raovat.4umer.com Open in urlscan Pro
178.33.44.177 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://raovat.4umer.com/t159447-topic
Submission: On October 30 via manual (October 30th 2019, 11:59:08 am UTC) from VN

Summary HTTP 117 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 36 IPs in 7 countries across 30 domains to perform 117 HTTP transactions. The main IP is 178.33.44.177, located in France and belongs to OVH, FR. The main domain is raovat.4umer.com.

This is the only time raovat.4umer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	178.33.44.177 178.33.44.177	16276 (OVH) (OVH)
1	151.139.237.11 151.139.237.11	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
12	2606:4700:e2:... 2606:4700:e2::ac40:8a18	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	178.250.0.130 178.250.0.130	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:4001:81e::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700:30:... 2606:4700:30::681b:8de7	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	151.101.112.193 151.101.112.193	54113 (FASTLY) (FASTLY - Fastly)
1	178.33.43.178 178.33.43.178	16276 (OVH) (OVH)
8	2606:4700:30:... 2606:4700:30::6812:3807	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700:30:... 2606:4700:30::6818:787c	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	151.139.242.29 151.139.242.29	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
3	2a00:1450:400... 2a00:1450:4001:824::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 4	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	151.101.114.2 151.101.114.2	54113 (FASTLY) (FASTLY - Fastly)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
9	2a00:1450:400... 2a00:1450:4001:815::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700:30:... 2606:4700:30::6812:3907	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
8	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:400c:c0b::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
10	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE - Google LLC)
1 3	2.16.186.51 2.16.186.51	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700::68... 2606:4700::6810:a40d	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
9	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
6	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
2 6	99.80.15.126 99.80.15.126	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2600:9000:200... 2600:9000:200d:400:1f:287:d20a:ce1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	216.52.2.19 216.52.2.19	29791 (VOXEL-DOT...) (VOXEL-DOT-NET - Internap Corporation)
2	2600:9000:204... 2600:9000:2043:3c00:5:ae3a:ba00:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2600:9000:200... 2600:9000:200c:d200:5:9a4c:9b00:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
117	36

8 178.33.44.177 (France) 1 redirects

ASN16276 (OVH, FR)

raovat.4umer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.237.11 (Dallas, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

cdn.rawgit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:e2::ac40:8a18 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

illiweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681b:8de7 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

2img.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.112.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.33.43.178 (France)

ASN16276 (OVH, FR)

raovat.tuoitrevn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:30::6812:3807 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

i.servimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::6818:787c (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

hitsk.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.242.29 (Dallas, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::6812:3907 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

i97.servimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.16.130 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s46-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.186.51 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-51.deploy.static.akamaitechnologies.com

b.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:a40d (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 99.80.15.126 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-99-80-15-126.eu-west-1.compute.amazonaws.com

api.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:200d:400:1f:287:d20a:ce1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.19 (United States) 1 redirects

ASN29791 (VOXEL-DOT-NET - Internap Corporation, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2043:3c00:5:ae3a:ba00:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:200c:d200:5:9a4c:9b00:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

beacon.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	illiweb.com illiweb.com	44 KB
11	doubleclick.net 1 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net	297 KB
10	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	42 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	168 KB
9	viglink.com 2 redirects cdn.viglink.com api.viglink.com	33 KB
9	servimg.com i.servimg.com i97.servimg.com	52 KB
8	4umer.com 1 redirects raovat.4umer.com	165 KB
6	ampproject.org cdn.ampproject.org	136 KB
5	googletagservices.com www.googletagservices.com	102 KB
4	s-onetag.com get.s-onetag.com onetag-geo.s-onetag.com beacon.s-onetag.com	22 KB
4	google.de www.google.de adservice.google.de	1 KB
4	google-analytics.com 1 redirects www.google-analytics.com	35 KB
4	imgur.com i.imgur.com	18 KB
3	scorecardresearch.com 1 redirects b.scorecardresearch.com	2 KB
3	googleapis.com fonts.googleapis.com	3 KB
3	criteo.net static.criteo.net	27 KB
2	lijit.com 1 redirects ce.lijit.com	1 KB
2	facebook.net connect.facebook.net	61 KB
2	taboola.com cdn.taboola.com	130 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	83 KB
2	dmca.com images.dmca.com	4 KB
2	google.com 1 redirects www.google.com	1 KB
1	facebook.com staticxx.facebook.com
1	criteo.com bidder.criteo.com	145 B
1	hitsk.in hitsk.in	1016 B
1	tuoitrevn.net raovat.tuoitrevn.net	27 KB
1	2img.net 2img.net	38 KB
1	googletagmanager.com www.googletagmanager.com	28 KB
1	jquery.com code.jquery.com	32 KB
1	rawgit.com cdn.rawgit.com	7 KB
117	30

	Domain	Requested by
12	illiweb.com	raovat.4umer.com code.jquery.com
10	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net raovat.4umer.com
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net raovat.4umer.com
9	fonts.gstatic.com	static.criteo.net raovat.4umer.com
8	i.servimg.com	raovat.4umer.com
8	raovat.4umer.com	1 redirects raovat.4umer.com code.jquery.com
6	api.viglink.com	2 redirects cdn.viglink.com
6	cdn.ampproject.org	securepubads.g.doubleclick.net
5	www.googletagservices.com	raovat.4umer.com securepubads.g.doubleclick.net
4	www.google-analytics.com	1 redirects www.googletagmanager.com raovat.4umer.com
4	i.imgur.com	raovat.4umer.com static.criteo.net
3	cdn.viglink.com	raovat.4umer.com
3	b.scorecardresearch.com	1 redirects cdn.taboola.com raovat.4umer.com
3	adservice.google.de	www.googletagservices.com
3	fonts.googleapis.com	raovat.4umer.com code.jquery.com securepubads.g.doubleclick.net
3	static.criteo.net	raovat.4umer.com
2	onetag-geo.s-onetag.com	get.s-onetag.com beacon.s-onetag.com
2	ce.lijit.com	1 redirects
2	connect.facebook.net	raovat.4umer.com connect.facebook.net
2	cdn.taboola.com	raovat.4umer.com cdn.taboola.com
2	maxcdn.bootstrapcdn.com	raovat.4umer.com
2	images.dmca.com	raovat.4umer.com
2	www.google.com	1 redirects raovat.4umer.com
1	pagead2.googlesyndication.com
1	beacon.s-onetag.com	get.s-onetag.com
1	get.s-onetag.com
1	staticxx.facebook.com	connect.facebook.net
1	www.google.de	raovat.4umer.com
1	stats.g.doubleclick.net	1 redirects
1	i97.servimg.com	raovat.4umer.com
1	www.gstatic.com	www.google.com
1	bidder.criteo.com	static.criteo.net
1	hitsk.in	raovat.4umer.com
1	raovat.tuoitrevn.net	raovat.4umer.com
1	2img.net	raovat.4umer.com
1	www.googletagmanager.com	raovat.4umer.com
1	code.jquery.com	raovat.4umer.com
1	cdn.rawgit.com	raovat.4umer.com
117	38

This site contains links to these domains. Also see Links.

Domain
www.forumotion.com
raovat.tuoitrevn.net
hocluat.vn
timthosuakhoa.com
www.nhadatdongnai.co
www.canhointella.com
goo.gl
thokhoahanoi.com
hutbephotvietnam.com
thosuacua.com
www.tuoitrevn.net
www.dmca.com
www.thoang.net
www.forumvi.com
help.forumotion.com

Subject Issuer	Validity	Valid
rawgit.com COMODO RSA Domain Validation Secure Server CA	`2018-12-29` - `2020-01-13`	a year	crt.sh
illiweb.com CloudFlare Inc ECC CA-2	`2019-09-17` - `2020-09-16`	a year	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2019-03-26` - `2020-03-30`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
www.google.com GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
2img.net CloudFlare Inc ECC CA-2	`2019-01-04` - `2020-01-04`	a year	crt.sh
*.imgur.com DigiCert SHA2 Secure Server CA	`2018-12-14` - `2020-02-12`	a year	crt.sh
servimg.com CloudFlare Inc ECC CA-2	`2019-09-18` - `2020-09-17`	a year	crt.sh
sni165043.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-09-28` - `2020-04-05`	6 months	crt.sh
*.googleapis.com GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2019-03-28` - `2020-04-01`	a year	crt.sh
*.google.com GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-09-22` - `2019-12-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
www.google.de GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
*.s-onetag.com Amazon	`2019-06-25` - `2020-07-25`	a year	crt.sh

This page contains 8 frames:

Primary Page: http://raovat.4umer.com/t159447-topic
Frame ID: 0AEC42197103EB710CCEEE6585930819
Requests: 79 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: B86B17FFFDE4E481DDD21CFF0C618A94
Requests: 7 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 112F98C47402DE603BE4D57FC6260545
Requests: 7 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 31DFD2E87688E291AF1AAA7190F2E32A
Requests: 7 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 8440BB01C227A237A45297CC511D13AA
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011910071804120/amp4ads-v0.js
Frame ID: F6F82FFF2F2A3F10F3D765D0FA6D57FF
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html?n=1
Frame ID: 0C3925461B5FBAACCE14AEE77971E157
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html?n=1
Frame ID: 10CE8B5DBDBD1D8DCBE2266A2288C411
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

VigLink (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:^[^\/]*\/\/[^\/]*viglink\.com\/api\/|vglnk\.js)/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

117
Requests

74 %
HTTPS

67 %
IPv6

30
Domains

38
Subdomains

36
IPs

7
Countries

1556 kB
Transfer

4111 kB
Size

1
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://www.forumotion.com/

Search URL Search Domain Scan URL

URL: http://raovat.tuoitrevn.net/

Search URL Search Domain Scan URL

URL: https://hocluat.vn/
Title: Học luật trực tuyến

Search URL Search Domain Scan URL

URL: https://timthosuakhoa.com/
Title: Tìm Thợ Sửa Khóa

Search URL Search Domain Scan URL

URL: https://www.nhadatdongnai.co/

Search URL Search Domain Scan URL

URL: https://www.canhointella.com/

Search URL Search Domain Scan URL

URL: http://goo.gl/9RaOAl

Search URL Search Domain Scan URL

URL: https://thokhoahanoi.com/
Title: Thợ mở khóa tại nhà 100k

Search URL Search Domain Scan URL

URL: https://hutbephotvietnam.com/
Title: Thuê Hút bể phốt Trọn gói

Search URL Search Domain Scan URL

URL: http://thosuacua.com/
Title: Thợ sửa cửa Phương Đông

Search URL Search Domain Scan URL

URL: https://hocluat.vn/danh-sach-cac-cong-ty-luat-van-phong-luat-su-tai-hai-duong/
Title: Văn phòng luật sư ở Hải Dương

Search URL Search Domain Scan URL

URL: https://hocluat.vn/danh-sach-cac-cong-ty-luat-van-phong-luat-su-tai-hai-phong/
Title: Văn phòng luật sư ở Hải Phòng

Search URL Search Domain Scan URL

URL: http://www.tuoitrevn.net/sitemap.xml
Title: XML Sitemaps Generator

Search URL Search Domain Scan URL

URL: http://www.dmca.com/Protection/Status.aspx?ID=1ac35e80-a59b-49c5-8442-8103d887d699&refurl=http://raovat.4umer.com/t159447-topic
Title:

Search URL Search Domain Scan URL

URL: http://www.tuoitrevn.net/
Title: Tuổi trẻ Việt Nam online

Search URL Search Domain Scan URL

URL: http://www.thoang.net/
Title: Thoang Net

Search URL Search Domain Scan URL

URL: http://www.forumvi.com/
Title: Create a forum on Forumotion

Search URL Search Domain Scan URL

URL: https://www.forumvi.com/phpbb
Title: phpBB

Search URL Search Domain Scan URL

URL: https://help.forumotion.com/
Title: Free forum support

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

http://raovat.4umer.com/11971.js HTTP 301
http://raovat.4umer.com/11128.js

Request Chain 41

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 42

http://connect.facebook.net/vi_VN/sdk.js HTTP 307
https://connect.facebook.net/vi_VN/sdk.js

