www.otofun.net Open in urlscan Pro
210.245.88.132 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.otofun.net/members/nhacaiuytinvision.857510/#about
Effective URL:
https://www.otofun.net/members/nhacaiuytinvision.857510/
Submission: On April 28 via manual (April 28th 2024, 12:23:24 am UTC) from VN — Scanned from IL

Summary HTTP 68 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 26 IPs in 6 countries across 19 domains to perform 68 HTTP transactions. The main IP is 210.245.88.132, located in Hanoi, Viet Nam and belongs to FPT-AS-AP FPT Telecom Company, VN. The main domain is www.otofun.net. The Cisco Umbrella rank of the primary domain is 454777.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on September 26th 2023. Valid for: a year.

This is the only time www.otofun.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	210.245.88.132 210.245.88.132	18403 (FPT-AS-AP...) (FPT-AS-AP FPT Telecom Company)
4	172.217.16.200 172.217.16.200	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
5	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	104.20.95.138 104.20.95.138	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
2	172.217.18.14 172.217.18.14	15169 (GOOGLE) (GOOGLE)
1	157.240.253.35 157.240.253.35	32934 (FACEBOOK) (FACEBOOK)
1	104.18.35.167 104.18.35.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	178.250.1.3 178.250.1.3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	65.9.66.97 65.9.66.97	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.173.210.195 18.173.210.195	16509 (AMAZON-02) (AMAZON-02)
1	172.217.16.129 172.217.16.129	15169 (GOOGLE) (GOOGLE)
2	216.239.32.181 216.239.32.181	15169 (GOOGLE) (GOOGLE)
2	74.125.71.157 74.125.71.157	15169 (GOOGLE) (GOOGLE)
1	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	142.250.186.161 142.250.186.161	15169 (GOOGLE) (GOOGLE)
4	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	3.248.140.97 3.248.140.97	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	142.250.186.68 142.250.186.68	15169 (GOOGLE) (GOOGLE)
68	26

24 210.245.88.132 (Hanoi, Viet Nam)

ASN18403 (FPT-AS-AP FPT Telecom Company, VN)
PTR: svr.otofun.net

www.otofun.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.95.138 (None, )

ASN13335 (CLOUDFLARENET, US)

www.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.14 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.210.195 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-210-195.fra56.r.cloudfront.net

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.129 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f129.1e100.net

beea2752b34576169a7cd9196e7a8801.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.32.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.71.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wn-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

www.google.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.140.97 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-140-97.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	otofun.net www.otofun.net — Cisco Umbrella Rank: 454777	854 KB
10	googlesyndication.com beea2752b34576169a7cd9196e7a8801.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157 pagead2.googlesyndication.com — Cisco Umbrella Rank: 104	280 KB
7	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 207 stats.g.doubleclick.net — Cisco Umbrella Rank: 84	195 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	299 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 2676 google-bidout-d.openx.net — Cisco Umbrella Rank: 2648	528 B
3	google.com analytics.google.com — Cisco Umbrella Rank: 145 www.google.com — Cisco Umbrella Rank: 2	307 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1152 bcp.crwdcntrl.net — Cisco Umbrella Rank: 974	12 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	21 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	71 KB
2	statcounter.com www.statcounter.com — Cisco Umbrella Rank: 18729 c.statcounter.com — Cisco Umbrella Rank: 11493	14 KB
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 453
1	google.co.il www.google.co.il — Cisco Umbrella Rank: 27443	408 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 3173	3 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2641	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 661	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2061	8 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1303	6 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	269 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 289	30 KB
68	19

	Domain	Requested by
24	www.otofun.net	www.otofun.net
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
5	securepubads.g.doubleclick.net	www.otofun.net www.googletagservices.com securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	www.googletagmanager.com	www.otofun.net www.googletagmanager.com
2	oajs.openx.net	1 redirects www.otofun.net
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	analytics.google.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	www.otofun.net connect.facebook.net
1	www.google.com	tpc.googlesyndication.com
1	c.statcounter.com	www.statcounter.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	gum.criteo.com	static.criteo.net
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	www.google.co.il	www.otofun.net
1	beea2752b34576169a7cd9196e7a8801.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	www.facebook.com	www.otofun.net
1	www.statcounter.com	www.otofun.net
1	www.googletagservices.com	www.otofun.net
68	26

This site contains links to these domains. Also see Links.

Domain
xecuanam.vn
news.otofun.net
nhacaiuytin.vision
offcourse.co
www.iniuria.us
www.nintendo-master.com
wibki.com
dreevoo.com
www.fanart-central.net
www.allsquaregolf.com
blender.community
velopiter.spb.ru
willysforsale.com
connect.gt
www.metooo.io
test.sozapag.ru
forum.cncprovn.com
forum.liquidbounce.net

Subject Issuer	Validity	Valid
*.otofun.net RapidSSL TLS RSA CA G1	`2023-09-26` - `2024-10-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-05` - `2025-01-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-02-05` - `2024-05-05`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2024-03-20` - `2024-06-18`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-25` - `2024-07-19`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2024-04-20` - `2024-07-19`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2024-04-19` - `2024-07-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.google.co.il GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-15` - `2024-07-10`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.otofun.net/members/nhacaiuytinvision.857510/
Frame ID: 65B3EBACBE45A9D01AB5DBD3A445636E
Requests: 54 HTTP requests in this frame

Frame: https://www.otofun.net/styles/otofun/banner/xcn2024.jpg
Frame ID: 7FB0BAFEFE9783241B80F8C080EC2751
Requests: 1 HTTP requests in this frame

