGSTvuc9lwkNPdOIXGKYBaJ9Ze%2Bf9htWG3TDCZtHHB%2BOjzhz612yxj%2FQl7Fndh2MsyfqMQ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://app.harasocial.com/widget/108520260558644.js?_=1680703187589
cache-control: max-age=31536000
cf-ray: 7b32505359bd0414-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 analytics
stats.hstatic.net/ 0
121 B 443ms
443ms Ping
text/plain 2606:4700:10::ac43:ebf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.hstatic.net/analytics
Requested by: Host: stats.hstatic.net
URL: https://stats.hstatic.net/beacon.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bearmonauth.myharavan.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 05 Apr 2023 13:59:49 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7b325052f98130cc-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 cart.js Show response
bearmonauth.myharavan.com/ 165 B
535 B 262ms
262ms XHR
application/json 103.154.102.1
HARAVAN-AS-VN HAR...

General

Check archive.org

Show headers Download Go to

Full URL

https://bearmonauth.myharavan.com/cart.js

Requested by

Host: theme.hstatic.net
URL: https://theme.hstatic.net/200000696195/1001033798/14/jquery.min.1.11.0.js?v=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.154.102.1 , Viet Nam, ASN140801 (HARAVAN-AS-VN HARAVAN TECHNOLOGY CORPORATION, VN),

Reverse DNS

Software

openresty /

Resource Hash

1d004c34d4d336590062a24ddf11b592132d9b878c9980c356ef2e12726cf783

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'self' https://*.haravan.com; upgrade-insecure-requests
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://bearmonauth.myharavan.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 13:59:49 GMT
strict-transport-security: max-age=7889238
x-content-type-options: nosniff
content-security-policy: block-all-mixed-content; frame-ancestors 'self' https://*.haravan.com; upgrade-insecure-requests
content-encoding: gzip
server: openresty
x-requestid: 682f657333675e4ab8e37920ba26f3a1
x-shopid: 200000696195
vary: Accept-Encoding
content-type: application/json; charset=utf-8
p3p: CP="NOI DSP COR NID ADMa OPTa OUR NOR"
cache-control: no-store,no-cache
x-xss-protection: 1; mode=block

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 00A6 47 KB
26 KB 42ms
41ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdD18MUAAAAAHqKl3Avv8W-tREL6LangePxQLM-&co=aHR0cHM6Ly9iZWFybW9uYXV0aC5teWhhcmF2YW4uY29tOjQ0Mw..&hl=de&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=309h0cd49wd1

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b43559d51a6bd0496894ae4922185439a22c46ae924f282e7240bc25bb76e77a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zAd1GtQjFZmME53oWhWW_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bearmonauth.myharavan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 26003
content-security-policy: script-src 'report-sample' 'nonce-zAd1GtQjFZmME53oWhWW_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 13:59:48 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 450D 47 KB
26 KB 63ms
62ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9703f2e536bf78fd684237075833c27d513041955f2e3e61745ae6060dba9cbd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-o_5S3ivyka5wccGEXZud-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bearmonauth.myharavan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 26170
content-security-policy: script-src 'report-sample' 'nonce-o_5S3ivyka5wccGEXZud-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 13:59:48 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 7CB6 47 KB
26 KB 50ms
48ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

feb9f79c7a2abfeb0efaec612d88e3d6c7760b2426c259ea6fa531dc4dccb320

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MMd3CdzZgV8l9faFvNvTtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bearmonauth.myharavan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 26359
content-security-policy: script-src 'report-sample' 'nonce-MMd3CdzZgV8l9faFvNvTtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 13:59:48 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 4851 47 KB
26 KB 72ms
71ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f4f893bcb8b1b78aa46acec20afb830e291da6c73855330a32f12a61dce12bfe

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-09DUJU8n5RwUPyeBjmWOfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bearmonauth.myharavan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 26228
content-security-policy: script-src 'report-sample' 'nonce-09DUJU8n5RwUPyeBjmWOfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 13:59:49 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 banner04_3354e1e16cd14576a90ef1b647cad801.jpg
file.hstatic.net/1000300454/file/ 11 KB
11 KB 243ms
242ms Image
image/webp 2606:4700:10::ac43:ebf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.hstatic.net/1000300454/file/banner04_3354e1e16cd14576a90ef1b647cad801.jpg
Requested by: Host: bearmonauth.myharavan.com
URL: https://bearmonauth.myharavan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2edbe09d1cd71bab5bd2fa94f7b65aced9567cbaa3fc688630a3a4bb5704c674

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bearmonauth.myharavan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:49 GMT
via: 1.1 google
cf-cache-status: HIT
x-requestid: 0HMNT4LGVDMBH:000000D6
cf-polished: qual=85, origFmt=jpeg, origSize=32838
x-envoy-upstream-service-time: 106
content-disposition: inline; filename="banner04_3354e1e16cd14576a90ef1b647cad801.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10884
cf-bgj: imgq:85,h2pri
last-modified: Wed, 24 Jun 2020 02:37:46 GMT
server: cloudflare
etag: "268e7cede0cdf23ff6713ac189fd3403"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b32505339e430cc-FRA
expires: Tue, 24 Jan 2023 15:50:14 GMT

GET
H3 200 banner02_6cb58ce57c5b4212a654695ac2457402.jpg
file.hstatic.net/1000300454/file/ 18 KB
19 KB 244ms
243ms Image
image/webp 2606:4700:10::ac43:ebf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.hstatic.net/1000300454/file/banner02_6cb58ce57c5b4212a654695ac2457402.jpg
Requested by: Host: bearmonauth.myharavan.com
URL: https://bearmonauth.myharavan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d0e7de3506e65802186212c4485642c73bc3f43495e4ae363dac9908e76f199

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bearmonauth.myharavan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:49 GMT
via: 1.1 google
cf-cache-status: HIT
x-requestid: 0HMO6KE5P347H:0000005B
cf-polished: qual=85, origFmt=jpeg, origSize=38999
x-envoy-upstream-service-time: 81
content-disposition: inline; filename="banner02_6cb58ce57c5b4212a654695ac2457402.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18660
cf-bgj: imgq:85,h2pri
last-modified: Wed, 24 Jun 2020 02:37:48 GMT
server: cloudflare
etag: "d38f3423d9b0aa4892203f721529596a"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b32505339e530cc-FRA
expires: Tue, 07 Feb 2023 21:35:40 GMT