Request Chain 57

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1786104419&t=pageview&_s=1&dl=http%3A%2F%2Fraovat.4umer.com%2Ft159447-topic&ul=en-us&de=UTF-8&dt=Di%E1%BB%85n%20%C4%91%C3%A0n%20b%E1%BA%A5t%20%C4%91%E1%BB%99ng%20s%E1%BA%A3n%3A%20Ti%E1%BA%BFn%20L%E1%BB%99c%20Garden&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1393534921&gjid=601719093&cid=69928151.1572436732&tid=UA-144337024-1&_gid=1602952076.1572436732&_r=1&gtm=2ouaa0&z=1207165804 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-144337024-1&cid=69928151.1572436732&jid=1393534921&_gid=1602952076.1572436732&gjid=601719093&_v=j79&z=1207165804 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144337024-1&cid=69928151.1572436732&jid=1393534921&_v=j79&z=1207165804 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144337024-1&cid=69928151.1572436732&jid=1393534921&_v=j79&z=1207165804&slf_rd=1&random=3907144891

Request Chain 60

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=149962146&utmhn=raovat.4umer.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Di%E1%BB%85n%20%C4%91%C3%A0n%20b%E1%BA%A5t%20%C4%91%E1%BB%99ng%20s%E1%BA%A3n%3A%20Ti%E1%BA%BFn%20L%E1%BB%99c%20Garden&utmhid=1786104419&utmr=-&utmp=%2Ft159447-topic&utmht=1572436731835&utmac=UA-87786621-1&utmcc=__utma%3D84484378.69928151.1572436732.1572436732.1572436732.1%3B%2B__utmz%3D84484378.1572436732.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=646960405&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=149962146&utmhn=raovat.4umer.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Di%E1%BB%85n%20%C4%91%C3%A0n%20b%E1%BA%A5t%20%C4%91%E1%BB%99ng%20s%E1%BA%A3n%3A%20Ti%E1%BA%BFn%20L%E1%BB%99c%20Garden&utmhid=1786104419&utmr=-&utmp=%2Ft159447-topic&utmht=1572436731835&utmac=UA-87786621-1&utmcc=__utma%3D84484378.69928151.1572436732.1572436732.1572436732.1%3B%2B__utmz%3D84484378.1572436732.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=646960405&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~

Request Chain 75

http://b.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1572436731967&ns_c=UTF-8&cv=3.1&c8=Di%E1%BB%85n%20%C4%91%C3%A0n%20b%E1%BA%A5t%20%C4%91%E1%BB%99ng%20s%E1%BA%A3n%3A%20Ti%E1%BA%BFn%20L%E1%BB%99c%20Garden&c7=http%3A%2F%2Fraovat.4umer.com%2Ft159447-topic&c9= HTTP 302
http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1572436731967&ns_c=UTF-8&cv=3.1&c8=Di%E1%BB%85n%20%C4%91%C3%A0n%20b%E1%BA%A5t%20%C4%91%E1%BB%99ng%20s%E1%BA%A3n%3A%20Ti%E1%BA%BFn%20L%E1%BB%99c%20Garden&c7=http%3A%2F%2Fraovat.4umer.com%2Ft159447-topic&c9=

Request Chain 109

http://api.viglink.com/api/sync.js?key=9019de09e2fbd24ca1be00a9fededd9e HTTP 302
http://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js

Request Chain 110

http://api.viglink.com/api/sync.gif?key=9019de09e2fbd24ca1be00a9fededd9e HTTP 302
http://ce.lijit.com/merge?pid=8008&3pid=284501e81b47f6d2e68f44a08d01734a HTTP 302
http://ce.lijit.com/merge?pid=8008&3pid=284501e81b47f6d2e68f44a08d01734a&dnr=1

117 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request t159447-topic Show response
raovat.4umer.com/ 73 KB
21 KB 167ms
153ms Document
text/html 178.33.44.177
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://raovat.4umer.com/t159447-topic

Protocol

HTTP/1.1

Server

178.33.44.177 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

509883d5c1ddb5340d343f304ef51848c6787dada3433153c6cf2cb97315dd19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Host: raovat.4umer.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Wed, 30 Oct 2019 11:58:51 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache
Pragma: no-cache
Expires: Wed, 30 Oct 2019 00:00:00 GMT
Last-Modified: Wed, 30 Oct 2019 11:58:51 GMT
Vary: User-Agent
X-Content-Type-Options: nosniff
X-XSS-Protection: 1
Access-Control-Allow-Origin: *
X-Cache-FS: MISS
Content-Encoding: gzip

GET
H/1.1 200
OK 2-ltr.css
raovat.4umer.com/ 198 KB
68 KB 80ms
66ms Stylesheet
text/css 178.33.44.177
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://raovat.4umer.com/2-ltr.css

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

HTTP/1.1

Server

178.33.44.177 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

031d5c793b10392a1e6e8d5ca80f0b6988bc773a1debb79d277ebed917e92cbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Wed, 30 Oct 2019 11:58:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 29 Oct 2019 00:00:00 GMT
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Content-Length: 68866
X-XSS-Protection: 1
X-Cache-MA: HIT
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 4rv1.05.css
cdn.rawgit.com/tuoitrevn/forum/master/ 27 KB
7 KB 107ms
75ms Stylesheet
text/css 151.139.237.11
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rawgit.com/tuoitrevn/forum/master/4rv1.05.css

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.237.11 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

NetDNA-cache/2.2 /

Resource Hash

4895ea123004a86ed0195e733b973aac213b6ef43487b706a3cda470b32d2322

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload, max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 79306
x-cache: EXPIRED
status: 200
vary: Accept-Encoding
rawgit-cache-status: MISS
x-robots-tag: none
content-type: text/css;charset=utf-8
server: NetDNA-cache/2.2
etag: W/"ee459546137da89a2fe14d35b6009495ac32a28bb9a74cc9319b077d6207ee05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; preload, max-age=31536000; preload
sunset: Tue, 01 Oct 2019 00:00:00 GMT
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 52dd3843fd24dbdb-LHR
link: <https://rawgit.com/>; rel="sunset"; title="RawGit will soon shut down. Please stop using it."

GET
H/1.1 200
OK jquery-1.9.1.min.js Show response
code.jquery.com/ 90 KB
32 KB 13ms
6ms Script
application/javascript 2001:4de0:ac19::1:b:2b
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://code.jquery.com/jquery-1.9.1.min.js
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Wed, 30 Oct 2019 11:58:51 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Oct 2014 00:16:07 GMT
Server: nginx
ETag: W/"54499a47-169d5"
Vary: Accept-Encoding
X-HW: 1572436731.dop103.fr8.t,1572436731.cds018.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 32772

GET
H2 200 vi.js Show response
illiweb.com/rs3/54/frm/lang/ 69 KB
16 KB 60ms
19ms Script
application/x-javascript 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/54/frm/lang/vi.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

92eb11ef280d3b2c4470baec029bd1db7da3a35b6b453183422e25da3b92a087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 77680
cf-polished: origSize=71154
status: 200
x-xss-protection: 1; mode=block
x-cache-ne: EXPIRED
last-modified: Tue, 29 Oct 2019 14:00:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
expires: Wed, 28 Oct 2020 14:24:11 GMT
cache-control: private, max-age=31536000
x-cache-pr: EXPIRED
cf-ray: 52dd3843b9c0d715-FRA
cf-bgj: minify

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 87 KB
27 KB 53ms
17ms Script
text/javascript 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 56afc6a63fa0f0ab9bc9fcd3540807ac1096124e3b91ca8aea1cd27d0aa80ded

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:51 GMT
content-encoding: gzip
last-modified: Mon, 14 Oct 2019 12:15:40 GMT
server: nginx
etag: W/"5da466ec-15c4f"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Thu, 31 Oct 2019 11:58:51 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 74 KB
28 KB 30ms
15ms Script
application/javascript 2a00:1450:4001:806::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-144337024-1

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6038afd8284d02f6e1fc06912beff99b1c171a1cfef571bf3f5a3fbc1fd84ab2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:51 GMT
content-encoding: br
last-modified: Wed, 30 Oct 2019 09:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28469
x-xss-protection: 0
expires: Wed, 30 Oct 2019 11:58:51 GMT

GET
H2 200 jquery.cookie.js Show response
illiweb.com/rs3/54/frm/jquery/cookie/ 1011 B
500 B 62ms
21ms Script
application/x-javascript 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/54/frm/jquery/cookie/jquery.cookie.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 498507
status: 200
cf-bgj: minify
x-xss-protection: 1; mode=block
x-cache-ne: MISS
last-modified: Tue, 27 Aug 2019 14:00:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: private, max-age=31536000
x-cache-pr: MISS
cf-ray: 52dd3843b9c2d715-FRA
expires: Fri, 23 Oct 2020 17:30:24 GMT

GET
H2 200 tooltipster.js Show response
illiweb.com/rs3/54/frm/mentions/ 17 KB
5 KB 61ms
20ms Script
application/x-javascript 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/54/frm/mentions/tooltipster.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a56d8fd2c346648167ab574f3be9f54f3a96707aeddcdd3ceabd3ac1201b8057

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 77841
status: 200
cf-bgj: minify
x-xss-protection: 1; mode=block
x-cache-ne: HIT
last-modified: Tue, 27 Aug 2019 14:00:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: private, max-age=31536000
x-cache-pr: HIT
cf-ray: 52dd3843b9c4d715-FRA
expires: Wed, 28 Oct 2020 14:21:30 GMT

GET
H2 200 init.js Show response
illiweb.com/rs3/54/frm/mentions/ 668 B
400 B 56ms
15ms Script
application/x-javascript 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/54/frm/mentions/init.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f54301c324d81a1d069061f8932c853d1ac44fdc77298340743310ec32c4aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 77841
status: 200
cf-bgj: minify
x-xss-protection: 1; mode=block
x-cache-ne: HIT
last-modified: Tue, 27 Aug 2019 14:00:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: private, max-age=31536000
x-cache-pr: HIT
cf-ray: 52dd3843b9c5d715-FRA
expires: Wed, 28 Oct 2020 14:21:30 GMT

GET
H2 200 FAToolbar.js Show response
illiweb.com/rs3/54/frm/jquery/toolbar/ 23 KB
5 KB 56ms
16ms Script
application/x-javascript 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/54/frm/jquery/toolbar/FAToolbar.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

53b50d936fbd0379b43181e53561a665a21e6ea1d1fd50a08b8eeaa0fee06906

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 77841
status: 200
cf-bgj: minify
x-xss-protection: 1; mode=block
x-cache-ne: MISS
last-modified: Tue, 27 Aug 2019 14:00:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: private, max-age=31536000
x-cache-pr: MISS
cf-ray: 52dd3843b9c7d715-FRA
expires: Wed, 28 Oct 2020 14:21:30 GMT

GET
H2 200 tooltipster.css
illiweb.com/rs3/54/frm/mentions/ 6 KB
1 KB 54ms
14ms Stylesheet
text/css 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/54/frm/mentions/tooltipster.css

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d2393ec9a6d20fc58d60f8d9140fd7ccdd709ec1ab00036dce2847901c2ba92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 77841
cf-polished: origSize=6667
status: 200
x-xss-protection: 1; mode=block
x-cache-ne: HIT
last-modified: Tue, 27 Aug 2019 14:00:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
expires: Wed, 28 Oct 2020 14:21:30 GMT
cache-control: private, max-age=31536000
x-cache-pr: HIT
cf-ray: 52dd3843b9bbd715-FRA
cf-bgj: minify

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 729 B
774 B 29ms
16ms Script
text/javascript 2a00:1450:4001:81e::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