Frame: https://beea2752b34576169a7cd9196e7a8801.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 955D7E4EF2FD5D0E98CE5B7387031F26
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuevfu_kW0n8emGVcr9hhPem4TO5AaGU41A_-Jj1NAelh6uyQ7ZmxMMJIczjlJl8ZboEqlopyU2IndhOOzDDZGlqb3mmNKKvOKX3qHFHC606BNWjRSIkziUYFWWDDRmqaaGieLy0NSeUgM4dGjXhiDhWQqP1gQ-f5Yd3-mziH82GnP8FbvHrxEzKKS7n7RXbqUtDr6BHJAHGKJtO6K-q0wc30cnUJk0UeYewaXQkypfo6MUflTBiG4oc8fM3pDYcWyNdrxLjL3xKFgLdYM9pl9ovLmeyadLAiWU4q_FADrmqEhItLpN-K8go_mtrWEfLSGKDmzYDvBkYRTG3vPhsDuEx7iVSXPc&sai=AMfl-YT6FdMmDF0_5iaOzfqNJQ8ZV8RAs0EoV9YbBAtFvuwdJZmfilEbm5HtVOZoprDsk5NCuloA4Q4LsWsMQfAt0FRAssGht5Iky5ypytuH8bzcj2yRZi4zo2BW3B8bXzkdOuvq4eEOegQN_2W2FIzaGOs&sig=Cg0ArKJSzMdqVszmomCiEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 12559B070FF93296A32C44B3CC879E87
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.otofun.net
Frame ID: 03DF9C86EC641BF923F2788E65634244
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 39A845CBAB57BD5D97AC5E22CC44B152
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DB78487151E5CA7AB425E4CB4ED39BF5
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8F82E36DB5018DC136FC0C7EC4AF0ECC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

nhacaiuytinvision | OTOFUN | CỘNG ĐỒNG OTO XE MÁY VIỆT NAM

Detected technologies

XenForo (Message Boards) Expand

Overall confidence: 100%
Detected patterns

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Statcounter (Analytics) Expand

Overall confidence: 100%
Detected patterns

statcounter\.com/counter/counter

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

68
Requests

97 %
HTTPS

0 %
IPv6

19
Domains

26
Subdomains

26
IPs

6
Countries

1810 kB
Transfer

3967 kB
Size

22
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://xecuanam.vn/
Title: Otofun

Search URL Search Domain Scan URL

URL: https://news.otofun.net/
Title: OF News

Search URL Search Domain Scan URL

URL: https://nhacaiuytin.vision/
Title: https://nhacaiuytin.vision/

Search URL Search Domain Scan URL

URL: https://offcourse.co/users/profile/nhacaiuytinvision/
Title: https://offcourse.co/users/profile/nhacaiuytinvision/

Search URL Search Domain Scan URL

URL: https://www.iniuria.us/forum/member.php?430176-nhacaiuytinvision
Title: https://www.iniuria.us/forum/member.php?430176-nhacaiuytinvision

Search URL Search Domain Scan URL

URL: https://www.nintendo-master.com/profil/nhacaiuytinvision
Title: https://www.nintendo-master.com/profil/nhacaiuytinvision

Search URL Search Domain Scan URL

URL: https://wibki.com/nhacaiuytinvision
Title: https://wibki.com/nhacaiuytinvision

Search URL Search Domain Scan URL

URL: https://dreevoo.com/profile.php?pid=628754
Title: https://dreevoo.com/profile.php?pid=628754

Search URL Search Domain Scan URL

URL: http://www.fanart-central.net/user/nhacaiuytinvision/profile
Title: http://www.fanart-central.net/user/nhacaiuytinvision/profile

Search URL Search Domain Scan URL

URL: https://www.allsquaregolf.com/golf-users/nhacaiuytin-vision
Title: https://www.allsquaregolf.com/golf-users/nhacaiuytin-vision

Search URL Search Domain Scan URL

URL: https://blender.community/nhacaiuytinvision/
Title: https://blender.community/nhacaiuytinvision/

Search URL Search Domain Scan URL

URL: https://velopiter.spb.ru/profile/111127-nhacaiuytinvision/
Title: https://velopiter.spb.ru/profile/111127-nhacaiuytinvision/

Search URL Search Domain Scan URL

URL: https://willysforsale.com/profile/nhacaiuytinvision/
Title: https://willysforsale.com/profile/nhacaiuytinvision/

Search URL Search Domain Scan URL

URL: https://connect.gt/user/nhacaiuytinvision
Title: https://connect.gt/user/nhacaiuytinvision

Search URL Search Domain Scan URL

URL: https://www.metooo.io/u/nhacaiuytinvision
Title: https://www.metooo.io/u/nhacaiuytinvision

Search URL Search Domain Scan URL

URL: http://test.sozapag.ru/forum/user/234671/
Title: http://test.sozapag.ru/forum/user/234671/

Search URL Search Domain Scan URL

URL: http://forum.cncprovn.com/members/173768-nhacaiuytinvision
Title: http://forum.cncprovn.com/members/173768-nhacaiuytinvision

Search URL Search Domain Scan URL

URL: https://forum.liquidbounce.net/user/top10nhacai
Title: https://forum.liquidbounce.net/user/top10nhacai

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.otofun.net%2Fmembers%2Fnhacaiuytinvision.857510%2F%23about&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.otofun.net%2Fmembers%2Fnhacaiuytinvision.857510%2F%23about&rid=esp&cc=1

68 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.otofun.net/members/nhacaiuytinvision.857510/ 42 KB
15 KB 1472ms
505ms Document
text/html 210.245.88.132
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otofun.net/members/nhacaiuytinvision.857510/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),

Reverse DNS

svr.otofun.net

Software

Apache / PHP/7.2.31

Resource Hash

7b85352686ac920c44529a6d385afb3aab174ed65dcb799fae7e43e248f0aaee

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Age: 0
Cache-Control: private, no-cache, max-age=0
Content-Encoding: gzip
Content-Length: 14453
Content-Type: text/html; charset=utf-8
Date: Sun, 28 Apr 2024 00:23:16 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Sun, 28 Apr 2024 00:23:16 GMT
Server: Apache
Vary: Accept-Encoding
Via: 1.1 varnish
X-Content-Type-Options: nosniff nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/7.2.31
X-Varnish: 1246860419
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK fa-regular-400.woff2
www.otofun.net/styles/fonts/fa/ 149 KB
149 KB 1295ms
326ms Font
text/plain 210.245.88.132
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otofun.net/styles/fonts/fa/fa-regular-400.woff2