GET
H3 200 banner07_ede68040562340f49ea9fb3c14213f5c.jpg
file.hstatic.net/1000300454/file/ 21 KB
22 KB 221ms
220ms Image
image/webp 2606:4700:10::ac43:ebf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.hstatic.net/1000300454/file/banner07_ede68040562340f49ea9fb3c14213f5c.jpg
Requested by: Host: bearmonauth.myharavan.com
URL: https://bearmonauth.myharavan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd07fe3adbe6e3b2ccdb8ca11abc2227f758eb80649610c24ad268efbe046db7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bearmonauth.myharavan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:49 GMT
via: 1.1 google
cf-cache-status: HIT
x-requestid: 0HMNO24QBPC44:0000009E
cf-polished: qual=85, origFmt=jpeg, origSize=46105
x-envoy-upstream-service-time: 99
content-disposition: inline; filename="banner07_ede68040562340f49ea9fb3c14213f5c.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21740
cf-bgj: imgq:85,h2pri
last-modified: Wed, 24 Jun 2020 02:38:03 GMT
server: cloudflare
etag: "c00e0a4d456a0d16ded8a3395ee88568"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b32505339e730cc-FRA
expires: Wed, 18 Jan 2023 05:02:17 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ Frame 00A6 55 KB
24 KB 85ms
40ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdD18MUAAAAAHqKl3Avv8W-tREL6LangePxQLM-&co=aHR0cHM6Ly9iZWFybW9uYXV0aC5teWhhcmF2YW4uY29tOjQ0Mw..&hl=de&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=309h0cd49wd1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:30:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:02:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Apr 2024 13:30:33 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ Frame 00A6 410 KB
164 KB 106ms
63ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb03a90ba8e768848eccdace513b8d3a36a2c29b5497a2b43662b09dd59eed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 09:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167953
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:02:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Apr 2024 09:06:18 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ Frame 7CB6 55 KB
24 KB 61ms
23ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:30:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:02:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Apr 2024 13:30:33 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ Frame 7CB6 410 KB
164 KB 103ms
65ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb03a90ba8e768848eccdace513b8d3a36a2c29b5497a2b43662b09dd59eed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 09:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167953
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:02:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Apr 2024 09:06:18 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ Frame 450D 55 KB
24 KB 54ms
21ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:30:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:02:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Apr 2024 13:30:33 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ Frame 450D 410 KB
164 KB 102ms
69ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb03a90ba8e768848eccdace513b8d3a36a2c29b5497a2b43662b09dd59eed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 09:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167953
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:02:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Apr 2024 09:06:18 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ Frame 4851 55 KB
24 KB 74ms
49ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:30:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:02:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Apr 2024 13:30:33 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ Frame 4851 410 KB
164 KB 96ms
71ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb03a90ba8e768848eccdace513b8d3a36a2c29b5497a2b43662b09dd59eed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 09:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167953
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:02:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Apr 2024 09:06:18 GMT

GET
H3 200 banner05_1e0dd5d827b04713a9b5c9b360e7b41e.jpg
file.hstatic.net/1000300454/file/ 35 KB
36 KB 272ms
271ms Image
image/jpeg 2606:4700:10::ac43:ebf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.hstatic.net/1000300454/file/banner05_1e0dd5d827b04713a9b5c9b360e7b41e.jpg
Requested by: Host: bearmonauth.myharavan.com
URL: https://bearmonauth.myharavan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7bab8fd879d6514b69eef1ec2095bc24200c440f3d1196826cc179f2573cc30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bearmonauth.myharavan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:49 GMT
via: 1.1 google
cf-cache-status: HIT
x-requestid: 0HMNO24QBS118:00000028
cf-polished: degrade=85, origSize=59735, status=webp_bigger
x-envoy-upstream-service-time: 334
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36228
cf-bgj: imgq:85,h2pri
last-modified: Wed, 24 Jun 2020 02:38:05 GMT
server: cloudflare
etag: "78a70d2281e9df05ffbe378cbb83be13"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b3250542b1930cc-FRA
expires: Thu, 19 Jan 2023 04:34:04 GMT

GET
H3 200 banner08_4f31b23dfe8e4b59ab4926c6e787a25c.jpg
file.hstatic.net/1000300454/file/ 15 KB
15 KB 274ms
273ms Image
image/webp 2606:4700:10::ac43:ebf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.hstatic.net/1000300454/file/banner08_4f31b23dfe8e4b59ab4926c6e787a25c.jpg
Requested by: Host: bearmonauth.myharavan.com
URL: https://bearmonauth.myharavan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10a60618b0d1d6c9069508100ee09b3f03eff31d5c2b2cdce12224466f131eb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bearmonauth.myharavan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:49 GMT
via: 1.1 google
cf-cache-status: HIT
x-requestid: 0HMJEFORMG9OL:00002B06
cf-polished: qual=85, origFmt=jpeg, origSize=36735
x-envoy-upstream-service-time: 65
content-disposition: inline; filename="banner08_4f31b23dfe8e4b59ab4926c6e787a25c.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14934
cf-bgj: imgq:85,h2pri
last-modified: Wed, 24 Jun 2020 02:38:04 GMT
server: cloudflare
etag: "44e83da174cabf16304f5a994a732e55"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b3250542b1b30cc-FRA
expires: Tue, 26 Jul 2022 04:30:43 GMT

GET
H3 200 banner_h01_7bb9fcf8287b472391fadb6bc1984012.jpg
file.hstatic.net/1000300454/file/ 50 KB
50 KB 327ms
326ms Image
image/webp 2606:4700:10::ac43:ebf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.hstatic.net/1000300454/file/banner_h01_7bb9fcf8287b472391fadb6bc1984012.jpg
Requested by: Host: bearmonauth.myharavan.com
URL: https://bearmonauth.myharavan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 105ca077d5b5a91c7c590a9e2b637489c6782a32c61d5ab7ff7c5356aa8d7fa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bearmonauth.myharavan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:49 GMT
via: 1.1 google
cf-cache-status: HIT
x-requestid: 0HMNT4LGVK4GS:0000002E
cf-polished: qual=85, origFmt=jpeg, origSize=87684
x-envoy-upstream-service-time: 175
content-disposition: inline; filename="banner_h01_7bb9fcf8287b472391fadb6bc1984012.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50786
cf-bgj: imgq:85,h2pri
last-modified: Wed, 24 Jun 2020 02:45:48 GMT
server: cloudflare
etag: "7855f5e517314bece1c248ec2dd7725b"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b3250542b1c30cc-FRA
expires: Fri, 27 Jan 2023 01:07:36 GMT