01b5f6933f173c3ac3c6f4de6c33116dd032e5657c279a383e1638714b2355ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 464
x-xss-protection: 1; mode=block
expires: Wed, 30 Oct 2019 11:58:51 GMT

GET
H/1.1 200
OK / Show response
raovat.4umer.com/ 168 KB
36 KB 178ms
165ms Script
text/html 178.33.44.177
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://raovat.4umer.com/

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

HTTP/1.1

Server

178.33.44.177 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

fbbc929d969034e2fcd28f903fd53a9759a465f213b2490e0a8a8486546b1f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Oct 2019 11:58:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Oct 2019 11:58:51 GMT
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Vary: User-Agent
X-Cache-FS: EXPIRED
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
X-XSS-Protection: 1
Expires: Wed, 30 Oct 2019 00:00:00 GMT

GET
H2 200 An5Xcra.png
2img.net/h/i.imgur.com/ 37 KB
38 KB 79ms
24ms Image
image/png 2606:4700:30::681b:8de7
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/h/i.imgur.com/An5Xcra.png

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681b:8de7 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ccb56e3c58fce6511ad69d71f3a78357043b451270ee13643a32a118899c36c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6670
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 38276
x-xss-protection: 1; mode=block
last-modified: Sat, 31 Dec 2016 13:13:08 GMT
server: cloudflare
etag: "5867aee4-9584"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=315360000
accept-ranges: bytes
cf-ray: 52dd3843de158c92-VIE
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 empty.gif
illiweb.com/fa/ 42 B
182 B 15ms
15ms Image
image/gif 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/empty.gif

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 16536
status: 200
content-length: 42
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-2a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cf-ray: 52dd3843da02d715-FRA
expires: Thu, 29 Oct 2020 07:23:15 GMT

GET
H2 200 qMsm6Ul.gif
i.imgur.com/ 599 B
889 B 48ms
5ms Image
image/gif 151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/qMsm6Ul.gif
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 5b9015044ce252559ccbb0cd794d03c995a50f84884b2019293782fb7fe8874f

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:51 GMT
age: 5453348
x-cache: HIT, HIT
status: 200
content-length: 599
x-served-by: cache-bwi5127-BWI, cache-hhn4021-HHN
last-modified: Tue, 10 Jan 2017 00:45:57 GMT
server: cat factory 1.0
x-timer: S1572436732.669350,VS0,VE0
etag: "52006aa92820afcff6d2236b88332f5c"
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 2

GET
H/1.1 200
OK avatar10.png
raovat.tuoitrevn.net/users/3517/21/16/80/avatars/gallery/ 26 KB
27 KB 866ms
62ms Image
image/png 178.33.43.178
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://raovat.tuoitrevn.net/users/3517/21/16/80/avatars/gallery/avatar10.png

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

HTTP/1.1

Server

178.33.43.178 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

690a9c5e2ba9f5cfb4bb225bf84b658d899b75825472da0851845edb636463dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Wed, 30 Oct 2019 11:58:52 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 02 Jan 2017 05:24:04 GMT
ETag: "5869e3f4-692c"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Content-Length: 26924
X-XSS-Protection: 1
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon_www.gif
illiweb.com/fa/subsilver/ 733 B
838 B 10ms
9ms Image
image/gif 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/subsilver/icon_www.gif

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

02be12aef9119686fd59cb18175cb585e21e46a6aa5ec6b10074e6dd37476eef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9760
status: 200
content-length: 733
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-2dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cf-ray: 52dd3844dd21d715-FRA
expires: Thu, 29 Oct 2020 09:16:11 GMT

GET
H2 200 default2.gif
illiweb.com/itest/ranks/default/ 1 KB
1 KB 12ms
11ms Image
image/gif 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/itest/ranks/default/default2.gif

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

eea9767f3e2c171b55a01fd5da2da5ce658ae3f4e3b6c49cee0659bb38237f6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22910164
status: 200
content-length: 1176
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-498"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cf-ray: 52dd3844dd27d715-FRA
expires: Fri, 07 Feb 2020 08:02:47 GMT

GET
H2 200 icon_n10.gif
i.servimg.com/u/f97/19/54/42/12/ 348 B
450 B 66ms
36ms Image
image/gif 2606:4700:30::6812:3807
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f97/19/54/42/12/icon_n10.gif

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3807 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

84193816087e802c9209355842e4d99b9dc73cea9179921c8070da4dcc139b7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6670
status: 200
content-length: 348
x-xss-protection: 1; mode=block
last-modified: Sun, 25 Sep 2016 19:43:10 GMT
server: cloudflare
etag: "57e828ce-15c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cf-ray: 52dd38450eeccbc0-VIE
expires: Thu, 29 Oct 2020 10:07:41 GMT

GET
H2 200 page-w10.png
i.servimg.com/u/f18/15/64/85/86/ 618 B
728 B 48ms
19ms Image
image/png 2606:4700:30::6812:3807
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f18/15/64/85/86/page-w10.png

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3807 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

da281a874974bf0c9518ccd03db9c96e1f69bfbb72ad62bee649c400d97e4899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6670
status: 200
content-length: 618
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Jun 2015 04:03:43 GMT
server: cloudflare
etag: "5580f19f-26a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cf-ray: 52dd38450ef2cbc0-VIE
expires: Thu, 29 Oct 2020 10:07:41 GMT

GET
H2 200 ti_xui11.png
i.servimg.com/u/f97/19/54/42/12/ 368 B
470 B 49ms
20ms Image
image/png 2606:4700:30::6812:3807
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f97/19/54/42/12/ti_xui11.png

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3807 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ca20cfedac5fd9258f9f8355b713ae92a640b2ebdd2b048182e0b7eafa1a9fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6670
status: 200
content-length: 368
x-xss-protection: 1; mode=block
last-modified: Sun, 25 Sep 2016 13:00:59 GMT
server: cloudflare
etag: "57e7ca8b-170"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cf-ray: 52dd38450eefcbc0-VIE
expires: Thu, 29 Oct 2020 10:07:41 GMT

GET
H2 200 award-10.png
i.servimg.com/u/f18/19/08/54/77/ 743 B
845 B 48ms
19ms Image
image/png 2606:4700:30::6812:3807
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f18/19/08/54/77/award-10.png

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3807 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0035ed075d597ffa4dc9deb3f28776a1d13d337daa1f6be413f13cb51f7dd0fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6670
status: 200
content-length: 743
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Jun 2015 03:46:13 GMT
server: cloudflare
etag: "5580ed85-2e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cf-ray: 52dd38450ef3cbc0-VIE
expires: Thu, 29 Oct 2020 10:07:41 GMT

GET
H2 200 nameic12.gif
i.servimg.com/u/f97/19/54/42/12/ 428 B
872 B 48ms
18ms Image
image/gif 2606:4700:30::6812:3807
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f97/19/54/42/12/nameic12.gif

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3807 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

90e83f9812d4235e44151847751420c1b53a05a31415446dd467c85720f6e143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6670
status: 200
content-length: 428
x-xss-protection: 1; mode=block
last-modified: Sun, 25 Sep 2016 12:48:28 GMT
server: cloudflare
etag: "57e7c79c-1ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cf-ray: 52dd38450ef1cbc0-VIE
expires: Thu, 29 Oct 2020 10:07:41 GMT

GET
H2 200 eiopMXR.gif
i.imgur.com/ 224 B
370 B 19ms
6ms Image
image/gif 151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/eiopMXR.gif
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 2c7a8b34d05698985a9c135034620a43a47bb11b9701867465b4909327f018a3

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:51 GMT
age: 6511858
x-cache: HIT, HIT
status: 200
content-length: 224
x-served-by: cache-bwi5130-BWI, cache-hhn4021-HHN
last-modified: Thu, 03 Sep 2015 04:53:14 GMT
server: cat factory 1.0
x-timer: S1572436732.669429,VS0,VE0
etag: "f302813cec860fbe4bf53bd77f9346d3"
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 2

GET
H2 200 i_icon_gender_male.gif
hitsk.in/t/13/01/69/ 575 B
1016 B 194ms
19ms Image
image/gif 2606:4700:30::6818:787c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hitsk.in/t/13/01/69/i_icon_gender_male.gif

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6818:787c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

235d503d44efda2814ec2bceae1626390f3c7c8b57bfec42531b927de266758e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6670
status: 200
content-length: 575
x-xss-protection: 1; mode=block
last-modified: Wed, 27 Oct 2010 16:39:19 GMT
server: cloudflare
etag: "4cc855b7-23f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cf-ray: 52dd3845fbda59a0-VIE
expires: Thu, 29 Oct 2020 10:07:41 GMT

GET
H2 200 nameic13.gif
i.servimg.com/u/f97/19/54/42/12/ 426 B
528 B 29ms
19ms Image
image/gif 2606:4700:30::6812:3807
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f97/19/54/42/12/nameic13.gif

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3807 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f2a88a252ab5dce2170fff4889f744b5a4943b2863b220a96fec7aa9d0bae71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6670
status: 200
content-length: 426
x-xss-protection: 1; mode=block
last-modified: Sun, 25 Sep 2016 12:51:14 GMT
server: cloudflare
etag: "57e7c842-1aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cf-ray: 52dd38450ef5cbc0-VIE
expires: Thu, 29 Oct 2020 10:07:41 GMT

GET
H2 200 house-10.gif
i.servimg.com/u/f97/19/01/75/14/ 466 B
569 B 23ms
22ms Image
image/gif 2606:4700:30::6812:3807
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f97/19/01/75/14/house-10.gif

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3807 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5384a3023793ef64f078ec77235f40a8cb0fe8aa2dfd04fbbbbaf6e292da18c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6670
status: 200
content-length: 466
x-xss-protection: 1; mode=block
last-modified: Sun, 25 Sep 2016 13:45:43 GMT
server: cloudflare
etag: "57e7d507-1d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cf-ray: 52dd38450ef6cbc0-VIE
expires: Thu, 29 Oct 2020 10:07:41 GMT

GET
H/1.1 200
OK LrxEstU.png
i.imgur.com/ 9 KB
10 KB 11ms
6ms Image
image/png 151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.imgur.com/LrxEstU.png
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic
Protocol: HTTP/1.1
Server: 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 1925534e08e043e86174c5e2e2fa50889e6c773a82fa3ae83d3365a29e2b50c0

Request headers

Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Wed, 30 Oct 2019 11:58:51 GMT
Age: 712815
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 9443
X-Served-By: cache-bwi5135-BWI, cache-hhn4082-HHN
Last-Modified: Thu, 11 Oct 2018 03:48:47 GMT
Server: cat factory 1.0
X-Timer: S1572436732.681326,VS0,VE1
ETag: "f77356488f712a731fb0c3465f17b189"
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
cache-control: public, max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H2 200 lky9lf10.jpg
i.servimg.com/u/f37/19/52/31/91/ 45 KB
45 KB 26ms
24ms Image
image/jpeg 2606:4700:30::6812:3807
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f37/19/52/31/91/lky9lf10.jpg

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3807 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

20ea9b0f35d57e898e1761b34d5b9d019df3201b0d027908cd02d0656c2960d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6670
status: 200
content-length: 45626
x-xss-protection: 1; mode=block
last-modified: Fri, 06 Jan 2017 05:44:40 GMT
server: cloudflare
etag: "586f2ec8-b23a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cf-ray: 52dd38450ef7cbc0-VIE
expires: Thu, 29 Oct 2020 10:07:41 GMT

GET
H/1.1 200
OK 21489.js Show response
raovat.4umer.com/ 16 KB
6 KB 59ms
59ms Script
application/x-javascript 178.33.44.177
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://raovat.4umer.com/21489.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