Requested by

Host: www.otofun.net
URL: https://www.otofun.net/members/nhacaiuytinvision.857510/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),

Reverse DNS

svr.otofun.net

Software

Apache /

Resource Hash

a691a103318f7ba26d21ac2dfb49e3e3a60a033ab954e57c50536c08b0b11b4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.otofun.net/members/nhacaiuytinvision.857510/
Origin: https://www.otofun.net
Accept-Language: he-IL,he;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Apr 2024 00:23:17 GMT
Via: 1.1 varnish
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sat, 11 Jan 2020 15:23:11 GMT
Server: Apache
Age: 0
ETag: "4c1cb4-25264-59bded1f395c0"
Transfer-Encoding: chunked
X-Varnish: 1246860455
Content-Type: text/plain; charset=UTF-8
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK fa-solid-900.woff2
www.otofun.net/styles/fonts/fa/ 120 KB
120 KB 1560ms
591ms Font
text/plain 210.245.88.132
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otofun.net/styles/fonts/fa/fa-solid-900.woff2

Requested by

Host: www.otofun.net
URL: https://www.otofun.net/members/nhacaiuytinvision.857510/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),

Reverse DNS

svr.otofun.net

Software

Apache /

Resource Hash

10d3ea0d46cd1a13f50ad64f579fb44049af584668fb7b52c877b8422aa0c86b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.otofun.net/members/nhacaiuytinvision.857510/
Origin: https://www.otofun.net
Accept-Language: he-IL,he;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Apr 2024 00:23:17 GMT
Via: 1.1 varnish
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sat, 11 Jan 2020 15:23:11 GMT
Server: Apache
Age: 0
ETag: "4c1cb6-1e07c-59bded1f395c0"
Transfer-Encoding: chunked
X-Varnish: 1246860456
Content-Type: text/plain; charset=UTF-8
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK fa-brands-400.woff2
www.otofun.net/styles/fonts/fa/ 73 KB
73 KB 1296ms
325ms Font
text/plain 210.245.88.132
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otofun.net/styles/fonts/fa/fa-brands-400.woff2

Requested by

Host: www.otofun.net
URL: https://www.otofun.net/members/nhacaiuytinvision.857510/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),

Reverse DNS

svr.otofun.net

Software

Apache /

Resource Hash

393c9eb38094146703dab8a0b29e3ee6dc7f109d5aa5ada591080ddca7fb1f0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.otofun.net/members/nhacaiuytinvision.857510/
Origin: https://www.otofun.net
Accept-Language: he-IL,he;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Apr 2024 00:23:17 GMT
Via: 1.1 varnish
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sat, 11 Jan 2020 15:23:11 GMT
Server: Apache
Age: 0
ETag: "4c1cae-123ac-59bded1f395c0"
Transfer-Encoding: chunked
X-Varnish: 1246860457
Content-Type: text/plain; charset=UTF-8
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK css.php
www.otofun.net/ 362 KB
77 KB 672ms
417ms Stylesheet
text/css 210.245.88.132
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otofun.net/css.php?css=public%3Anormalize.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=6&l=2&d=1708417823&k=cb793c6fc31421153cc106ac10347ad05d71d5b5

Requested by

Host: www.otofun.net
URL: https://www.otofun.net/members/nhacaiuytinvision.857510/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),

Reverse DNS

svr.otofun.net

Software

Apache / PHP/7.2.31

Resource Hash

9da6fd40d60a02853d877024dd7ca64a62890b7f65333b7e7acce000c3e20575

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/members/nhacaiuytinvision.857510/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Apr 2024 00:23:16 GMT
Content-Encoding: gzip
Via: 1.1 varnish
X-Content-Type-Options: nosniff
Age: 0
X-Powered-By: PHP/7.2.31
Content-Length: 78437
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 20 Feb 2024 08:30:23 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
X-Varnish: 1246860450
Cache-Control: public, max-age=31536000
Expires: Mon, 28 Apr 2025 00:23:16 GMT

GET
H/1.1 200
OK css.php
www.otofun.net/ 13 KB
4 KB 1311ms
377ms Stylesheet
text/css 210.245.88.132
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otofun.net/css.php?css=public%3Amember.less%2Cpublic%3Anotices.less%2Cpublic%3Asiropu_ads_manager_ad.less%2Cpublic%3Aextra.less&s=6&l=2&d=1708417823&k=e97ded5df9666604147938214e55e86da8b851f1

Requested by

Host: www.otofun.net
URL: https://www.otofun.net/members/nhacaiuytinvision.857510/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),

Reverse DNS

svr.otofun.net

Software

Apache / PHP/7.2.31

Resource Hash

b1954b2c88a8dd8eaf5a148c5ef4ff020f3088046b41df33fc4a4adcea14aea4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/members/nhacaiuytinvision.857510/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Apr 2024 00:23:17 GMT
Content-Encoding: gzip
Via: 1.1 varnish
X-Content-Type-Options: nosniff
Age: 0
X-Powered-By: PHP/7.2.31
Content-Length: 3997
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 20 Feb 2024 08:30:23 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
X-Varnish: 1246860454
Cache-Control: public, max-age=31536000
Expires: Mon, 28 Apr 2025 00:23:17 GMT

GET
H/1.1 200
OK preamble.min.js Show response
www.otofun.net/js/xf/ 3 KB
2 KB 1304ms
329ms Script
text/javascript 210.245.88.132
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otofun.net/js/xf/preamble.min.js?_v=eb3130f3