GET
H3 200 banner-h04_a7d6ec5ff7324bbbb8cba3d1cdad99c2.jpg
file.hstatic.net/1000300454/file/ 39 KB
39 KB 828ms
827ms Image
image/webp 2606:4700:10::ac43:ebf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.hstatic.net/1000300454/file/banner-h04_a7d6ec5ff7324bbbb8cba3d1cdad99c2.jpg
Requested by: Host: bearmonauth.myharavan.com
URL: https://bearmonauth.myharavan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f7ec45c9a1aaa3477cc44854b02a337a98f2b2eae4315812ca5ae6a0f70ee5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bearmonauth.myharavan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:49 GMT
via: 1.1 google
cf-cache-status: HIT
x-requestid: 0HMJEFORMGD51:00002572
cf-polished: qual=85, origFmt=jpeg, origSize=74177
x-envoy-upstream-service-time: 57
content-disposition: inline; filename="banner-h04_a7d6ec5ff7324bbbb8cba3d1cdad99c2.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39790
cf-bgj: imgq:85,h2pri
last-modified: Wed, 24 Jun 2020 03:31:26 GMT
server: cloudflare
etag: "4250cb44e24edf1a32606f4791ae76ac"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b3250542b1d30cc-FRA
expires: Tue, 26 Jul 2022 04:30:43 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 4851 2 KB
2 KB 20ms
20ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 18:05:12 GMT
x-content-type-options: nosniff
age: 417277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 07 Apr 2023 18:05:12 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4851 15 KB
15 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:08 GMT
x-content-type-options: nosniff
age: 98921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:08 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4851 15 KB
15 KB 24ms
23ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:02 GMT
x-content-type-options: nosniff
age: 98927
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:02 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 450D 2 KB
2 KB 21ms
20ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 18:05:12 GMT
x-content-type-options: nosniff
age: 417277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 07 Apr 2023 18:05:12 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 450D 15 KB
15 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:08 GMT
x-content-type-options: nosniff
age: 98921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:08 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 450D 15 KB
15 KB 28ms
28ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:02 GMT
x-content-type-options: nosniff
age: 98927
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:02 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7CB6 2 KB
2 KB 21ms
20ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 18:05:12 GMT
x-content-type-options: nosniff
age: 417277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 07 Apr 2023 18:05:12 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7CB6 15 KB
15 KB 23ms
21ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:08 GMT
x-content-type-options: nosniff
age: 98921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:08 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7CB6 15 KB
15 KB 28ms
26ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:02 GMT
x-content-type-options: nosniff
age: 98927
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:02 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 00A6 2 KB
2 KB 22ms
20ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 18:05:12 GMT
x-content-type-options: nosniff
age: 417277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 07 Apr 2023 18:05:12 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 00A6 15 KB
15 KB 24ms
22ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:08 GMT
x-content-type-options: nosniff
age: 98921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:08 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 00A6 15 KB
15 KB 26ms
24ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:02 GMT
x-content-type-options: nosniff
age: 98927
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:02 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 4851 102 B
134 B 31ms
31ms Other
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=NZrMWHVy58-S9gVvad9HVGxk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5eeebeac1fee158e91552b54fd08b8d3db120dbe80ed09075135fa760415a3ba

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdD18MUAAAAAHqKl3Avv8W-tREL6LangePxQLM-&co=aHR0cHM6Ly9iZWFybW9uYXV0aC5teWhhcmF2YW4uY29tOjQ0Mw..&hl=de&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=bymm0tkcmar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 05 Apr 2023 13:59:49 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 450D 102 B
134 B 31ms
31ms Other
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=NZrMWHVy58-S9gVvad9HVGxk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5eeebeac1fee158e91552b54fd08b8d3db120dbe80ed09075135fa760415a3ba

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdD18MUAAAAAHqKl3Avv8W-tREL6LangePxQLM-&co=aHR0cHM6Ly9iZWFybW9uYXV0aC5teWhhcmF2YW4uY29tOjQ0Mw..&hl=de&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=357916of4271
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 05 Apr 2023 13:59:49 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 7CB6 102 B
134 B 32ms
31ms Other
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=NZrMWHVy58-S9gVvad9HVGxk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5eeebeac1fee158e91552b54fd08b8d3db120dbe80ed09075135fa760415a3ba

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdD18MUAAAAAHqKl3Avv8W-tREL6LangePxQLM-&co=aHR0cHM6Ly9iZWFybW9uYXV0aC5teWhhcmF2YW4uY29tOjQ0Mw..&hl=de&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=2537uabc1h29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 05 Apr 2023 13:59:49 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 00A6 102 B
134 B 34ms
34ms Other
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=NZrMWHVy58-S9gVvad9HVGxk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5eeebeac1fee158e91552b54fd08b8d3db120dbe80ed09075135fa760415a3ba

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdD18MUAAAAAHqKl3Avv8W-tREL6LangePxQLM-&co=aHR0cHM6Ly9iZWFybW9uYXV0aC5teWhhcmF2YW4uY29tOjQ0Mw..&hl=de&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=309h0cd49wd1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 05 Apr 2023 13:59:49 GMT

GET
H3 200 widget.js Show response
hstatic.net/harasocial/ 10 KB
3 KB 31ms
31ms Script
text/javascript 2606:4700:10::ac43:ebf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hstatic.net/harasocial/widget.js?v=1.1
Requested by: Host: assets.harafunnel.com
URL: https://assets.harafunnel.com/widget/108520260558644.js?_=1680703187589
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bcdff45d38657e7ae635fdb8bb903d4e1b5a010cf05f39955f6a45c994382c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bearmonauth.myharavan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:49 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
x-requestid: 90564e7e7a65c354271807cbd3c87a0b
age: 10556345
x-envoy-upstream-service-time: 49
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 12 Nov 2021 02:11:41 GMT
server: cloudflare
etag: W/"da2bc6ab6d412b50fbde80c16c9850f3"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b3250574f1030cc-FRA
expires: Thu, 26 May 2022 19:02:53 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 4851 32 KB
18 KB 70ms
69ms XHR
application/json 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LdD18MUAAAAAHqKl3Avv8W-tREL6LangePxQLM-

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b8d4438ded1b56de667eecc51028f5242c94b1e3ab73d4e23c11330db7c9a2ba

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdD18MUAAAAAHqKl3Avv8W-tREL6LangePxQLM-&co=aHR0cHM6Ly9iZWFybW9uYXV0aC5teWhhcmF2YW4uY29tOjQ0Mw..&hl=de&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=bymm0tkcmar
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 05 Apr 2023 13:59:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18766
x-xss-protection: 1; mode=block
expires: Wed, 05 Apr 2023 13:59:49 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 4851 32 KB
18 KB 74ms
74ms XHR
application/json 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LdD18MUAAAAAHqKl3Avv8W-tREL6LangePxQLM-