HTTP/1.1

Server

178.33.44.177 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

166361649cb058cd61e6f87d19a0b47a859deb79a17396c59d8dd9b1c661bc9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Wed, 30 Oct 2019 11:58:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 07 Jul 2017 17:28:09 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Content-Length: 6097
X-XSS-Protection: 1
X-Cache-MA: HIT
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK dmca_protected_sml_120w.png
images.dmca.com/Badges/ 3 KB
4 KB 7ms
6ms Image
image/png 151.139.242.29
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.dmca.com/Badges/dmca_protected_sml_120w.png?ID=57b6ebc2-7a41-4eae-90fc-44e5f9c3d8d2
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic
Protocol: HTTP/1.1
Server: 151.139.242.29 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 / ASP.NET
Resource Hash: 10dfcb598d3dd6c0f995f34de110a0612d6e68ee3f9928bcbe1f348084f0d9bf

Request headers

Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Wed, 30 Oct 2019 11:58:51 GMT
Server: NetDNA-cache/2.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Cache: HIT
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Link: <http://dmca-images.azurewebsites.net/Badges/dmca_protected_sml_120w.png>; rel="canonical"
Content-Length: 3173
Expires: Fri, 29 Nov 2019 11:58:51 GMT

GET
H/1.1 200
OK DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ 465 B
789 B 12ms
6ms Script
application/javascript 151.139.242.29
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic
Protocol: HTTP/1.1
Server: 151.139.242.29 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Wed, 30 Oct 2019 11:58:44 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Jun 2019 20:14:34 GMT
Server: NetDNA-cache/2.2
X-Powered-By: ASP.NET
ETag: "26b181f16d28d51:0"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Link: <http://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical"
Content-Length: 280
Expires: Fri, 29 Nov 2019 11:58:44 GMT

GET
H/1.1

200
OK

11128.js Show response
raovat.4umer.com/
Redirect Chain

http://raovat.4umer.com/11971.js
http://raovat.4umer.com/11128.js

52 KB
14 KB

39ms
39ms

Script
application/x-javascript

178.33.44.177
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://raovat.4umer.com/11128.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

HTTP/1.1

Server

178.33.44.177 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

0760bb6abffd75a3316d0416c3240161e058e1b9fb5a91db8966b5adf443112a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Wed, 30 Oct 2019 11:58:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 09 Aug 2019 16:28:48 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Content-Length: 13550
X-XSS-Protection: 1
X-Cache-MA: HIT
Expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: http://raovat.4umer.com/11128.js
Date: Wed, 30 Oct 2019 11:58:51 GMT
Cache-Control: max-age=315360000
Content-Length: 0
X-Cache-MA: HIT
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 33735.js Show response
raovat.4umer.com/ 10 KB
4 KB 51ms
51ms Script
application/x-javascript 178.33.44.177
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://raovat.4umer.com/33735.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

HTTP/1.1

Server

178.33.44.177 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

f2b57c5797018dd0ef9c1c8386ef46d1d27c13ea0615617ffd6e7012074e6948

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Wed, 30 Oct 2019 11:58:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 15 Apr 2019 12:52:15 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Content-Length: 3960
X-XSS-Protection: 1
X-Cache-MA: HIT
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 13ms
6ms Stylesheet
text/css 2001:4de0:ac19::1:b:3a
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Wed, 30 Oct 2019 11:58:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Dec 2018 18:35:20 GMT
Connection: Keep-Alive
ETag: "1544639720"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
cache-control: public, max-age=31536000
X-Hello-Human: Say hello back! @getBootstrapCDN on Twitter
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 7050

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1002 B 29ms
16ms Stylesheet
text/css 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin,vietnamese

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

2c459af038b187354a6342ef343b41451f024d3791bb4456c68d998ed9027ec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 30 Oct 2019 11:58:51 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Wed, 30 Oct 2019 11:58:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Wed, 30 Oct 2019 11:58:51 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144337024-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 282
date: Wed, 30 Oct 2019 11:54:09 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Wed, 30 Oct 2019 13:54:09 GMT

GET
H/1.1 200
OK loader.js Show response
cdn.taboola.com/libtrc/forforumotion-vi/ 64 KB
18 KB 111ms
105ms Script
application/javascript 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/libtrc/forforumotion-vi/loader.js
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic
Protocol: HTTP/1.1
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aec051bba73f01b746a95098b44c731767e0ba88459bc5eac1fadc3a109d2297

Request headers

Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

x-amz-version-id: scgnzAKpg_PnWZ9VNWb22nl0pPP6Lw2v
Content-Encoding: gzip
ETag: "5e1d5e0611b7bec72c3662ab518c3314"
Age: 0
X-Cache: HIT
Connection: keep-alive
Content-Length: 17612
x-amz-id-2: WvLV6Docq1Vm+Jo/BcV6SnPUkx0aI5eurbfnRMPbHzoacUyjex5DNBVkZORX+yRYCIaM12oXpVQ=
X-Served-By: cache-hhn4033-HHN
Last-Modified: Tue, 29 Oct 2019 16:52:05 GMT
Server: AmazonS3
X-Timer: S1572436732.696210,VS0,VE100
Date: Wed, 30 Oct 2019 11:58:51 GMT
Vary: Accept-Encoding
x-amz-request-id: 8133D09308C728EA
Via: 1.1 varnish
Cache-Control: private,max-age=14401
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
abp: 37
X-Cache-Hits: 1

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
145 B 47ms
15ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=75&profileId=206&cb=13840541307
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

status: 204
date: Wed, 30 Oct 2019 11:58:51 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: http://raovat.4umer.com
timing-allow-origin: *
vary: Origin

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/66WEle60vY1w2WveBS-1ZMFs/ 253 KB
91 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:818::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/66WEle60vY1w2WveBS-1ZMFs/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

00570a386fed559fd7bbcad054d52593bb310726207f7e133d14e831a2f8d97e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 28 Oct 2019 17:50:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Oct 2019 04:04:39 GMT
server: sffe
age: 151731
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 92505
x-xss-protection: 0
expires: Tue, 27 Oct 2020 17:50:00 GMT

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 3101
date: Wed, 30 Oct 2019 11:07:10 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17168
expires: Wed, 30 Oct 2019 13:07:10 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H2

200

sdk.js Show response
connect.facebook.net/vi_VN/
Redirect Chain

http://connect.facebook.net/vi_VN/sdk.js
https://connect.facebook.net/vi_VN/sdk.js

3 KB
2 KB

19ms
6ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

a74c20ab0f6e8cb85b6de9aae78b5644285337e4800ec07d3899084af31efcf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: H5s3vWwTeLX1YoJVgwG3cw==
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 1780
etag: "664f8bd1dc419aafd8a4925861df8026"
x-fb-debug: lkegNiG0BNdEe8z9nZsHUJ2Rgx7GRTw3HksjZHddFniAGqYMKf8vgXAfJpQJOIgCHh14PjvFENr91lIdmKKotA==
x-fb-trip-id: 1850256238
x-fb-content-md5: cd86eba8d229ef57f3ac3a068408df7f
x-frame-options: DENY
date: Wed, 30 Oct 2019 11:58:51 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 30 Oct 2019 12:08:21 GMT

Redirect headers

Location: https://connect.facebook.net/vi_VN/sdk.js#xfbml=1&version=v2.6
Non-Authoritative-Reason: HSTS

GET
H2 200 jOYlpgu.gif
i.imgur.com/ 7 KB
7 KB 5ms
5ms Image
image/gif 151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/jOYlpgu.gif
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: b844a2bb8061f0b3382e300f63fb07d62a08cca0d9eceb0c995ddc2b118fc062

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/2-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:51 GMT
age: 2779132
x-cache: HIT, HIT
status: 200
content-length: 6742
x-served-by: cache-bwi5126-BWI, cache-hhn4021-HHN
last-modified: Sun, 18 Dec 2016 03:25:11 GMT
server: cat factory 1.0
x-timer: S1572436732.670618,VS0,VE0
etag: "cd76b72c9113ceddde33e39a44af1fa4"
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 2

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 25ms
12ms Font
font/woff2 2a00:1450:4001:815::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin,vietnamese
Origin: http://raovat.4umer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:08:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 3051
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11016
x-xss-protection: 0
expires: Thu, 29 Oct 2020 11:08:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfChc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ 8 KB
8 KB 21ms
10ms Font
font/woff2 2a00:1450:4001:815::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfChc4AMP6lbBP.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d4a0134009f70c36d82c43c77b2a6f0ee48a57beb8d4f9e9ff7c3dd3887212bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin,vietnamese
Origin: http://raovat.4umer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 03:03:08 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 32143
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7924
x-xss-protection: 0
expires: Thu, 29 Oct 2020 03:03:08 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ 8 KB
8 KB 16ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin,vietnamese
Origin: http://raovat.4umer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Fri, 11 Oct 2019 13:03:28 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:46 GMT
server: sffe
age: 1637723
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8024
x-xss-protection: 0
expires: Sat, 10 Oct 2020 13:03:28 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:815::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin,vietnamese
Origin: http://raovat.4umer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Fri, 11 Oct 2019 14:50:26 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 1631305
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11020
x-xss-protection: 0
expires: Sat, 10 Oct 2020 14:50:26 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 15ms
15ms Image
image/gif 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:51 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 24 Oct 2020 11:58:51 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 15ms
15ms Image
image/gif 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:51 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 24 Oct 2020 11:58:51 GMT

GET
H/1.1 200
OK logos12.png
i97.servimg.com/u/f97/18/91/53/88/ 2 KB
3 KB 46ms
20ms Image
image/png 2606:4700:30::6812:3907
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://i97.servimg.com/u/f97/18/91/53/88/logos12.png

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

HTTP/1.1

Server

2606:4700:30::6812:3907 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe6d42f3670bd140d05899fd0bc6161882da3f9fb4173f241148836279fa5477

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Wed, 30 Oct 2019 11:58:51 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Age: 6670
Connection: keep-alive
Content-Length: 2148
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 28 Sep 2016 12:33:52 GMT
Server: cloudflare
ETag: "57ebb8b0-864"
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 52dd38453c9b8c6e-VIE
Expires: Thu, 29 Oct 2020 10:07:41 GMT

GET
H2 200 icon_user_online_en.png
illiweb.com/fa/prosilver/ 354 B
492 B 9ms
9ms Image
image/png 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/prosilver/icon_user_online_en.png

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

afdf47418c7cc1acb6a43bf303ce2928e43f4a4269db313e55319374750ab3a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/2-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 102519
status: 200
content-length: 354
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:00:38 GMT
server: cloudflare
etag: "5739a856-162"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cf-ray: 52dd3844fd79d715-FRA
expires: Wed, 28 Oct 2020 07:30:12 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 13ms
6ms Font
font/woff2 2001:4de0:ac19::1:b:3a
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Referer: http://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: http://raovat.4umer.com

Response headers

Date: Wed, 30 Oct 2019 11:58:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Dec 2018 18:36:18 GMT
Connection: Keep-Alive
ETag: "1544639778"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: font/woff2
Access-Control-Allow-Origin: *
cache-control: public, max-age=31536000
X-Hello-Human: Say hello back! @getBootstrapCDN on Twitter
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 77171

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:815::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin,vietnamese
Origin: http://raovat.4umer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 12:53:28 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 1811123
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11180
x-xss-protection: 0
expires: Thu, 08 Oct 2020 12:53:28 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame B86B 46 KB
15 KB 26ms
14ms Script
text/javascript 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

77dec1d473dfac77dc01d6c569957a00f7b815b018d32569f62b31be48bef014

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "321 / 619 of 1000 / last-modified: 1572373742"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14863
x-xss-protection: 0
expires: Wed, 30 Oct 2019 11:58:51 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7WxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ 3 KB
3 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu7WxKKTU1Kvnz.woff2

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

6742ec1271dff587e859a90ce7e4bee26cfd60625f5bb95325650c6b04afda8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin,vietnamese
Origin: http://raovat.4umer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 03:04:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:45 GMT
server: sffe
age: 32053
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3384
x-xss-protection: 0
expires: Thu, 29 Oct 2020 03:04:38 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfCxc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ 3 KB
3 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:815::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfCxc4AMP6lbBP.woff2