Requested by

Host: www.otofun.net
URL: https://www.otofun.net/members/nhacaiuytinvision.857510/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),

Reverse DNS

svr.otofun.net

Software

Apache /

Resource Hash

1bde71f219a0dcdd26f62679238d666897284fe85a7292157cdab78b98488bb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/members/nhacaiuytinvision.857510/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Apr 2024 00:23:17 GMT
Content-Encoding: gzip
Via: 1.1 varnish
X-Content-Type-Options: nosniff
Last-Modified: Sat, 11 Jan 2020 15:23:11 GMT
Server: Apache
Age: 0
ETag: "56a5f4-cd0-59bded1f395c0"
Vary: Accept-Encoding
Content-Type: text/javascript
X-Varnish: 1246860458
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Content-Length: 1624
X-XSS-Protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
72 KB 379ms
124ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-33744322-1

Requested by

Host: www.otofun.net
URL: https://www.otofun.net/members/nhacaiuytinvision.857510/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

5c41718d8dc62103483f895e8ef6cf310cf0bcea2227ac4c0f5236300eda59d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Apr 2024 00:23:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 73358
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 28 Apr 2024 00:23:18 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 96 KB
30 KB 382ms
125ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.otofun.net
URL: https://www.otofun.net/members/nhacaiuytinvision.857510/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

b9edf3eded539c9727660c0c3b073ee489484a921938b57ae87b06fc3646ae93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Apr 2024 00:23:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30686
x-xss-protection: 0
server: cafe
etag: 254 / 19841 / 31083154 / config-hash: 8127643254797218485
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 28 Apr 2024 00:23:18 GMT

GET
H/1.1 200
OK sabc2023.jpg
www.otofun.net/styles/otofun/banner/ 161 KB
161 KB 642ms
404ms Image
image/jpeg 210.245.88.132
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otofun.net/styles/otofun/banner/sabc2023.jpg

Requested by

Host: www.otofun.net
URL: https://www.otofun.net/members/nhacaiuytinvision.857510/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),

Reverse DNS

svr.otofun.net

Software

Apache /

Resource Hash

1afdbdf59f020161d976cac2051b53e4f9fb101f56d75947466a1241f0a33f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/members/nhacaiuytinvision.857510/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Apr 2024 00:23:17 GMT
Via: 1.1 varnish
X-Content-Type-Options: nosniff
Last-Modified: Thu, 30 Nov 2023 06:41:45 GMT
Server: Apache
Age: 0
ETag: "8a0507-2835d-60b58f1fa3c40"
Content-Type: image/jpeg
X-Varnish: 1246860460
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Content-Length: 164701
X-XSS-Protection: 1; mode=block

GET
H/1.1 404
Not Found banner.jpg
www.otofun.net/styles/default/ 223 B
223 B 328ms
328ms Image
text/html 210.245.88.132
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otofun.net/styles/default/banner.jpg

Requested by

Host: www.otofun.net
URL: https://www.otofun.net/members/nhacaiuytinvision.857510/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),

Reverse DNS

svr.otofun.net

Software

Apache /

Resource Hash

3c690adbe99cf2aec9d61f8fafdad3a60fca4816971a38b033a4529344a72fde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/members/nhacaiuytinvision.857510/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Apr 2024 00:23:17 GMT
Content-Encoding: gzip
Via: 1.1 varnish
X-Content-Type-Options: nosniff
Server: Apache
Age: 0
Vary: Accept-Encoding
X-Varnish: 1246860461
Content-Type: text/html; charset=iso-8859-1
Content-Length: 191
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 857510.jpg
www.otofun.net/data/avatars/l/857/ 5 KB
5 KB 316ms
314ms Image
image/jpeg 210.245.88.132
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otofun.net/data/avatars/l/857/857510.jpg?1713411152

Requested by

Host: www.otofun.net
URL: https://www.otofun.net/members/nhacaiuytinvision.857510/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),

Reverse DNS

svr.otofun.net

Software

Apache /

Resource Hash

715d0f297423b702eeefc041c7712d2f3cf439a28cff4a4aa38992d894066832

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/members/nhacaiuytinvision.857510/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Apr 2024 00:23:17 GMT
Via: 1.1 varnish
X-Content-Type-Options: nosniff
Last-Modified: Thu, 18 Apr 2024 03:32:33 GMT
Server: Apache
Age: 0
ETag: "7a0bb4-1417-616569f2da85b"
Content-Type: image/jpeg
X-Varnish: 1246860462
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Content-Length: 5143
X-XSS-Protection: 1; mode=block

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 96 KB
30 KB 393ms
137ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.otofun.net
URL: https://www.otofun.net/members/nhacaiuytinvision.857510/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

9c5f96aaf1507dd3cf9d64b34011b84a78641d68615fafabdbcdaa36a2090978

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Apr 2024 00:23:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30680
x-xss-protection: 0
server: cafe
etag: 779 / 19841 / m202404230101 / config-hash: 8127643254797218485
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 28 Apr 2024 00:23:18 GMT

GET
H/1.1 200
OK s1.png
www.otofun.net/styles/img/ 8 KB
8 KB 849ms
331ms Image
image/png 210.245.88.132
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otofun.net/styles/img/s1.png

Requested by

Host: www.otofun.net
URL: https://www.otofun.net/members/nhacaiuytinvision.857510/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),

Reverse DNS

svr.otofun.net

Software

Apache /

Resource Hash

73ac4db1759e2cac13b379179bc506011c0cfb63047d75bc1ff8a72bc20306bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/members/nhacaiuytinvision.857510/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Apr 2024 00:23:18 GMT
Via: 1.1 varnish
X-Content-Type-Options: nosniff
Last-Modified: Tue, 30 Apr 2019 19:03:55 GMT
Server: Apache
Age: 0
ETag: "4c1cba-1ee3-587c40ffafcc0"
Content-Type: image/png
X-Varnish: 1246860481
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Content-Length: 7907
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery-3.3.1.min.js Show response
www.otofun.net/js/vendor/jquery/ 85 KB
30 KB 892ms
576ms Script
text/javascript 210.245.88.132
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otofun.net/js/vendor/jquery/jquery-3.3.1.min.js?_v=eb3130f3