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cf820fca094620ecf3b9c2464b509ab88c6e908b48268cd6cc845f74443c4a0c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdD18MUAAAAAHqKl3Avv8W-tREL6LangePxQLM-&co=aHR0cHM6Ly9iZWFybW9uYXV0aC5teWhhcmF2YW4uY29tOjQ0Mw..&hl=de&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=bymm0tkcmar
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 05 Apr 2023 13:59:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18823
x-xss-protection: 1; mode=block
expires: Wed, 05 Apr 2023 13:59:49 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 4851 32 KB
19 KB 84ms
83ms XHR
application/json 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LdD18MUAAAAAHqKl3Avv8W-tREL6LangePxQLM-

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a75a3290dd8f89161f0eac9abb5545bda0002acf471ad88d17209eb15590992d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdD18MUAAAAAHqKl3Avv8W-tREL6LangePxQLM-&co=aHR0cHM6Ly9iZWFybW9uYXV0aC5teWhhcmF2YW4uY29tOjQ0Mw..&hl=de&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=bymm0tkcmar
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 05 Apr 2023 13:59:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18998
x-xss-protection: 1; mode=block
expires: Wed, 05 Apr 2023 13:59:50 GMT

GET
H3 200 banner-h03_0add8d9e594e4d37843c351f1e5f8bef.jpg
file.hstatic.net/1000300454/file/ 34 KB
34 KB 265ms
265ms Image
image/webp 2606:4700:10::ac43:ebf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.hstatic.net/1000300454/file/banner-h03_0add8d9e594e4d37843c351f1e5f8bef.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 758f2b1a9da1d5f90933b7400b10348c65c1d7a86f6408b5e3df43367c76fe11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bearmonauth.myharavan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:50 GMT
via: 1.1 google
cf-cache-status: HIT
x-requestid: 0HMJEFORMGAKT:00002D07
cf-polished: qual=85, origFmt=jpeg, origSize=63038
x-envoy-upstream-service-time: 45
content-disposition: inline; filename="banner-h03_0add8d9e594e4d37843c351f1e5f8bef.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34890
cf-bgj: imgq:85,h2pri
last-modified: Wed, 24 Jun 2020 02:45:48 GMT
server: cloudflare
etag: "1788a614b5a05c6fe097b077882e9ec8"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b32505a0ad130cc-FRA
expires: Tue, 26 Jul 2022 04:30:44 GMT

GET
H2 200 xfbml.customerchat.js Show response
connect.facebook.net/vi_VN/sdk/ 315 KB
90 KB 67ms
22ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk/xfbml.customerchat.js

Requested by

Host: hstatic.net
URL: https://hstatic.net/harasocial/widget.js?v=1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

86900aeefbc320c6bca8ff1142e13053f622a8d5cb2d52cf1fdca66be9fbb134

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bearmonauth.myharavan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 13:59:50 GMT
content-md5: +dYFm1FgC2VKNE/pYTTLZQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 91138
x-fb-rlafr: 0
x-fb-debug: PeNX9cU9cGFzDz04fQvFY5dkOpp9EAh/qNjaLhBEwA4gCf+m2l2Sk3bXKWFtpjgsJLqwF8sjZPdYiqgOFzlo6A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
x-fb-content-md5: 0fd1a77f648423bddbb442fa2e6c5da6
cross-origin-opener-policy: same-origin-allow-popups
etag: "216981af4eb24c5d489c807a29dd671a"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Wed, 05 Apr 2023 14:05:25 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 4851 32 KB
19 KB 79ms
78ms XHR
application/json 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LdD18MUAAAAAHqKl3Avv8W-tREL6LangePxQLM-

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3ad1818e62b257834de82876fa5603edb96b4cc982b445e4e7f0647302b84c41

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdD18MUAAAAAHqKl3Avv8W-tREL6LangePxQLM-&co=aHR0cHM6Ly9iZWFybW9uYXV0aC5teWhhcmF2YW4uY29tOjQ0Mw..&hl=de&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=bymm0tkcmar
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 05 Apr 2023 13:59:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18924
x-xss-protection: 1; mode=block
expires: Wed, 05 Apr 2023 13:59:50 GMT

GET
H2 200 page.php Show response
www.facebook.com/v12.0/plugins/ Frame D3F6 49 KB
17 KB 217ms
171ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v12.0/plugins/page.php?adapt_container_width=true&app_id=363772567412181&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2907ba87d555f%26domain%3Dbearmonauth.myharavan.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbearmonauth.myharavan.com%252Fff8ba26f691cb%26relation%3Dparent.parent&container_width=335&height=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fharavan.official&locale=vi_VN&sdk=joey&show_facepile=true&show_posts=false&small_header=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk/xfbml.customerchat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6c75a16412ad0f085ee20703869dc8502ba8500f8eb52677a1a13f264317368c

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bearmonauth.myharavan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 13:59:50 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v12.0
origin-agent-cluster: ?0
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: g9D49zZgfzQACV0kMWiq+J95wXMMTp8Logr6fIPq8khaOryAKrCW/GiCD4hjochor0gkcbtHZmit8gAvsoORXA==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 / Show response
socialplugin.facebook.net/new_domain_gating/ 40 B
1 KB 202ms
137ms XHR
application/json 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://socialplugin.facebook.net/new_domain_gating/?endpoint=customerchat&page_id=108520260558644&suppress_http_code=1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk/xfbml.customerchat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cdaab024c0121953419a4a1094ffe2ee9a902df55ee79d792e411bac835b9134