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4efba2511ac7b398ee519551405416b684264c28f052829e9dd86bb836257d90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin,vietnamese
Origin: http://raovat.4umer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Fri, 11 Oct 2019 19:48:09 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 1613442
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3352
x-xss-protection: 0
expires: Sat, 10 Oct 2020 19:48:09 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1786104419&t=pageview&_s=1&dl=http%3A%2F%2Fraovat.4umer.com%2Ft159447-topic&ul=en-us&de=UTF-8&dt=Di%E1%BB%85n%20%C4%91%C3%A0n%20b%E1%BA%A5t%2...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-144337024-1&cid=69928151.1572436732&jid=1393534921&_gid=1602952076.1572436732&gjid=601719093&_v=j79&z=1207165804
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144337024-1&cid=69928151.1572436732&jid=1393534921&_v=j79&z=1207165804
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144337024-1&cid=69928151.1572436732&jid=1393534921&_v=j79&z=1207165804&slf_rd=1&random=3907144891

42 B
434 B

42ms
29ms

Image
image/gif

2a00:1450:4001:806::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144337024-1&cid=69928151.1572436732&jid=1393534921&_v=j79&z=1207165804&slf_rd=1&random=3907144891

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Oct 2019 11:58:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 30 Oct 2019 11:58:51 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144337024-1&cid=69928151.1572436732&jid=1393534921&_v=j79&z=1207165804&slf_rd=1&random=3907144891
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 112F 46 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

77dec1d473dfac77dc01d6c569957a00f7b815b018d32569f62b31be48bef014

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "321 / 969 of 1000 / last-modified: 1572373742"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14863
x-xss-protection: 0
expires: Wed, 30 Oct 2019 11:58:51 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 31DF 46 KB
15 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

77dec1d473dfac77dc01d6c569957a00f7b815b018d32569f62b31be48bef014

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "321 / 159 of 1000 / last-modified: 1572373742"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14863
x-xss-protection: 0
expires: Wed, 30 Oct 2019 11:58:51 GMT

GET
H2

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=149962146&utmhn=raovat.4umer.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Di%E1...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=149962146&utmhn=raovat.4umer.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Di%E...

35 B
101 B

14ms
14ms

Image
image/gif

2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=149962146&utmhn=raovat.4umer.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Di%E1%BB%85n%20%C4%91%C3%A0n%20b%E1%BA%A5t%20%C4%91%E1%BB%99ng%20s%E1%BA%A3n%3A%20Ti%E1%BA%BFn%20L%E1%BB%99c%20Garden&utmhid=1786104419&utmr=-&utmp=%2Ft159447-topic&utmht=1572436731835&utmac=UA-87786621-1&utmcc=__utma%3D84484378.69928151.1572436732.1572436732.1572436732.1%3B%2B__utmz%3D84484378.1572436732.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=646960405&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Oct 2019 11:58:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=149962146&utmhn=raovat.4umer.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Di%E1%BB%85n%20%C4%91%C3%A0n%20b%E1%BA%A5t%20%C4%91%E1%BB%99ng%20s%E1%BA%A3n%3A%20Ti%E1%BA%BFn%20L%E1%BB%99c%20Garden&utmhid=1786104419&utmr=-&utmp=%2Ft159447-topic&utmht=1572436731835&utmac=UA-87786621-1&utmcc=__utma%3D84484378.69928151.1572436732.1572436732.1572436732.1%3B%2B__utmz%3D84484378.1572436732.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=646960405&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~
Non-Authoritative-Reason: HSTS

GET
H2 200 pubads_impl_2019102401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B86B 156 KB
58 KB 53ms
38ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019102401.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

b40c3274538f0155c83d1a9e4d3a68d94d61425a71cddee3ffd7d38a99465733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Oct 2019 13:07:07 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 58552
x-xss-protection: 0
expires: Wed, 30 Oct 2019 11:58:51 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame B86B 113 B
660 B 29ms
15ms Script
application/javascript 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=raovat.4umer.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Oct 2019 11:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 108
x-xss-protection: 0

GET
H/1.1 200
OK impl.20191029-10-RELEASE.js Show response
cdn.taboola.com/libtrc/ 394 KB
112 KB 5ms
5ms Script
application/javascript 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/libtrc/impl.20191029-10-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/forforumotion-vi/loader.js
Protocol: HTTP/1.1
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9d9d83e218b77ec50f10293adbdff01bd7e83d3cd2bf70e2aa8507e10c13c670

Request headers

Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

x-amz-version-id: oqzTk5TzkkAFpXSKm23dNWim1fJzP_TN
Content-Encoding: gzip
ETag: "75d01218be23267ee0720ca0b0cdec27"
Age: 23
X-Cache: HIT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 114004
x-amz-id-2: SN3Pe5+tu4sPApzFZj+jIurM89NzXNWoi/3U69z7c2RiprJHoNpjhZTeSxJc/FwEJ74LhJV+jBI=
X-Served-By: cache-hhn4033-HHN
Last-Modified: Tue, 29 Oct 2019 12:58:47 GMT
Server: AmazonS3
X-Timer: S1572436732.881707,VS0,VE0
Date: Wed, 30 Oct 2019 11:58:51 GMT
Vary: Accept-Encoding
x-amz-request-id: 075552A7C5379C91
Via: 1.1 varnish
Cache-Control: private,max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
abp: 5
X-Cache-Hits: 212

GET
H/1.1 200
OK beacon.js Show response
b.scorecardresearch.com/ 1 KB
1 KB 13ms
6ms Script
application/x-javascript 2.16.186.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://b.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/forforumotion-vi/loader.js
Protocol: HTTP/1.1
Server: 2.16.186.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Wed, 30 Oct 2019 11:58:51 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 901
Expires: Thu, 31 Oct 2019 11:58:51 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/vi_VN/ 192 KB
58 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk.js?hash=8b69b1fc0a1d991f6931c52925af22a1&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

1d9d080cc4c4b62d5c3dc6dd836df30bb4ea5fa5b4ee839fdba59256f525ec69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: cors
Referer: http://raovat.4umer.com/t159447-topic
Origin: http://raovat.4umer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Bop9XUWsTBPWDE4RXrFAVA==
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 59124
etag: "6d70f844e30c7dd1cb866e1cb76dc90f"
x-fb-debug: L0imfZ4KrOxB5dtmm7KmY9tQRDU+FLglSzsdadcQ2El/fychAkf5PGGhDIhjeMWK6gOXil76CCayRflYWCxMTQ==
x-fb-trip-id: 1850256238
x-fb-content-md5: 6544eef793a65a1c9aa82fdd6b545808
x-frame-options: DENY
date: Wed, 30 Oct 2019 11:58:51 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Thu, 29 Oct 2020 09:19:36 GMT

GET
H2 200 pubads_impl_2019102401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 112F 156 KB
57 KB 40ms
39ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019102401.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

b40c3274538f0155c83d1a9e4d3a68d94d61425a71cddee3ffd7d38a99465733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Oct 2019 13:07:07 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 58552
x-xss-protection: 0
expires: Wed, 30 Oct 2019 11:58:51 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame 112F 113 B
175 B 19ms
19ms Script
application/javascript 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=raovat.4umer.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Oct 2019 11:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 108
x-xss-protection: 0

GET
H2 200 pubads_impl_2019102401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 31DF 156 KB
57 KB 42ms
42ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019102401.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

b40c3274538f0155c83d1a9e4d3a68d94d61425a71cddee3ffd7d38a99465733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Oct 2019 13:07:07 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 58552
x-xss-protection: 0
expires: Wed, 30 Oct 2019 11:58:51 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame 31DF 113 B
175 B 17ms
16ms Script
application/javascript 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=raovat.4umer.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Oct 2019 11:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 108
x-xss-protection: 0

GET
H/1.1 200
OK h5- Show response
raovat.4umer.com/ 52 KB
16 KB 122ms
121ms XHR
text/html 178.33.44.177
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://raovat.4umer.com/h5-?_=1572436731577

Requested by

Host: code.jquery.com
URL: http://code.jquery.com/jquery-1.9.1.min.js

Protocol

HTTP/1.1

Server

178.33.44.177 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

bf63f5f254303ce6a89985763e3c1d1315b2950eacd9b81a6bb327cd4093ed01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: http://raovat.4umer.com/t159447-topic
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Oct 2019 11:58:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Oct 2019 11:58:51 GMT
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Vary: User-Agent
X-Cache-FS: MISS
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
X-XSS-Protection: 1
Expires: Wed, 30 Oct 2019 00:00:00 GMT

GET
H/1.1 200
OK vglnk.js Show response
cdn.viglink.com/api/ 78 KB
28 KB 35ms
23ms Script
text/javascript 2606:4700::6810:a40d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.viglink.com/api/vglnk.js
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic
Protocol: HTTP/1.1
Server: 2606:4700::6810:a40d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06f2b47a2e8017f8387d34806efc5c3643954171cc9cb38e4b1f583a42aaeaa1

Request headers

Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Wed, 30 Oct 2019 11:58:51 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 747900
CF-RAY: 52dd38467e1b5994-VIE
Connection: keep-alive
Content-Length: 27746
x-amz-id-2: BvWrCx4ENVEyTFkdGWO8b32fWif/t7+zUKoO3CKE7/ujB7loTjoMGO95lPtYYPtLNI1PNB7+82U=
Last-Modified: Mon, 21 Oct 2019 20:13:23 GMT
Server: cloudflare
ETag: "df893ab92782cedac4da4785df9ec68e"
Vary: Accept-Encoding
x-amz-request-id: 0FCA203CD776EAD5
Cache-Control: public, max-age=1800
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Wed, 30 Oct 2019 12:28:51 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
882 B 31ms
16ms Font
text/css 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed

Requested by

Host: code.jquery.com
URL: http://code.jquery.com/jquery-1.9.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

2b7caf43d9c84f7b05243a68e7bc41555f0b873a115a1e1c691f86bed97dd4d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://raovat.4umer.com/t159447-topic
Origin: http://raovat.4umer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 30 Oct 2019 11:58:51 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Wed, 30 Oct 2019 11:58:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Wed, 30 Oct 2019 11:58:51 GMT

GET
H2 200 toolbar.png
illiweb.com/fa/i/toolbar/ 11 KB
11 KB 11ms
10ms Image
image/png 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/i/toolbar/toolbar.png

Requested by

Host: code.jquery.com
URL: http://code.jquery.com/jquery-1.9.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

075cc698968c8fabdc079e0f5a8bf11ed379ddb445d0d7caa5085cf67ff12b57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/2-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22064589
status: 200
content-length: 11066
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 08:34:44 GMT
server: cloudflare
etag: "57398624-2b3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cf-ray: 52dd38469a6cd715-FRA
expires: Mon, 17 Feb 2020 02:55:42 GMT

GET
H2 200 pa0.png
illiweb.com/fa/i/toolbar/ 1 KB
1 KB 10ms
9ms Image
image/png 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/i/toolbar/pa0.png

Requested by

Host: code.jquery.com
URL: http://code.jquery.com/jquery-1.9.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5b862705def8b10b9a2f6e2d285ace98b47d499942ad23d492820a6a04341dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/2-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 21782965
status: 200
content-length: 1087
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 08:34:43 GMT
server: cloudflare
etag: "57398623-43f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cf-ray: 52dd38469a72d715-FRA
expires: Thu, 20 Feb 2020 09:09:26 GMT

GET
H/1.1

204
No Content

b2
b.scorecardresearch.com/
Redirect Chain

http://b.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1572436731967&ns_c=UTF-8&cv=3.1&c8=Di%E1%BB%85n%20%C4%91%C3%A0n%20b%E1%BA%A5t%20%C4%91%E1%BB%99ng%20s%E1%BA%A3n%3A%20Ti%E1%BA%...
http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1572436731967&ns_c=UTF-8&cv=3.1&c8=Di%E1%BB%85n%20%C4%91%C3%A0n%20b%E1%BA%A5t%20%C4%91%E1%BB%99ng%20s%E1%BA%A3n%3A%20Ti%E1%BA...