Requested by

Host: www.otofun.net
URL: https://www.otofun.net/members/nhacaiuytinvision.857510/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),

Reverse DNS

svr.otofun.net

Software

Apache /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/members/nhacaiuytinvision.857510/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Apr 2024 00:23:18 GMT
Content-Encoding: gzip
Via: 1.1 varnish
X-Content-Type-Options: nosniff
Last-Modified: Sat, 11 Jan 2020 15:23:11 GMT
Server: Apache
Age: 0
ETag: "56a52d-1538f-59bded1f395c0"
Vary: Accept-Encoding
Content-Type: text/javascript
X-Varnish: 1246860474
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Content-Length: 30307
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK vendor-compiled.js Show response
www.otofun.net/js/vendor/ 71 KB
22 KB 354ms
330ms Script
text/javascript 210.245.88.132
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otofun.net/js/vendor/vendor-compiled.js?_v=eb3130f3

Requested by

Host: www.otofun.net
URL: https://www.otofun.net/members/nhacaiuytinvision.857510/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),

Reverse DNS

svr.otofun.net

Software

Apache /

Resource Hash

119706abf6f2628df34cc02ea9b4dad78e7276c36daca18c456aab958b3ad655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/members/nhacaiuytinvision.857510/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Apr 2024 00:23:18 GMT
Content-Encoding: gzip
Via: 1.1 varnish
X-Content-Type-Options: nosniff
Last-Modified: Sat, 11 Jan 2020 15:23:11 GMT
Server: Apache
Age: 0
ETag: "56a4a4-11b76-59bded1f395c0"
Vary: Accept-Encoding
Content-Type: text/javascript
X-Varnish: 1246860484
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Content-Length: 21739
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK core-compiled.js Show response
www.otofun.net/js/xf/ 250 KB
64 KB 418ms
353ms Script
text/javascript 210.245.88.132
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otofun.net/js/xf/core-compiled.js?_v=eb3130f3

Requested by

Host: www.otofun.net
URL: https://www.otofun.net/members/nhacaiuytinvision.857510/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),

Reverse DNS

svr.otofun.net

Software

Apache /

Resource Hash

b8219c8fdb7ad7f8ab8783011317523c8dc768188b29ed2c4ae63bf754ea0c3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/members/nhacaiuytinvision.857510/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Apr 2024 00:23:18 GMT
Content-Encoding: gzip
Via: 1.1 varnish
X-Content-Type-Options: nosniff
Last-Modified: Tue, 21 Jul 2020 13:27:22 GMT
Server: Apache
Age: 0
ETag: "56a8fc-3e716-5aaf3954a4280"
Vary: Accept-Encoding
Content-Type: text/javascript
X-Varnish: 1246860486
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Content-Length: 65349
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK inline_mod.min.js Show response
www.otofun.net/js/xf/ 6 KB
3 KB 315ms
315ms Script
text/javascript 210.245.88.132
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otofun.net/js/xf/inline_mod.min.js?_v=eb3130f3

Requested by

Host: www.otofun.net
URL: https://www.otofun.net/members/nhacaiuytinvision.857510/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),

Reverse DNS

svr.otofun.net

Software

Apache /

Resource Hash

3a9935a8b51aa99d6b4cdbc7277bd3a1b65632ac0291adcfac9db2d31e040437

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/members/nhacaiuytinvision.857510/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Apr 2024 00:23:18 GMT
Content-Encoding: gzip
Via: 1.1 varnish
X-Content-Type-Options: nosniff
Last-Modified: Sat, 11 Jan 2020 15:23:11 GMT
Server: Apache
Age: 0
ETag: "56a5df-19de-59bded1f395c0"
Vary: Accept-Encoding
Content-Type: text/javascript
X-Varnish: 1246860488
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Content-Length: 2370
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK ajax-content.min.js Show response
www.otofun.net/js/extra/ 686 B
784 B 466ms
325ms Script
text/javascript 210.245.88.132
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otofun.net/js/extra/ajax-content.min.js?_v=eb3130f3

Requested by

Host: www.otofun.net
URL: https://www.otofun.net/members/nhacaiuytinvision.857510/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),

Reverse DNS

svr.otofun.net

Software

Apache /

Resource Hash

bc3951c1fdf28a28e752e4cd704d287c82077914ce8571c7dddb40d6c46b9e94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/members/nhacaiuytinvision.857510/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Apr 2024 00:23:19 GMT
Content-Encoding: gzip
Via: 1.1 varnish
X-Content-Type-Options: nosniff
Last-Modified: Mon, 13 Jan 2020 14:56:29 GMT
Server: Apache
Age: 0
ETag: "4c1b6c-2ae-59c06ae25c140"
Vary: Accept-Encoding
Content-Type: text/javascript
X-Varnish: 1246860495
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Content-Length: 357
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK core.min.js Show response
www.otofun.net/js/siropu/am/ 8 KB
3 KB 330ms
318ms Script
text/javascript 210.245.88.132
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otofun.net/js/siropu/am/core.min.js?_v=eb3130f3

Requested by

Host: www.otofun.net
URL: https://www.otofun.net/members/nhacaiuytinvision.857510/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),