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://bearmonauth.myharavan.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 13:59:50 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: ghy5CB/vwhhS17xxMgJFVmqYIxvE7ObIlm95yATv/oAC2bKA3rATatEW695OHggUBA4fiuO+7p5tjiftid/+xQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/json; charset=utf-8
x-frame-options: DENY
access-control-allow-origin: https://bearmonauth.myharavan.com
origin-agent-cluster: ?0
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
www.facebook.com/plugins/customer_chat/SDK/ 0
2 KB 186ms
140ms XHR
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/customer_chat/SDK/?app_id=363772567412181&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9ee0368b5cbb8%26domain%3Dbearmonauth.myharavan.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbearmonauth.myharavan.com%252Fff8ba26f691cb%26relation%3Dparent.parent&current_url=https%3A%2F%2Fbearmonauth.myharavan.com%2F&event_name=chat_plugin_sdk_facade_create&greeting_dialog_display=hide&is_loaded_by_facade=true&loading_time=0&locale=vi_VN&log_id=5ae9ce20-4bfa-4e00-a3b4-6a57137d919a&page_id=108520260558644&ref=__hrf_w_549923__hrf_rrs_b64_bHM6OmhhcmFzb2NpYWxfbGl2ZWNoYXR8bHU6Omh0dHBzOi8vYmVhcm1vbmF1dGgubXloYXJhdmFuLmNvbS8%3D&request_time=1680703190573&sdk=joey&should_use_new_domain=false&suppress_http_code=1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk/xfbml.customerchat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://bearmonauth.myharavan.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 13:59:50 GMT
document-policy: force-load-at-top
alt-svc: h3=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: hC+cGXHFAU+U28iLjNwI1AqUhlOFpEe+tTnGbS4MoalbBAFd8+X14jFr2voUvp2jGTcBEWwBQSKY6sDBeFUhEw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://bearmonauth.myharavan.com
origin-agent-cluster: ?0
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
www.facebook.com/plugins/customer_chat/facade/ 1 KB
922 B 208ms
164ms XHR
application/json 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/customer_chat/facade/?app_id=363772567412181&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9ee0368b5cbb8%26domain%3Dbearmonauth.myharavan.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbearmonauth.myharavan.com%252Fff8ba26f691cb%26relation%3Dparent.parent&current_url=https%3A%2F%2Fbearmonauth.myharavan.com%2F&greeting_dialog_display=hide&is_loaded_by_facade=true&locale=vi_VN&log_id=5ae9ce20-4bfa-4e00-a3b4-6a57137d919a&page_id=108520260558644&ref=__hrf_w_549923__hrf_rrs_b64_bHM6OmhhcmFzb2NpYWxfbGl2ZWNoYXR8bHU6Omh0dHBzOi8vYmVhcm1vbmF1dGgubXloYXJhdmFuLmNvbS8%3D&request_time=1680703190573&sdk=joey&should_use_new_domain=false&suppress_http_code=1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk/xfbml.customerchat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e4d1c023f59d599e8987a6572987efe4bb9c4057daa02282bbf0060854273a88

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://bearmonauth.myharavan.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Wed, 05 Apr 2023 13:59:50 GMT
document-policy: force-load-at-top
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: VORVJlL2ZRbq/EiX3cMuEzGnuRL/8atGhjmGCcmXCfPtwsjaYtgdN2zu3K3ZMdWFrhv41+hYzmGWLY6TWqARKg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/json; charset=utf-8
x-frame-options: DENY
access-control-allow-origin: https://bearmonauth.myharavan.com
origin-agent-cluster: ?0
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 oAvRVzS4StJ.css
static.xx.fbcdn.net/rsrc.php/v3/y3/l/0,cross/ Frame D3F6 20 KB
5 KB 70ms
22ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y3/l/0,cross/oAvRVzS4StJ.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v12.0/plugins/page.php?adapt_container_width=true&app_id=363772567412181&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2907ba87d555f%26domain%3Dbearmonauth.myharavan.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbearmonauth.myharavan.com%252Fff8ba26f691cb%26relation%3Dparent.parent&container_width=335&height=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fharavan.official&locale=vi_VN&sdk=joey&show_facepile=true&show_posts=false&small_header=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a91751f1f02d78175e9cd38947d12745be0260d4e39ae65b4cb8565428d8f760

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: oCeJCyqik8F1O6E4M3bxdA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5136
x-fb-rlafr: 0
x-fb-debug: 23VAUh6fTwVKs9LUfxuXwLZbM+LuQnUF1mT4+QtQwEuhQbHL8aaNThX38/2jdc+Kay1OwBjXMszTQFdK8ddQ5w==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 03 Apr 2024 17:18:07 GMT

GET
H2 200 k9frVvgZWTr.css
static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/ Frame D3F6 2 KB
1 KB 72ms
24ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/k9frVvgZWTr.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: q6bCky1+00PrRbx3auADnQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 833
x-fb-rlafr: 0
x-fb-debug: qPAwpRVSuQA7RSWOWEceEq8SpmyallbkmdjKdQlAJAPUUuTdxtXosBVXgfyY0Ir1158RacxwwVPc6WSMB5zBtA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 21 Mar 2024 20:52:14 GMT

GET
H2 200 xUCu69_VoIG.css
static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/ Frame D3F6 6 KB
1 KB 70ms
22ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/xUCu69_VoIG.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4d1208447b59f23a0e430d7bcff5fea06650e950e2f5aa6ecf721704ebfae444

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: G4bSvzLG2IH4kVzNTn3U6A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 871
x-fb-rlafr: 0
x-fb-debug: +zlxlZJr6R0ZOvynjE4O4FLnewFdVrZDjmaqWnkfmLh1/eEUQbFtcNOGBN12elF5aVoaKTYkiHBMFYRdwwoPow==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 28 Mar 2024 20:38:24 GMT

GET
H2 200 du3c8SH_B5Y.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame D3F6 300 KB
79 KB 102ms
54ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/du3c8SH_B5Y.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2e741e3e6d08ba44b9f033e6105b520106de2300fa686ebd673d91290badd53e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 68WFfu++q9RPoFVYM8q8wQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 81167
x-fb-rlafr: 0
x-fb-debug: rz30eRM3tiFH0DE5dg6wFKr2mCWYTAzMZvrm+hUiCEOssTWIRJHeVDuOMlDPwmFShPIDDtI7OEgvlechTmOlLw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 03 Apr 2024 00:06:24 GMT

GET
H2 200 GG1Y0sYc7My.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame D3F6 5 KB
2 KB 73ms
25ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8b95825e949e0d6c15b2cea8657756404426fe621d9c187dafb1c7b5133fad87

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: koakLGY1v5R2GWTxsSnA3g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1615
x-fb-rlafr: 0
x-fb-debug: natHaOmId9HgeTpZH7L65wf0rRhzCeWb9uU4cPxBuJEbl1pEv1bczPENHRgcDDezNuf/tBzvoJ+D/x4UkT2mKQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 30 Mar 2024 18:36:52 GMT

GET
H2 200 sN8pzo7zgao.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yC/r/ Frame D3F6 38 KB
12 KB 60ms
25ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yC/r/sN8pzo7zgao.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b1276adca00b19d123d3829d7657445758c774ef42342e8184e844c691af0ef7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: A+MHdwa4tQA5oSoFTbkTkQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12398
x-fb-rlafr: 0
x-fb-debug: Lbt4rASCq3YvC1eJETtTccnPb+1QH7Xy6JoIkulwG3vL4RBwSqSDdbmG+ggLHOogj2zyQY0cuZ5lurPxThDmDQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 30 Mar 2024 00:19:29 GMT