0
248 B

6ms
6ms

Image
text/plain

2.16.186.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1572436731967&ns_c=UTF-8&cv=3.1&c8=Di%E1%BB%85n%20%C4%91%C3%A0n%20b%E1%BA%A5t%20%C4%91%E1%BB%99ng%20s%E1%BA%A3n%3A%20Ti%E1%BA%BFn%20L%E1%BB%99c%20Garden&c7=http%3A%2F%2Fraovat.4umer.com%2Ft159447-topic&c9=
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic
Protocol: HTTP/1.1
Server: 2.16.186.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Oct 2019 11:58:52 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1572436731967&ns_c=UTF-8&cv=3.1&c8=Di%E1%BB%85n%20%C4%91%C3%A0n%20b%E1%BA%A5t%20%C4%91%E1%BB%99ng%20s%E1%BA%A3n%3A%20Ti%E1%BA%BFn%20L%E1%BB%99c%20Garden&c7=http%3A%2F%2Fraovat.4umer.com%2Ft159447-topic&c9=
Pragma: no-cache
Date: Wed, 30 Oct 2019 11:58:51 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B86B 43 KB
11 KB 264ms
264ms XHR
text/plain 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4114316021617425&correlator=2675714061531328&output=ldjh&impl=fif&eid=21064823%2C21062819%2C21065018%2C370204026&vrg=2019102401&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=0&sfv=1-0-36&ecs=20191030&iu=%2F1150267%2FEtoxicSarl_2019_728x90&sz=728x90&eri=6&cookie_enabled=1&bc=23&abxe=1&lmt=1572436732&dt=1572436732024&dlt=1572436731739&idt=273&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adx=429&ady=262&adk=442451065&uci=xn8xnt9g75v3&ifi=1&ifk=670705837&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=http%3A%2F%2Fraovat.4umer.com%2Ft159447-topic&top=raovat.4umer.com&dssz=2&icsg=10&std=0&vis=1&scr_x=0&scr_y=0&ga_vid=876806753.1572436732&ga_sid=1572436732&ga_hid=2086766920&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019102401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

6776ff45a21faff4d524c5c74735bf4e713e9274acbf6ed335bb9f84c89892e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10583
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://raovat.4umer.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019102401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B86B 64 KB
25 KB 38ms
38ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019102401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019102401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

9c14e216c7aed649a11d2b47f8c6cf9f586ba7f426132ead03c4061b054ffcbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Oct 2019 13:07:07 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24997
x-xss-protection: 0
expires: Wed, 30 Oct 2019 11:58:52 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-36/html/ Frame B86B 0
0 19ms
8ms Other
text/html 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019102401.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 31DF 69 KB
20 KB 300ms
299ms XHR
text/plain 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1021153410846627&correlator=12385304245137&output=ldjh&impl=fif&eid=21062888%2C21065018&vrg=2019102401&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=0&sfv=1-0-36&ecs=20191030&iu=%2F1150267%2FEtoxicSarl_2019_300x250&sz=300x250&eri=6&cookie_enabled=1&bc=23&abxe=1&lmt=1572436732&dt=1572436732037&dlt=1572436731800&idt=233&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adx=825&ady=1655&adk=3480591353&uci=hyr9z5m9p8kd&ifi=1&ifk=1743421349&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=http%3A%2F%2Fraovat.4umer.com%2Ft159447-topic&top=raovat.4umer.com&dssz=2&icsg=10&std=0&vis=1&scr_x=0&scr_y=0&ga_vid=39684017.1572436732&ga_sid=1572436732&ga_hid=682754260&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019102401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ba30af7b49758d42799345c9a432e2fb8209de1eb9613c82ef2c7bca640e6911

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 20203
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://raovat.4umer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019102401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 31DF 64 KB
24 KB 39ms
39ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019102401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019102401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

9c14e216c7aed649a11d2b47f8c6cf9f586ba7f426132ead03c4061b054ffcbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Oct 2019 13:07:07 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24997
x-xss-protection: 0
expires: Wed, 30 Oct 2019 11:58:52 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-36/html/ Frame 31DF 0
0 9ms
7ms Other
text/html 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019102401.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 112F 69 KB
20 KB 286ms
285ms XHR
text/plain 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3472376248348935&correlator=3587278973023315&output=ldjh&impl=fifs&eid=21062818%2C21062832%2C21063205%2C21063636%2C21064679%2C21065017&vrg=2019102401&guci=1.2.0.0.2.2.0.0&plat=1%3A268435456%2C2%3A268435456%2C8%3A268435456&sc=0&sfv=1-0-36&ecs=20191030&iu_parts=1150267%2CEtoxicSarl_2019_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=6&cookie_enabled=1&bc=23&abxe=1&lmt=1572436732&dt=1572436732047&dlt=1572436731796&idt=245&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adxs=461&adys=1655&adks=3480591353&ucis=g5yvl31brmkg&ifi=1&ifk=1743421349&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=http%3A%2F%2Fraovat.4umer.com%2Ft159447-topic&top=raovat.4umer.com&dssz=2&icsg=10&std=0&vis=1&scr_x=0&scr_y=0&ga_vid=1282939652.1572436732&ga_sid=1572436732&ga_hid=2110404961&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019102401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

63bc5e4c3d7b24e70be9c1633b3af4cebee618b084257d34f129fc40c4070e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 20300
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://raovat.4umer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019102401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 112F 64 KB
24 KB 39ms
39ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019102401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019102401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

9c14e216c7aed649a11d2b47f8c6cf9f586ba7f426132ead03c4061b054ffcbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Oct 2019 13:07:07 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24997
x-xss-protection: 0
expires: Wed, 30 Oct 2019 11:58:52 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-36/html/ Frame 112F 0
0 6ms
6ms Other
text/html 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019102401.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

GET
H/1.1 200
OK pixel.gif
cdn.viglink.com/images/ 43 B
693 B 22ms
22ms Image
image/gif 2606:4700::6810:a40d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.viglink.com/images/pixel.gif?ch=1&rn=3.644977823126657
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic
Protocol: HTTP/1.1
Server: 2606:4700::6810:a40d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Wed, 30 Oct 2019 11:58:52 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 10 Feb 2015 03:29:39 GMT
Server: cloudflare
Age: 5
ETag: "221d8352905f2c38b3cb2bd191d630b0"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=15, must-revalidate
Content-Length: 43
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 52dd38477e945994-VIE
x-amz-request-id: 8D4FAEC87454B7B3
x-amz-id-2: pUIcNHuEITwITJAFv0zf1eMWqWeJVfzBeFeZF51cZGt5vvArCq3oVjQ/5N6crQW0Hv3Wnj02BRA=

GET
H/1.1 200
OK pixel.gif
cdn.viglink.com/images/ 43 B
693 B 36ms
24ms Image
image/gif 2606:4700::6810:a40d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.viglink.com/images/pixel.gif?ch=2&rn=3.644977823126657
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic
Protocol: HTTP/1.1
Server: 2606:4700::6810:a40d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Wed, 30 Oct 2019 11:58:52 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 10 Feb 2015 03:29:39 GMT
Server: cloudflare
Age: 5
ETag: "221d8352905f2c38b3cb2bd191d630b0"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=15, must-revalidate
Content-Length: 43
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 52dd38478af3cba8-VIE
x-amz-request-id: 8D4FAEC87454B7B3
x-amz-id-2: pUIcNHuEITwITJAFv0zf1eMWqWeJVfzBeFeZF51cZGt5vvArCq3oVjQ/5N6crQW0Hv3Wnj02BRA=

GET
H2 200 xd_arbiter.php
staticxx.facebook.com/connect/ Frame 8440 0
0 7ms
6ms Document
text/html 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js?hash=8b69b1fc0a1d991f6931c52925af22a1&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter.php?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://raovat.4umer.com/t159447-topic
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://raovat.4umer.com/t159447-topic

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Tue, 27 Oct 2020 19:51:25 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: gzip
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: fCRD+jT/ZJDYTY7TlOUZlXipZzKPx2PKhmsGnWlXjnLTmw3qIYgZXYVe97OLYKSfiZKtgWaXeWTV/KEwRgCeIQ==
content-length: 12386
x-fb-trip-id: 1850256238
date: Wed, 30 Oct 2019 11:58:52 GMT
alt-svc: h3-23=":443"; ma=3600

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/011910071804120/ Frame B86B 20 KB
8 KB 40ms
9ms Script
text/javascript 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011910071804120/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019102401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8055b71507df36a9a9d807b0799d9c26533101139e1078ea222897c02ad854c5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "c4c4a08298eb0376"
age: 115357
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7118
x-xss-protection: 0
server: sffe
date: Tue, 29 Oct 2019 03:56:15 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Wed, 28 Oct 2020 03:56:15 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011910071804120/ Frame F6F8 251 KB
68 KB 40ms
10ms Script
text/javascript 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011910071804120/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019102401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

93dd062566471fa91604aee574ff8f6e78e80bd20b01f5e080adb0ac61680f94

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "6fedf66162310d96"
age: 1005338
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 69642
x-xss-protection: 0
server: sffe
date: Fri, 18 Oct 2019 20:43:14 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Sat, 17 Oct 2020 20:43:14 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/011910071804120/v0/ Frame F6F8 15 KB
5 KB 51ms
21ms Script
text/javascript 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011910071804120/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019102401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c60edb9309111bee384d6ffc1489c561dcfc5914258d7391c31cc791a5ff3bae

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "69ef865e4a44af94"
age: 31338
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5404
x-xss-protection: 0
server: sffe
date: Wed, 30 Oct 2019 03:16:34 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Thu, 29 Oct 2020 03:16:34 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011910071804120/v0/ Frame F6F8 150 KB
40 KB 48ms
18ms Script
text/javascript 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011910071804120/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019102401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

aa95eb8757140f09d3424399b939ed3f10a20c45c6c52476c614c9bc375eb667

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "8beba9134cdf5c44"
age: 1005349
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 40847
x-xss-protection: 0
server: sffe
date: Fri, 18 Oct 2019 20:43:03 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Sat, 17 Oct 2020 20:43:03 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/011910071804120/v0/ Frame F6F8 3 KB
1 KB 47ms
18ms Script
text/javascript 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011910071804120/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019102401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e13a6f33e8d69a0db071dcbb72beef2aac18e6dc5e8a5326c1c591125cfdcfd4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "3226643f98951748"
age: 1005327
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1391
x-xss-protection: 0
server: sffe
date: Fri, 18 Oct 2019 20:43:25 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Sat, 17 Oct 2020 20:43:25 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/011910071804120/v0/ Frame F6F8 43 KB
14 KB 45ms
16ms Script
text/javascript 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011910071804120/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019102401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

00bbf9e44fba158ed3dab35e591f50ce0045974527564b2ff1e0eaf850472842

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "1bf4e02a805809e1"
age: 3054
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13885
x-xss-protection: 0
server: sffe
date: Wed, 30 Oct 2019 11:07:58 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Thu, 29 Oct 2020 11:07:58 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F6F8 7 KB
726 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019102401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

2c459af038b187354a6342ef343b41451f024d3791bb4456c68d998ed9027ec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 30 Oct 2019 11:58:52 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Wed, 30 Oct 2019 11:58:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Wed, 30 Oct 2019 11:58:52 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/13289292108224519430/ Frame F6F8 35 KB
35 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13289292108224519430/6592766407814317453

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019102401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0bc4420f1af787a1511f43f418d4a4004789468e17c4b723d990d0eb28ec62ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 22:02:27 GMT
x-content-type-options: nosniff
age: 1778185
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35927
x-xss-protection: 0
last-modified: Fri, 17 May 2019 00:35:54 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Oct 2020 22:02:27 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6074693317935729649/ Frame F6F8 2 KB
3 KB 12ms
12ms Image
image/png 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6074693317935729649/downsize_200k_v1?w=100&h=100