Reverse DNS

svr.otofun.net

Software

Apache /

Resource Hash

060de9b32d61b6641d2ed4b0567a7066a4db9ba181720399872508d1b8307eba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/members/nhacaiuytinvision.857510/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Apr 2024 00:23:19 GMT
Content-Encoding: gzip
Via: 1.1 varnish
X-Content-Type-Options: nosniff
Last-Modified: Sat, 11 Jan 2020 19:05:00 GMT
Server: Apache
Age: 0
ETag: "56a497-2124-59be1eb3acf00"
Vary: Accept-Encoding
Content-Type: text/javascript
X-Varnish: 1246860497
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Content-Length: 2723
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK notice.min.js Show response
www.otofun.net/js/xf/ 4 KB
2 KB 440ms
325ms Script
text/javascript 210.245.88.132
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otofun.net/js/xf/notice.min.js?_v=eb3130f3

Requested by

Host: www.otofun.net
URL: https://www.otofun.net/members/nhacaiuytinvision.857510/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),

Reverse DNS

svr.otofun.net

Software

Apache /

Resource Hash

07c6e6a76275666257a3b3f654e9021a3c6f89090a5df2cf5fe5e9cb5709b92a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/members/nhacaiuytinvision.857510/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Apr 2024 00:23:19 GMT
Content-Encoding: gzip
Via: 1.1 varnish
X-Content-Type-Options: nosniff
Last-Modified: Sat, 11 Jan 2020 15:23:11 GMT
Server: Apache
Age: 0
ETag: "56a5eb-101d-59bded1f395c0"
Vary: Accept-Encoding
Content-Type: text/javascript
X-Varnish: 1246860499
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Content-Length: 1759
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK socialLoader.js Show response
www.otofun.net/js/ 704 B
811 B 319ms
315ms Script
text/javascript 210.245.88.132
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otofun.net/js/socialLoader.js?_v=eb3130f3

Requested by

Host: www.otofun.net
URL: https://www.otofun.net/members/nhacaiuytinvision.857510/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),

Reverse DNS

svr.otofun.net

Software

Apache /

Resource Hash

082d3253a191f51e8e0264db150fbf99b0b3c8575318242656681a742831a729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/members/nhacaiuytinvision.857510/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Apr 2024 00:23:19 GMT
Content-Encoding: gzip
Via: 1.1 varnish
X-Content-Type-Options: nosniff
Last-Modified: Sun, 12 Jan 2020 09:04:07 GMT
Server: Apache
Age: 0
ETag: "4c1b61-2c0-59beda4250fc0"
Vary: Accept-Encoding
Content-Type: text/javascript
X-Varnish: 1246860498
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Content-Length: 384
X-XSS-Protection: 1; mode=block

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 35 KB
13 KB 205ms
72ms Script
application/javascript 104.20.95.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: www.otofun.net
URL: https://www.otofun.net/members/nhacaiuytinvision.857510/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.95.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 163f56b3b6e604ea7f6aae49c6f6069fc9626233680d09d8a1034440d93d4ac4

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Apr 2024 00:23:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 Apr 2024 14:50:52 GMT
server: cloudflare
age: 7600
etag: W/"6626794c-8c64"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 87b2e7213847e3cf-TLV
expires: Sun, 28 Apr 2024 10:16:36 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 365ms
112ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.otofun.net
URL: https://www.otofun.net/members/nhacaiuytinvision.857510/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 28 Apr 2024 00:23:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57850
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=54, rtx=0, c=12, mss=1380, tbw=2790, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: xwWNp1oai3Bp4fT68F82NO8oHc0l6x4YUqHM5uzYINkY9/uyLT8PLjBX4pGsGnt/joonXNXcpjDZ9h2Xf/ctbg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 154 KB
58 KB 471ms
218ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5SJ8TQC

Requested by

Host: www.otofun.net
URL: https://www.otofun.net/members/nhacaiuytinvision.857510/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

303929c2017a54c7d4250402277286eb1fce4364f98522a301ad18ac323a7547

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Apr 2024 00:23:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59035
x-xss-protection: 0
last-modified: Sun, 28 Apr 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Apr 2024 00:23:18 GMT

GET
H/1.1 200
OK xcn2024.jpg Show response
www.otofun.net/styles/otofun/banner/ Frame 7FB0 108 KB
108 KB 909ms
595ms Document
image/jpeg 210.245.88.132
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otofun.net/styles/otofun/banner/xcn2024.jpg

Requested by

Host: www.otofun.net
URL: https://www.otofun.net/members/nhacaiuytinvision.857510/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),

Reverse DNS

svr.otofun.net

Software

Apache /

Resource Hash

592379e14f085748bb75e3962a7b6b279df63aad0e60d1e79a3858018fc54f4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/members/nhacaiuytinvision.857510/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=604800, public
Content-Length: 110111
Content-Type: image/jpeg
Date: Sun, 28 Apr 2024 00:23:18 GMT
ETag: "8a0415-1ae1f-612f94b7e77c0"
Last-Modified: Wed, 06 Mar 2024 07:56:23 GMT
Server: Apache
Via: 1.1 varnish
X-Content-Type-Options: nosniff
X-Varnish: 1246860475
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bg.png
www.otofun.net/styles/otofun/images/ 1 KB
1 KB 785ms
318ms Image
image/png 210.245.88.132
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otofun.net/styles/otofun/images/bg.png

Requested by

Host: www.otofun.net
URL: https://www.otofun.net/css.php?css=public%3Anormalize.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=6&l=2&d=1708417823&k=cb793c6fc31421153cc106ac10347ad05d71d5b5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),

Reverse DNS

svr.otofun.net

Software

Apache /

Resource Hash

1aaf6b014a0a6ea80d0221dcdf2f840c764a6f8aefd3935240aed46c3348ee04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/css.php?css=public%3Anormalize.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=6&l=2&d=1708417823&k=cb793c6fc31421153cc106ac10347ad05d71d5b5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Apr 2024 00:23:18 GMT
Via: 1.1 varnish
X-Content-Type-Options: nosniff
Last-Modified: Sat, 11 Jan 2020 18:37:48 GMT
Server: Apache
Age: 0
ETag: "8a0403-47e-59be189f47700"
Content-Type: image/png
X-Varnish: 1246860480
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Content-Length: 1150
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK navtab.png
www.otofun.net/styles/default/xenforo/ 155 B
528 B 1085ms
323ms Image
image/png 210.245.88.132
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otofun.net/styles/default/xenforo/navtab.png