GET
H2 200 x9ob8vCc1UZ.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame D3F6 53 KB
17 KB 60ms
24ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/x9ob8vCc1UZ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d422135203d1e49c401349c8dc9372dfa93398de8c8aa0b191cb202871b05ce7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: x5WYKAb4xvJQC2ZYjHeJ6w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16693
x-fb-rlafr: 0
x-fb-debug: bpFk6J3ls29u/lQS+S2IeHd/iRYqNV5OMyU2P5C2ggcrJdBLC+xBJgq9GNPQtHB+WOB58ZmS5EN2nQluo3U+LA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 30 Mar 2024 00:19:29 GMT

GET
H2 200 UIbhq_otiob.js Show response
static.xx.fbcdn.net/rsrc.php/v3iSa94/yk/l/vi_VN/ Frame D3F6 70 KB
21 KB 80ms
45ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iSa94/yk/l/vi_VN/UIbhq_otiob.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

73c80c38362a57a89af41c341f1eba370351d3f9dd11d5b9314365e8c3e2b75f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: hKM27qAvKWd7Zq52MlPCGw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21075
x-fb-rlafr: 0
x-fb-debug: cEJmcWoTvZAIL18KoexygB8ExGtyMwlM8IXasUTwMKZmVy/iWgjEnR12clzbM3zK90uuky1N/zCM6bDTXOveLA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 28 Mar 2024 20:42:24 GMT

GET
H2 200 gWJhn_1G1cu.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yb/r/ Frame D3F6 13 KB
5 KB 77ms
42ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yb/r/gWJhn_1G1cu.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6704266b2bfce04a8783cfcc06e1d2263474815e1763acca8551fa8fe3cfcc10

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: jCmXrrKuuzUlfKUnE9JBcw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4770
x-fb-rlafr: 0
x-fb-debug: DbN94e2ixC1MBNX0EkTNixMDolEqzuw8G+OVfXHxh3vCKZU7eM+gu5hyszw8urLffbQjg087vwmsFrMwdgHwdg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 04 Apr 2024 04:02:27 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame D3F6 507 B
489 B 89ms
54ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
x-fb-rlafr: 0
x-fb-debug: 5cRKbCHCOVe4S35kXGwCaz6924L+aXN74mW0XpqgwDqmrGH8HC+TWj3+PaiwHcclofsvLhL+sh+HkGCEPrzk3Q==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 21 Mar 2024 19:28:04 GMT

GET
H2 200 328038501_552745489992362_5781692654716605436_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame D3F6 17 KB
18 KB 21ms
21ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-6/328038501_552745489992362_5781692654716605436_n.jpg?stp=dst-jpg_s350x350&_nc_cat=105&ccb=1-7&_nc_sid=dd9801&_nc_ohc=Xurdp9k4hgEAX8NE8ZQ&_nc_ht=scontent.xx&edm=ALIZrNsEAAAA&oh=00_AfD9ZdJP-8ovfhCM0jnL8JoMpg3yF29Nzert7KcYvgW97g&oe=64325B0C
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v12.0/plugins/page.php?adapt_container_width=true&app_id=363772567412181&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2907ba87d555f%26domain%3Dbearmonauth.myharavan.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbearmonauth.myharavan.com%252Fff8ba26f691cb%26relation%3Dparent.parent&container_width=335&height=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fharavan.official&locale=vi_VN&sdk=joey&show_facepile=true&show_posts=false&small_header=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: b2d79a3579939f50a9c51c0e9499907b0ed4ad52274c9bffd70bd764102a53c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-haystack-needlechecksum: 1654114361
date: Wed, 05 Apr 2023 13:59:50 GMT
x-fb-trip-id: 686109401
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Fri, 03 Mar 2023 07:35:23 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3291824980
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3542424772
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 17793

GET
H2 200 12122825_740319142768787_1875715644858830276_n.png
scontent.fhan2-3.fna.fbcdn.net/v/t1.18169-1/ Frame D3F6 3 KB
3 KB 840ms
310ms Image
image/png 2405:4800:105:4:face:b00c:0:a7
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.fhan2-3.fna.fbcdn.net/v/t1.18169-1/12122825_740319142768787_1875715644858830276_n.png?stp=cp0_dst-png_p50x50&_nc_cat=101&ccb=1-7&_nc_sid=751413&_nc_ohc=oJTNckZHDVgAX_rthkX&_nc_ht=scontent.fhan2-3.fna&oh=00_AfC3BbcGO3MptImBEpdtShUxCajvalJkbsYqACiKjDsLJg&oe=6454DCC8
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v12.0/plugins/page.php?adapt_container_width=true&app_id=363772567412181&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2907ba87d555f%26domain%3Dbearmonauth.myharavan.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbearmonauth.myharavan.com%252Fff8ba26f691cb%26relation%3Dparent.parent&container_width=335&height=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fharavan.official&locale=vi_VN&sdk=joey&show_facepile=true&show_posts=false&small_header=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2405:4800:105:4:face:b00c:0:a7 , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: /
Resource Hash: d2cbd7d75a9592cb77dd6e5cd3e48b46edb98e183c3db615ee08c9ea9a3f0009

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-haystack-needlechecksum: 2954597466
date: Wed, 05 Apr 2023 13:59:51 GMT
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Fri, 16 Oct 2015 03:46:02 GMT
content-type: image/png
access-control-allow-origin: *
content-digest: adler32=1760507841
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2148837469
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 2750

GET
H3 200 qGoWo6gBwwP.png
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ Frame D3F6 3 KB
3 KB 50ms
23ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/qGoWo6gBwwP.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/xUCu69_VoIG.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

66efeaacbd90eba053bda6c0f17599873a6d2023a9408bd9ad2d414cf9813444

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/xUCu69_VoIG.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:50 GMT
x-content-type-options: nosniff
content-md5: iN31dShDArRt9ZikrDb13w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2616
x-fb-rlafr: 0
x-fb-debug: 3pkKIbbEkvXpzbspox/dAhJ4aB5WCxGKNmTO1/Fs6c4QZFWaBekuqjAQOiKYL+ZakCB3eDnwau10B2B7vODAeg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1,i
expires: Thu, 28 Mar 2024 03:52:18 GMT