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019102401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5d27cf2ee5bc25bd7ecd292c38236d692c96cfa466eff13aeff63741de7abfb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 29 Oct 2019 03:40:09 GMT
x-content-type-options: nosniff
age: 116323
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2454
x-xss-protection: 0
last-modified: Wed, 08 Aug 2018 13:19:06 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Oct 2020 03:40:09 GMT

GET
DATA 200
OK truncated
/ Frame F6F8 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F6F8 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f56582e00ab8b3956004410ee962ab44481abc0597b2a357714dd641c1af28b4

Request headers

Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 vi.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F6F8 3 KB
3 KB 10ms
9ms Image
image/png 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/vi.png

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

b123d3cd853f7cd9c7d7c92b0ca99a37b4fa7e654fca65be5f1a15fd9253635e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Oct 2019 03:15:32 GMT
x-content-type-options: nosniff
server: cafe
age: 31400
etag: 10932518847931040692
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3099
x-xss-protection: 0
expires: Thu, 31 Oct 2019 03:15:32 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F6F8 344 B
563 B 9ms
9ms Image
image/png 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Oct 2019 11:35:24 GMT
x-content-type-options: nosniff
server: cafe
age: 1408
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Thu, 31 Oct 2019 11:35:24 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F6F8 0
0 20ms
20ms Image
text/html 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CkMrI_Hq5XemKBMyCgQeQqZLoDqmihvlZ4-3Uy94HloLNhYgWEAEg2ZXEImCVAqABhryw4wPIAQmpAowz4PLGpbI-4AIAqAMByAMKqgTcAU_Q_ZjCmqzHgoFZ5ZG035_v4CADQZVsPsIfphOL38IePHnZ6Gs6wqZDQwvYaH2MGc0jgEdD3yJ5QTluO15CmLY-VdNIn-pNSgviUlyoFL579gRi-xZPKLnKoW3cLDz7HRpFYUArRPvi98Aw0wjXHbnj9Rzf-jWgUHvusA2GMcsC3hQbSFt7JGEjJPtDIa79c1gGxeCAH5BFMyCu1gCp6zQJW2bntUyBZ6h9bMdDcEeYYqlilIgf85JIOH5t-dHxCN2CAZJaGjR5ckyWgA5qnGBjV7EobtjEAOL3nrDABMSqw_3rAeAEAZIFBAgEGAGSBQQIBRgEoAYugAfiw88cqAeOzhuoB9XJG6gHk9gbqAe6BqgH2csbqAfPzBuoB6a-G9gHAPIHBBDusAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTQ4NTg3MDQ1NzkxMzYzOTaACgPYEwyIFAI&sigh=y6OsW5M0hyI&template_id=484&tpd=AGWhJmtIVaRA1zDSDZLBSsmFYsPfMEZFr7D540Oyzr6989WdFg
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra15s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame F6F8 11 KB
11 KB 9ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Origin: http://raovat.4umer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Fri, 11 Oct 2019 14:50:26 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 1631306
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11020
x-xss-protection: 0
expires: Sat, 10 Oct 2020 14:50:26 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame F6F8 11 KB
11 KB 8ms
5ms Font
font/woff2 2a00:1450:4001:815::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t159447-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Origin: http://raovat.4umer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 12:53:28 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 1811124
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11180
x-xss-protection: 0
expires: Thu, 08 Oct 2020 12:53:28 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-36/html/ Frame 0C39 0
0 8ms
7ms Document
text/html 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019102401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-36/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://raovat.4umer.com/t159447-topic
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://raovat.4umer.com/t159447-topic

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 3516
date: Tue, 29 Oct 2019 03:37:51 GMT
expires: Wed, 28 Oct 2020 03:37:51 GMT
last-modified: Wed, 16 Oct 2019 15:42:04 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 116461
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 112F 78 KB
29 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019102401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9a6d8a5ed8cd222b5015f6186e2b564e91c468a9b6c8e257ae57fe350df94e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1572261520730478"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29331
x-xss-protection: 0
expires: Wed, 30 Oct 2019 11:58:52 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-36/html/ Frame 10CE 0
0 6ms
6ms Document
text/html 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019102401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-36/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://raovat.4umer.com/t159447-topic
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://raovat.4umer.com/t159447-topic

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 3516
date: Tue, 29 Oct 2019 03:37:51 GMT
expires: Wed, 28 Oct 2020 03:37:51 GMT
last-modified: Wed, 16 Oct 2019 15:42:04 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 116461
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 31DF 78 KB
29 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019102401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9a6d8a5ed8cd222b5015f6186e2b564e91c468a9b6c8e257ae57fe350df94e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1572261520730478"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29331
x-xss-protection: 0
expires: Wed, 30 Oct 2019 11:58:52 GMT

POST
H/1.1 200
OK ping Show response
api.viglink.com/api/ 340 B
1022 B 80ms
38ms XHR
text/javascript 99.80.15.126
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/ping
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Server: 99.80.15.126 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-99-80-15-126.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: fa8f3a3eddb4d3374a4f7acf5865a3ae7997a46999cddde4865a27acad4f8f15

Request headers

Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 30 Oct 2019 11:58:52 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://raovat.4umer.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 340
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

tag.min.js Show response
get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/
Redirect Chain

http://api.viglink.com/api/sync.js?key=9019de09e2fbd24ca1be00a9fededd9e
http://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js

43 KB
14 KB

43ms
6ms

Script
text/javascript

2600:9000:200d:400:1f:287:d20a:ce1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
Protocol: HTTP/1.1
Server: 2600:9000:200d:400:1f:287:d20a:ce1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4581a8ee1f3b5103458e5ad88a90c847bacce216bb021fc8a21d9d9f9e0e3d1b

Request headers

Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

x-amz-version-id: ZHambxBZf8oDBVbsA2eKvhosoGHeIUKy
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Fri, 06 Sep 2019 22:23:21 GMT
Server: AmazonS3
Age: 644
Date: Wed, 30 Oct 2019 11:48:08 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 7f0216233154388a0ffe191ece5a7b12.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50
X-Amz-Cf-Id: Nst3qdDzIWnyr5zze7yS6r6lIj7j76WTjj7MetSWSCgftHslSR-LZA==

Redirect headers

Pragma: no-cache
Date: Wed, 30 Oct 2019 11:58:52 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Location: http://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/
Redirect Chain

http://api.viglink.com/api/sync.gif?key=9019de09e2fbd24ca1be00a9fededd9e
http://ce.lijit.com/merge?pid=8008&3pid=284501e81b47f6d2e68f44a08d01734a
http://ce.lijit.com/merge?pid=8008&3pid=284501e81b47f6d2e68f44a08d01734a&dnr=1

43 B
586 B

15ms
15ms

Image
image/gif

216.52.2.19
Internap Corporation

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ce.lijit.com/merge?pid=8008&3pid=284501e81b47f6d2e68f44a08d01734a&dnr=1
Protocol: HTTP/1.1
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Oct 2019 11:58:52 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Type: image/gif
Content-Length: 43
X-Application-Context: application:prod:9080
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 30 Oct 2019 11:58:52 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: http://ce.lijit.com/merge?pid=8008&3pid=284501e81b47f6d2e68f44a08d01734a&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Length: 0
X-Application-Context: application:prod:9080
Expires: Fri, 20 Mar 2009 00:00:00 GMT

POST
H/1.1 200
OK domains Show response
api.viglink.com/api/ 55 B
502 B 52ms
31ms XHR
text/javascript 99.80.15.126
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/domains
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Server: 99.80.15.126 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-99-80-15-126.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 13d1de7c2b2d05b6e7c0eddd26dc2f50b0c97d963c3062f898af8b56ea4ba369

Request headers

Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 30 Oct 2019 11:58:52 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://raovat.4umer.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 55
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK insert Show response
api.viglink.com/api/ 117 B
565 B 57ms
33ms XHR
text/javascript 99.80.15.126
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/insert
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Server: 99.80.15.126 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-99-80-15-126.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 850e68bc48c89e40ae1c8adea7de84dc97844cb2f3f7995cf2f5c620d55f507a

Request headers

Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 30 Oct 2019 11:58:52 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://raovat.4umer.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 117
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 400
Bad Request optimize Show response
api.viglink.com/api/ 986 B
1 KB 31ms
31ms XHR
text/html 99.80.15.126
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/optimize
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Server: 99.80.15.126 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-99-80-15-126.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 4192f7a925a86b25b87e422c509071dc6d5222fef92358406b627882ee2c22af

Request headers

Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 30 Oct 2019 11:58:52 GMT
Server: Apache-Coyote/1.1
Content-Language: en
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://raovat.4umer.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html;charset=utf-8
Content-Length: 986
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK / Show response
onetag-geo.s-onetag.com/ 23 B
588 B 30ms
11ms XHR
application/json 2600:9000:2043:3c00:5:ae3a:ba00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: http://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
Protocol: HTTP/1.1
Server: 2600:9000:2043:3c00:5:ae3a:ba00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: ad16e1b37490fca28df99d039d6373d2fee4d894fcd279d95b90ae872f4d860f

Request headers

Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Wed, 30 Oct 2019 11:45:31 GMT
Via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront), 1.1 b7e7cd319ec31b533acb1e9e4b737331.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2, FRA54
x-amzn-RequestId: e45faf57-31d6-4ff8-abe0-5a36598ae020
X-Cache: Hit from cloudfront
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
x-amz-apigw-id: CX-qQEdDyK4FqKA=
Content-Length: 23
X-Amz-Cf-Id: T9zH9VuNFtCd0LG61v24dOZhn7mn0rZl7PZ1gl51_TyXxoC-xmoIWA==

GET
H2 200 beacon.min.js Show response
beacon.s-onetag.com/ 18 KB
6 KB 47ms
7ms Script
application/javascript 2600:9000:200c:d200:5:9a4c:9b00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.s-onetag.com/beacon.min.js
Requested by: Host: get.s-onetag.com
URL: http://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:d200:5:9a4c:9b00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 662fa6bcdf71d8f92e29010d3e2e270e0071e5d19b1d14ce205654a78aa0a7a9

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

x-amz-version-id: dQ2IPgbwW_sArXQW0CBb3eN5W57SqoQ0
content-encoding: gzip
last-modified: Thu, 04 Apr 2019 09:35:05 GMT
server: AmazonS3
age: 2740
date: Wed, 30 Oct 2019 11:13:13 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: FRA2
x-amz-cf-id: dQD__ksKWSQi8BmBM6qiIA5ZNo2-5bmmeSDVHihMFo2wPjvOzjqDeQ==
via: 1.1 a0ca759832376930b4e288cce8d0a079.cloudfront.net (CloudFront)

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F6F8 42 B
600 B 30ms
17ms Image
image/gif 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstrKufWSDEupnKdIfEfFxgOLIF5nEF-f1ojDEfQCkLe-8Wk4ZTAVaW7CsVhmLBznIXXZsfMFPyh5xTMzqQT7UGr37NeO3x0e1FrNPMIGuZHyUJ5C7GYgb46mfohKA&sai=AMfl-YSJ5dLbXI3dfyicyh_Ay0c-7y0is2B3v6UaQV-AMv0eTe4CwsdU4ANapgh6JjnyeEnp94L_IYaXNDrzEE2vFuJgHHy6jFFA9-zdSD3x&sig=Cg0ArKJSzNSW_TSA2t9MEAE&id=ampim&o=0,91&d=728,90&ss=1600,1200&bs=728,90&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=205&tls=1205&g=100&h=100&pt=306&tt=1205&rpt=306&rst=1572436732303&r=v&adk=442451065&avms=ampa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Oct 2019 11:58:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
onetag-geo.s-onetag.com/ 23 B
588 B 11ms
10ms XHR
application/json 2600:9000:2043:3c00:5:ae3a:ba00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://onetag-geo.s-onetag.com/
Requested by: Host: beacon.s-onetag.com
URL: https://beacon.s-onetag.com/beacon.min.js
Protocol: HTTP/1.1
Server: 2600:9000:2043:3c00:5:ae3a:ba00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: ad16e1b37490fca28df99d039d6373d2fee4d894fcd279d95b90ae872f4d860f