Requested by

Host: www.otofun.net
URL: https://www.otofun.net/css.php?css=public%3Anormalize.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=6&l=2&d=1708417823&k=cb793c6fc31421153cc106ac10347ad05d71d5b5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),

Reverse DNS

svr.otofun.net

Software

Apache /

Resource Hash

de649b00ea18de36cb0ee3aa20484ac9bf0cd198254bb95cd9e93853fa91e16c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/css.php?css=public%3Anormalize.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=6&l=2&d=1708417823&k=cb793c6fc31421153cc106ac10347ad05d71d5b5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Apr 2024 00:23:18 GMT
Via: 1.1 varnish
X-Content-Type-Options: nosniff
Last-Modified: Tue, 30 Apr 2019 19:05:18 GMT
Server: Apache
Age: 0
ETag: "86125a-9b-587c414ed7780"
Content-Type: image/png
X-Varnish: 1246860483
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Content-Length: 155
X-XSS-Protection: 1; mode=block

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404240101/ 449 KB
140 KB 114ms
113ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404240101/pubads_impl.js?cb=31083154

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

83f5282269ab1b6bbfac8a6af1a4996cc4473e647a88aaa2e67980bf89933cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Apr 2024 04:14:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72543
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143053
x-xss-protection: 0
server: cafe
etag: 9567458949288514437
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 27 Apr 2025 04:14:15 GMT

GET
H2 200 1025289405302089 Show response
connect.facebook.net/signals/config/ 56 KB
12 KB 175ms
174ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1025289405302089?v=2.9.154&r=stable&domain=www.otofun.net&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

40bf6e62f1161ed718a9a93b9fb7ee615a83e6ad4f28b2447ea513ef1507c0cb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 28 Apr 2024 00:23:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=54, rtx=0, c=62, mss=1380, tbw=63212, tp=-1, tpl=-1, uplat=61, ullat=0
pragma: public
x-fb-debug: lyl2dj+zE1IOG1S2vm/c1KO9z7xgf2FAwrUAF5zZmjmc6CAQPhEn4el8diZZjN5GZ3s2Wre+HSlcMPMEOPwsPA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 195 KB
71 KB 131ms
130ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-33744322-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SJ8TQC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

0180c3897c207cba47c04ad59be6e0a1c435b4fe0c4a7026cff0c8a01ee85211

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Apr 2024 00:23:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 72304
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 28 Apr 2024 00:23:18 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 294 KB
98 KB 131ms
131ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-REM18K04V3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-33744322-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3b321cf3c9933051dacde243c3f0b411fa859f0b6ae0514cd3e5c60f6cb67ca4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Apr 2024 00:23:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100422
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 28 Apr 2024 00:23:18 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 348ms
111ms Script
text/javascript 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-33744322-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 27 Apr 2024 23:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2110
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 28 Apr 2024 01:48:08 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
269 B 330ms
108ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1025289405302089&ev=PageView&dl=https%3A%2F%2Fwww.otofun.net%2Fmembers%2Fnhacaiuytinvision.857510%2F%23about&rl=&if=false&ts=1714263798513&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714263798511.817762187&ler=empty&cdl=API_unavailable&it=1714263798313&coo=false&rqm=GET

Requested by

Host: www.otofun.net
URL: https://www.otofun.net/members/nhacaiuytinvision.857510/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=50, rtx=0, c=10, mss=1380, tbw=2761, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 28 Apr 2024 00:23:18 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 16 KB
6 KB 202ms
66ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404240101/pubads_impl.js?cb=31083154
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 595b6576e594c3553ce7a36527799e7e613828aa6b3e178831b087a8e6980412

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Apr 2024 00:23:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 20 Mar 2024 17:01:57 GMT
server: cloudflare
age: 280028
etag: W/"65fb1685-3e0d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 87b2e7260ef5e3c7-TLV
expires: Wed, 01 May 2024 00:23:18 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 191ms
61ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404240101/pubads_impl.js?cb=31083154
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Apr 2024 03:41:40 GMT
content-encoding: gzip
age: 160898
x-guploader-uploadid: ABPtcPoHvAQ58Sj70RNDAfU7dzofPnl6XidInAKwp0pG7leseyYhTQ4diAg04vaa2uqK9gZDmp4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sat, 26 Apr 2025 03:41:40 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 41 KB
13 KB 425ms
173ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404240101/pubads_impl.js?cb=31083154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

16eef82325d88bccb3f09d34d6155a3ee890edfdb479d44264212b5d5eca1af9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Apr 2024 00:23:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Apr 2024 12:20:57 GMT
server: nginx
etag: W/"661532a9-a5c1"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 Apr 2024 00:23:18 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 359ms
125ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404240101/pubads_impl.js?cb=31083154
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6cd320c5ba515fef3997afe473332231160a2cb715f1a99679a7cefa1cf0be0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Apr 2024 02:18:31 GMT
content-encoding: gzip
via: 1.1 a383f82b5d4e98bbd66535c2c4b20c9e.cloudfront.net (CloudFront)
last-modified: Wed, 14 Feb 2024 17:39:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 79488
x-amz-server-side-encryption: AES256
etag: W/"21f8671135afbd2e874c42d3dc478afa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: ImuQ95ZN_amALyHraC9L8n7zv3XbdDt1gkuKkKWtMZ144-vr3WEKww==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 269ms
139ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404240101/pubads_impl.js?cb=31083154
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Apr 2024 00:23:18 GMT
via: 1.1 google, 1.1 google
last-modified: Mon, 05 Feb 2024 22:07:56 GMT
server: Google Frontend
etag: cd19e0900da0cdbc6697310fd9330fb6
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: e2fadaea88ed1ee506d9f6810b1a02a9
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1195