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame D3F6 573 B
628 B 48ms
23ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y3/l/0,cross/oAvRVzS4StJ.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y3/l/0,cross/oAvRVzS4StJ.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:50 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
x-fb-rlafr: 0
x-fb-debug: PdWxn4LDHT2+/IeL+C3AuHmyfTTDtNA3nsgyMTyzcwv9PGBEMC4pSWFn847CTKozF86vgsM1uEMnmqBDxlp0JA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1,i
expires: Fri, 29 Mar 2024 00:31:26 GMT

GET
H2 200 Wtl6tMxz2hH.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y-/r/ Frame D3F6 27 KB
9 KB 22ms
22ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y-/r/Wtl6tMxz2hH.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/du3c8SH_B5Y.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d2429dfbe741449bf01449b46bbf212b18f464038995e771ca9a4bb1e0925610

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: zreoT9hZjaMMYMRJ1AEzzg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8978
x-fb-rlafr: 0
x-fb-debug: 1uXlWrfplN9Lj3K6bHfMJf22G1xYkhTaVWFGvxemQuo+2BGqvu4I+KmD9B3GdFtOuUkpWfS5beTX7GFe0Ppx6w==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 27 Mar 2024 11:05:56 GMT

GET
H2 200 / Show response
www.facebook.com/plugins/customer_chat/SDK/ 0
123 B 131ms
130ms XHR
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/customer_chat/SDK/?app_id=363772567412181&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9ee0368b5cbb8%26domain%3Dbearmonauth.myharavan.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbearmonauth.myharavan.com%252Fff8ba26f691cb%26relation%3Dparent.parent&current_url=https%3A%2F%2Fbearmonauth.myharavan.com%2F&event_name=chat_plugin_sdk_facade_load&greeting_dialog_display=hide&is_loaded_by_facade=true&loading_time=214&locale=vi_VN&log_id=5ae9ce20-4bfa-4e00-a3b4-6a57137d919a&page_id=108520260558644&ref=__hrf_w_549923__hrf_rrs_b64_bHM6OmhhcmFzb2NpYWxfbGl2ZWNoYXR8bHU6Omh0dHBzOi8vYmVhcm1vbmF1dGgubXloYXJhdmFuLmNvbS8%3D&request_time=1680703190787&sdk=joey&should_use_new_domain=false&suppress_http_code=1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk/xfbml.customerchat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://bearmonauth.myharavan.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 13:59:50 GMT
document-policy: force-load-at-top
alt-svc: h3=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: ydeVgcDCWqypm7HPBWI2boG0FuaKNH5YVGsDLhKfBBXknBp9FxEuJKqtbvvZcSIsRlMu2dbNlZRhYCtKzYS14A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://bearmonauth.myharavan.com
origin-agent-cluster: ?0
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 bannerpopup-bkg_15bc9d9a882d42139e18f88ccb427ca9.jpg
file.hstatic.net/1000300454/file/ 31 KB
31 KB 234ms
234ms Image
image/webp 2606:4700:10::ac43:ebf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.hstatic.net/1000300454/file/bannerpopup-bkg_15bc9d9a882d42139e18f88ccb427ca9.jpg
Requested by: Host: theme.hstatic.net
URL: https://theme.hstatic.net/200000696195/1001033798/14/styles.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 192353fb8bc1a9894c936f488b7b0acb3f0f805ffa601b81a663120ec261a876

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theme.hstatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 13:59:54 GMT
via: 1.1 google
cf-cache-status: HIT
x-requestid: 0HMJEEUKJBV3C:00001F23
cf-polished: qual=85, origFmt=jpeg, origSize=51804
x-envoy-upstream-service-time: 69
content-disposition: inline; filename="bannerpopup-bkg_15bc9d9a882d42139e18f88ccb427ca9.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31672
cf-bgj: imgq:85,h2pri
last-modified: Thu, 13 Feb 2020 11:00:08 GMT
server: cloudflare
etag: "c24db7c5b9cc5a25cae57e3de747bd0e"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b3250738e0530cc-FRA
expires: Tue, 26 Jul 2022 05:06:14 GMT

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 15:10:55	Name: _GRECAPTCHA Value: 09AHugmmd0GXNSM8GN3kd60owKsDVTi2tTcmUdJWIz4oHoeArXWSw6K3rfRtnoVcwRtgGvLGp_y69YTYugn_fjpZM
bearmonauth.myharavan.com/	1970-01-20 11:27:07	Name: _landing_page Value: %252F
bearmonauth.myharavan.com/	1970-01-20 11:27:07	Name: _orig_referer Value:
bearmonauth.myharavan.com/	1970-01-20 11:27:07	Name: shop_ref Value:

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'self' https://*.haravan.com; upgrade-insecure-requests
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.harasocial.com
assets.harafunnel.com
bearmonauth.com
bearmonauth.myharavan.com
connect.facebook.net
file.hstatic.net
fonts.googleapis.com
fonts.gstatic.com
hstatic.net
scontent.fhan2-3.fna.fbcdn.net
scontent.xx.fbcdn.net
socialplugin.facebook.net
static.xx.fbcdn.net
stats.hstatic.net
theme.hstatic.net
www.facebook.com
www.google.com
www.gstatic.com
103.154.102.1
2405:4800:105:4:face:b00c:0:a7
2606:4700:10::ac43:ebf
2606:4700:3033::6815:206a
2606:4700:3038::6815:ea26
2a00:1450:4001:811::2003
2a00:1450:4001:812::200a
2a00:1450:4001:829::2003
2a00:1450:4001:831::2004
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a06:98c1:3121::3
02fb03a90ba8e768848eccdace513b8d3a36a2c29b5497a2b43662b09dd59eed
05f34536a3a5164f433b3fd15064bcd645e362b35e7be049ec5f16e87cbd3296
0b2081076dc85b42ad34b5ddf6d4f95741efc8727da7f044c3b925f08aee4efd
105ca077d5b5a91c7c590a9e2b637489c6782a32c61d5ab7ff7c5356aa8d7fa4
10a60618b0d1d6c9069508100ee09b3f03eff31d5c2b2cdce12224466f131eb6
16ba761512991e942f20ec0881b7f67ba8ba465af63ea9f9b3ff90bc3a23a114
192353fb8bc1a9894c936f488b7b0acb3f0f805ffa601b81a663120ec261a876
19aae15688157b49540a52f9edb81b35037782cc1c93615351e0b7881208a362
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d004c34d4d336590062a24ddf11b592132d9b878c9980c356ef2e12726cf783
1d0e7de3506e65802186212c4485642c73bc3f43495e4ae363dac9908e76f199
2e741e3e6d08ba44b9f033e6105b520106de2300fa686ebd673d91290badd53e
2e881def1372246e024cc6bb1df05dac69e3f1baaa46dcec15770bddd8430e19
2edbe09d1cd71bab5bd2fa94f7b65aced9567cbaa3fc688630a3a4bb5704c674
3ad1818e62b257834de82876fa5603edb96b4cc982b445e4e7f0647302b84c41
3bcdff45d38657e7ae635fdb8bb903d4e1b5a010cf05f39955f6a45c994382c3
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40441fdbf624a824049ea6e64719f284b41e670f729d0b0d6251561329e3bdc4
4300f8b2fe7c4584f81acd4797abeab846f74378ef6d7d6420f6e6fe95b2dd9f
4c0af2189c901519861c5b7f3c869d7c0b070d03e52b4a06c9855e6f9f4a7aa5
4d1208447b59f23a0e430d7bcff5fea06650e950e2f5aa6ecf721704ebfae444
4e7e2f155ff8b5f7ca9a40794f08b6dd0e07e4c2cb099ac30ae1d332f67b697c
4f3e2ca21a3e030e50abd661916c10060a26b250d36334f5b31e95d5db57ea35
4f5b3cda30718c74f75bcb0c5deaa01dbfe9cc231fc242b31eee9f8e7cf14fa9
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5eeebeac1fee158e91552b54fd08b8d3db120dbe80ed09075135fa760415a3ba
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
66efeaacbd90eba053bda6c0f17599873a6d2023a9408bd9ad2d414cf9813444
6704266b2bfce04a8783cfcc06e1d2263474815e1763acca8551fa8fe3cfcc10
6c0f5cc343b8d3bd4358d6d993877e4ef4c6f230ea7f56034ceb32e994b4a4fc
6c75a16412ad0f085ee20703869dc8502ba8500f8eb52677a1a13f264317368c
73c80c38362a57a89af41c341f1eba370351d3f9dd11d5b9314365e8c3e2b75f
758f2b1a9da1d5f90933b7400b10348c65c1d7a86f6408b5e3df43367c76fe11
7f7ec45c9a1aaa3477cc44854b02a337a98f2b2eae4315812ca5ae6a0f70ee5b
854d70c7852b8e06e808bff5840588755ffcdb50934307fc75ef6aa929554032
86900aeefbc320c6bca8ff1142e13053f622a8d5cb2d52cf1fdca66be9fbb134
8731e2e27266b75ed3b9254a22b64cd81f42ff58d21ef5bddc4ebb5a9119e59f
8869e934593472f09a542ff1e1643c188fd850b37591919759113671e5e1ebbb
8b166007d6f54c33b3ea10ea23572bc3166f55f365840d3cbd6ef7b5dcf6674e
8b95825e949e0d6c15b2cea8657756404426fe621d9c187dafb1c7b5133fad87
905749f258a2caaa92b915686b2aba91980c08e5684bffda40ea26d52d066250
9369cf7cc91b293dfc4c3064c937d047e9945abeabe914df92aa3b6b3d5b2b40
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
96dc8bdbf12f13ee666cc41e04b50457dcccfe4545f31f161d963df0febcd198
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
9703f2e536bf78fd684237075833c27d513041955f2e3e61745ae6060dba9cbd
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
a044e0275aec72e8e6f87454ab69b553e881ef204ff18e4d2070f3c7e552cfa6
a75a3290dd8f89161f0eac9abb5545bda0002acf471ad88d17209eb15590992d
a91751f1f02d78175e9cd38947d12745be0260d4e39ae65b4cb8565428d8f760
af4de592faf404e27774367e4cf11b055aa6b338d80ee1d50d22f573339875c1
b1276adca00b19d123d3829d7657445758c774ef42342e8184e844c691af0ef7
b2d79a3579939f50a9c51c0e9499907b0ed4ad52274c9bffd70bd764102a53c6
b43559d51a6bd0496894ae4922185439a22c46ae924f282e7240bc25bb76e77a
b8d4438ded1b56de667eecc51028f5242c94b1e3ab73d4e23c11330db7c9a2ba
ca773b15bef0cafa2ecf159fb8ea0c0fe64cec322105b3faa3d5aaf8b5536bf5
cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b
cd07fe3adbe6e3b2ccdb8ca11abc2227f758eb80649610c24ad268efbe046db7
cd45e08105d39663f3f8125b5d7df24e777d51cfd38c41eafb542da7832ce461
cdaab024c0121953419a4a1094ffe2ee9a902df55ee79d792e411bac835b9134
ce97cedeaa09854c646a537c9c6f6453df08db3a7716c6cf256d92922855f718
cf820fca094620ecf3b9c2464b509ab88c6e908b48268cd6cc845f74443c4a0c
d2429dfbe741449bf01449b46bbf212b18f464038995e771ca9a4bb1e0925610
d2cbd7d75a9592cb77dd6e5cd3e48b46edb98e183c3db615ee08c9ea9a3f0009
d422135203d1e49c401349c8dc9372dfa93398de8c8aa0b191cb202871b05ce7
e286f6dc09bf19f49fa6fcf09a9718915ea7e1e1f087a437dc04dd33c44e3ff9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d1c023f59d599e8987a6572987efe4bb9c4057daa02282bbf0060854273a88
e7bab8fd879d6514b69eef1ec2095bc24200c440f3d1196826cc179f2573cc30
f4f893bcb8b1b78aa46acec20afb830e291da6c73855330a32f12a61dce12bfe
f5095656dbf4e6253aed4af0ec4d89e4107b150781131d93e11467a7a39797f3
fd0696ea5d7cd294b7921ddb1b74a7a89de7ff7eedf8cda7ada92ef045004e9f
feb9f79c7a2abfeb0efaec612d88e3d6c7760b2426c259ea6fa531dc4dccb320

bearmonauth.myharavan.com Open in urlscan Pro 103.154.102.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

93 Requests

99 %HTTPS

92 %IPv6

11 Domains

18 Subdomains

12 IPs

3 Countries

2333 kBTransfer

5090 kBSize

4 Cookies

4 Outgoing links

Page URL History

Redirected requests

93 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bearmonauth.myharavan.com Open in urlscan Pro
103.154.102.1 Public Scan

Screenshot
Live screenshot

Full Image

93
Requests

99 %
HTTPS

92 %
IPv6

11
Domains

18
Subdomains

12
IPs

3
Countries

2333 kB
Transfer

5090 kB
Size

4
Cookies

93 HTTP transactions
1 data transactions