Request headers

Referer: http://raovat.4umer.com/t159447-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Wed, 30 Oct 2019 11:45:31 GMT
Via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront), 1.1 b7e7cd319ec31b533acb1e9e4b737331.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2, FRA54
x-amzn-RequestId: e45faf57-31d6-4ff8-abe0-5a36598ae020
X-Cache: Hit from cloudfront
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
x-amz-apigw-id: CX-qQEdDyK4FqKA=
Content-Length: 23
X-Amz-Cf-Id: LRMxBWsPP7d2sj-mY8tMWlxtVWj27B_JAYIN1EacyxlmYZywr4mUgg==

Verdicts & Comments Add Verdict or Comment

292 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.4umer.com/	1970-01-19 22:18:28	Name: __gads Value: ID=25f0ed5cf205bb59:T=1572436732:S=ALNI_MbokgD8Id0rAwhSS0UrczJEGKJXfg

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://raovat.4umer.com/t159447-topic(Line 23) Message: {"w":1600,"h":1200}
console-api	log	URL: http://raovat.4umer.com/t159447-topic(Line 188) Message: Failed to register service worker.
console-api	info	URL: https://cdn.ampproject.org/rtv/011910071804120/amp4ads-v0.js(Line 529) Message: Powered by AMP ⚡ HTML – Version 1910071804120 http://raovat.4umer.com/t159447-topic

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2img.net
adservice.google.de
api.viglink.com
b.scorecardresearch.com
beacon.s-onetag.com
bidder.criteo.com
cdn.ampproject.org
cdn.rawgit.com
cdn.taboola.com
cdn.viglink.com
ce.lijit.com
code.jquery.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
hitsk.in
i.imgur.com
i.servimg.com
i97.servimg.com
illiweb.com
images.dmca.com
maxcdn.bootstrapcdn.com
onetag-geo.s-onetag.com
pagead2.googlesyndication.com
raovat.4umer.com
raovat.tuoitrevn.net
securepubads.g.doubleclick.net
static.criteo.net
staticxx.facebook.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
151.101.112.193
151.101.114.2
151.139.237.11
151.139.242.29
172.217.16.130
178.250.0.130
178.250.0.165
178.33.43.178
178.33.44.177
2.16.186.51
2001:4de0:ac19::1:b:2b
2001:4de0:ac19::1:b:3a
216.52.2.19
2600:9000:200c:d200:5:9a4c:9b00:93a1
2600:9000:200d:400:1f:287:d20a:ce1
2600:9000:2043:3c00:5:ae3a:ba00:93a1
2606:4700:30::6812:3807
2606:4700:30::6812:3907
2606:4700:30::6818:787c
2606:4700:30::681b:8de7
2606:4700::6810:a40d
2606:4700:e2::ac40:8a18
2a00:1450:4001:806::2003
2a00:1450:4001:806::2008
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:814::2001
2a00:1450:4001:815::2003
2a00:1450:4001:818::2002
2a00:1450:4001:818::2003
2a00:1450:4001:81e::2004
2a00:1450:4001:820::2001
2a00:1450:4001:824::200a
2a00:1450:400c:c0b::9c
2a03:2880:f01c:8012:face:b00c:0:3
99.80.15.126
0035ed075d597ffa4dc9deb3f28776a1d13d337daa1f6be413f13cb51f7dd0fb
00570a386fed559fd7bbcad054d52593bb310726207f7e133d14e831a2f8d97e
00bbf9e44fba158ed3dab35e591f50ce0045974527564b2ff1e0eaf850472842
01b5f6933f173c3ac3c6f4de6c33116dd032e5657c279a383e1638714b2355ad
02be12aef9119686fd59cb18175cb585e21e46a6aa5ec6b10074e6dd37476eef
031d5c793b10392a1e6e8d5ca80f0b6988bc773a1debb79d277ebed917e92cbe
06f2b47a2e8017f8387d34806efc5c3643954171cc9cb38e4b1f583a42aaeaa1
075cc698968c8fabdc079e0f5a8bf11ed379ddb445d0d7caa5085cf67ff12b57
0760bb6abffd75a3316d0416c3240161e058e1b9fb5a91db8966b5adf443112a
0bc4420f1af787a1511f43f418d4a4004789468e17c4b723d990d0eb28ec62ec
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
10dfcb598d3dd6c0f995f34de110a0612d6e68ee3f9928bcbe1f348084f0d9bf
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13d1de7c2b2d05b6e7c0eddd26dc2f50b0c97d963c3062f898af8b56ea4ba369
166361649cb058cd61e6f87d19a0b47a859deb79a17396c59d8dd9b1c661bc9f
1925534e08e043e86174c5e2e2fa50889e6c773a82fa3ae83d3365a29e2b50c0
1ccb56e3c58fce6511ad69d71f3a78357043b451270ee13643a32a118899c36c
1d9d080cc4c4b62d5c3dc6dd836df30bb4ea5fa5b4ee839fdba59256f525ec69
20ea9b0f35d57e898e1761b34d5b9d019df3201b0d027908cd02d0656c2960d1
235d503d44efda2814ec2bceae1626390f3c7c8b57bfec42531b927de266758e
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b7caf43d9c84f7b05243a68e7bc41555f0b873a115a1e1c691f86bed97dd4d9
2c459af038b187354a6342ef343b41451f024d3791bb4456c68d998ed9027ec9
2c7a8b34d05698985a9c135034620a43a47bb11b9701867465b4909327f018a3
3f2a88a252ab5dce2170fff4889f744b5a4943b2863b220a96fec7aa9d0bae71
4192f7a925a86b25b87e422c509071dc6d5222fef92358406b627882ee2c22af
4581a8ee1f3b5103458e5ad88a90c847bacce216bb021fc8a21d9d9f9e0e3d1b
4895ea123004a86ed0195e733b973aac213b6ef43487b706a3cda470b32d2322
4d2393ec9a6d20fc58d60f8d9140fd7ccdd709ec1ab00036dce2847901c2ba92
4efba2511ac7b398ee519551405416b684264c28f052829e9dd86bb836257d90
509883d5c1ddb5340d343f304ef51848c6787dada3433153c6cf2cb97315dd19
5384a3023793ef64f078ec77235f40a8cb0fe8aa2dfd04fbbbbaf6e292da18c2
53b50d936fbd0379b43181e53561a665a21e6ea1d1fd50a08b8eeaa0fee06906
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
56afc6a63fa0f0ab9bc9fcd3540807ac1096124e3b91ca8aea1cd27d0aa80ded
5b9015044ce252559ccbb0cd794d03c995a50f84884b2019293782fb7fe8874f
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d27cf2ee5bc25bd7ecd292c38236d692c96cfa466eff13aeff63741de7abfb4
6038afd8284d02f6e1fc06912beff99b1c171a1cfef571bf3f5a3fbc1fd84ab2
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
63bc5e4c3d7b24e70be9c1633b3af4cebee618b084257d34f129fc40c4070e95
662fa6bcdf71d8f92e29010d3e2e270e0071e5d19b1d14ce205654a78aa0a7a9
6742ec1271dff587e859a90ce7e4bee26cfd60625f5bb95325650c6b04afda8d
6776ff45a21faff4d524c5c74735bf4e713e9274acbf6ed335bb9f84c89892e9
690a9c5e2ba9f5cfb4bb225bf84b658d899b75825472da0851845edb636463dd
6ca20cfedac5fd9258f9f8355b713ae92a640b2ebdd2b048182e0b7eafa1a9fe
6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90
77dec1d473dfac77dc01d6c569957a00f7b815b018d32569f62b31be48bef014
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8055b71507df36a9a9d807b0799d9c26533101139e1078ea222897c02ad854c5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84193816087e802c9209355842e4d99b9dc73cea9179921c8070da4dcc139b7d
850e68bc48c89e40ae1c8adea7de84dc97844cb2f3f7995cf2f5c620d55f507a
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8f54301c324d81a1d069061f8932c853d1ac44fdc77298340743310ec32c4aa7
90e83f9812d4235e44151847751420c1b53a05a31415446dd467c85720f6e143
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
92eb11ef280d3b2c4470baec029bd1db7da3a35b6b453183422e25da3b92a087
93dd062566471fa91604aee574ff8f6e78e80bd20b01f5e080adb0ac61680f94
9a6d8a5ed8cd222b5015f6186e2b564e91c468a9b6c8e257ae57fe350df94e09
9c14e216c7aed649a11d2b47f8c6cf9f586ba7f426132ead03c4061b054ffcbd
9d9d83e218b77ec50f10293adbdff01bd7e83d3cd2bf70e2aa8507e10c13c670
a56d8fd2c346648167ab574f3be9f54f3a96707aeddcdd3ceabd3ac1201b8057
a74c20ab0f6e8cb85b6de9aae78b5644285337e4800ec07d3899084af31efcf6
aa95eb8757140f09d3424399b939ed3f10a20c45c6c52476c614c9bc375eb667
ad16e1b37490fca28df99d039d6373d2fee4d894fcd279d95b90ae872f4d860f
aec051bba73f01b746a95098b44c731767e0ba88459bc5eac1fadc3a109d2297
afdf47418c7cc1acb6a43bf303ce2928e43f4a4269db313e55319374750ab3a1
b123d3cd853f7cd9c7d7c92b0ca99a37b4fa7e654fca65be5f1a15fd9253635e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b40c3274538f0155c83d1a9e4d3a68d94d61425a71cddee3ffd7d38a99465733
b844a2bb8061f0b3382e300f63fb07d62a08cca0d9eceb0c995ddc2b118fc062
ba30af7b49758d42799345c9a432e2fb8209de1eb9613c82ef2c7bca640e6911
bf63f5f254303ce6a89985763e3c1d1315b2950eacd9b81a6bb327cd4093ed01
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c60edb9309111bee384d6ffc1489c561dcfc5914258d7391c31cc791a5ff3bae
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
d4a0134009f70c36d82c43c77b2a6f0ee48a57beb8d4f9e9ff7c3dd3887212bc
da281a874974bf0c9518ccd03db9c96e1f69bfbb72ad62bee649c400d97e4899
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e13a6f33e8d69a0db071dcbb72beef2aac18e6dc5e8a5326c1c591125cfdcfd4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
eea9767f3e2c171b55a01fd5da2da5ce658ae3f4e3b6c49cee0659bb38237f6a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2b57c5797018dd0ef9c1c8386ef46d1d27c13ea0615617ffd6e7012074e6948
f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4
f56582e00ab8b3956004410ee962ab44481abc0597b2a357714dd641c1af28b4
f5b862705def8b10b9a2f6e2d285ace98b47d499942ad23d492820a6a04341dc
fa8f3a3eddb4d3374a4f7acf5865a3ae7997a46999cddde4865a27acad4f8f15
fbbc929d969034e2fcd28f903fd53a9759a465f213b2490e0a8a8486546b1f7b
fe6d42f3670bd140d05899fd0bc6161882da3f9fb4173f241148836279fa5477

raovat.4umer.com Open in urlscan Pro 178.33.44.177 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

117 Requests

74 %HTTPS

67 %IPv6

30 Domains

38 Subdomains

36 IPs

7 Countries

1556 kBTransfer

4111 kBSize

1 Cookies

19 Outgoing links

Redirected requests

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

raovat.4umer.com Open in urlscan Pro
178.33.44.177 Public Scan

Screenshot
Live screenshot

Full Image

117
Requests

74 %
HTTPS

67 %
IPv6

30
Domains

38
Subdomains

36
IPs

7
Countries

1556 kB
Transfer

4111 kB
Size

1
Cookies

117 HTTP transactions
2 data transactions