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 356ms
111ms Script
text/javascript 18.173.210.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404240101/pubads_impl.js?cb=31083154
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.210.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-210-195.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 27 Apr 2024 04:10:19 GMT
x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Via: 1.1 65c5d5104f267ee43cce97d81871c884.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P12
Age: 72780
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: -mU7u-G7Ol18GoK8BScFLrhmzpBHG4Bh2Ylu7-q_KTwipyoATABFEw==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 64 KB
24 KB 153ms
153ms Fetch
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=542266526317769&correlator=2628847705846481&eid=31079956%2C31081517%2C31082701%2C31082777%2C31082858%2C31083106%2C31083154%2C95330636%2C31079525&output=ldjh&gdfp_req=1&vrg=202404240101&ptt=17&impl=fif&iu_parts=87177199%2Cbottom_2017&enc_prev_ius=%2F0%2F1&prev_iu_szs=980x250&ifi=1&didk=2040618602&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1714263798553&lmt=1714263796&adxs=310&adys=764&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=180&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.otofun.net%2Fmembers%2Fnhacaiuytinvision.857510%2F%23about&vis=1&psz=1130x250&msz=1130x250&fws=4&ohw=1600&ga_vid=1592852134.1714263799&ga_sid=1714263799&ga_hid=1661619499&ga_fc=false&dlt=1714263796471&idt=2051&adks=290005781&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404240101/pubads_impl.js?cb=31083154

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

44ad12cfbd85a9c3ccc8cb6440b594a2185f625b8cad03693b4462c0285f760d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Apr 2024 00:23:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24744
x-xss-protection: 0
google-lineitem-id: 5782614211
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138430133298
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.otofun.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
beea2752b34576169a7cd9196e7a8801.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 955D 0
0 389ms
122ms Document
text/html 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://beea2752b34576169a7cd9196e7a8801.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404240101/pubads_impl.js?cb=31083154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f129.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 28 Apr 2024 00:23:18 GMT
expires: Mon, 28 Apr 2025 00:23:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
253 B 336ms
114ms Ping
text/plain 216.239.32.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-REM18K04V3&gtm=45je44o0v9102070077za200&_p=1714263797791&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1592852134.1714263799&ul=he-il&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1714263798&sct=1&seg=0&dl=https%3A%2F%2Fwww.otofun.net%2Fmembers%2Fnhacaiuytinvision.857510%2F&dt=nhacaiuytinvision%20%7C%20OTOFUN%20%7C%20C%E1%BB%98NG%20%C4%90%E1%BB%92NG%20OTO%20XE%20M%C3%81Y%20VI%E1%BB%86T%20NAM&en=page_view&_fv=1&_ss=1&tfd=3605
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-REM18K04V3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Apr 2024 00:23:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.otofun.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 311ms
114ms Ping
text/plain 74.125.71.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-REM18K04V3&cid=1592852134.1714263799&gtm=45je44o0v9102070077za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-REM18K04V3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.71.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wn-in-f157.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Apr 2024 00:23:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.otofun.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.il/ads/ 42 B
408 B 357ms
119ms Image
image/gif 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.il/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-REM18K04V3&cid=1592852134.1714263799&gtm=45je44o0v9102070077za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&z=934708599

Requested by

Host: www.otofun.net
URL: https://www.otofun.net/members/nhacaiuytinvision.857510/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Apr 2024 00:23:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.otofun.net%2Fmembers%2Fnhacaiuytinvision.857510%2F%23about&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.otofun.net%2Fmembers%2Fnhacaiuytinvision.857510%2F%23about&rid=esp&cc=1

85 B
203 B

214ms
213ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.otofun.net%2Fmembers%2Fnhacaiuytinvision.857510%2F%23about&rid=esp&cc=1
Requested by: Host: www.otofun.net
URL: https://www.otofun.net/members/nhacaiuytinvision.857510/
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 7611a6161106cc47eda32ab03c3ce1ec6c0e8e90dbd71aa4a7b50081084e442f

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Apr 2024 00:23:19 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-p3RjA/t9f+p4mzfUgtXzEbYHHXY"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.otofun.net
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Sun, 28 Apr 2024 00:23:19 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.otofun.net
location: /esp?url=https%3A%2F%2Fwww.otofun.net%2Fmembers%2Fnhacaiuytinvision.857510%2F%23about&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
206 B 119ms
118ms XHR
text/plain 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1661619499&t=pageview&_s=1&dl=https%3A%2F%2Fwww.otofun.net%2Fmembers%2Fnhacaiuytinvision.857510%2F&ul=he-il&de=UTF-8&dt=nhacaiuytinvision%20%7C%20OTOFUN%20%7C%20C%E1%BB%98NG%20%C4%90%E1%BB%92NG%20OTO%20XE%20M%C3%81Y%20VI%E1%BB%86T%20NAM&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=903127252&gjid=1962237241&cid=1592852134.1714263799&tid=UA-33744322-1&_gid=1411859676.1714263799&_r=1&gtm=457e44o0za200&gcd=13l3l3l3l1&dma=0&jsscut=1&z=1029851092

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.otofun.net/
Accept-Language: he-IL,he;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Apr 2024 00:23:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.otofun.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1255 0
0 149ms
149ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuevfu_kW0n8emGVcr9hhPem4TO5AaGU41A_-Jj1NAelh6uyQ7ZmxMMJIczjlJl8ZboEqlopyU2IndhOOzDDZGlqb3mmNKKvOKX3qHFHC606BNWjRSIkziUYFWWDDRmqaaGieLy0NSeUgM4dGjXhiDhWQqP1gQ-f5Yd3-mziH82GnP8FbvHrxEzKKS7n7RXbqUtDr6BHJAHGKJtO6K-q0wc30cnUJk0UeYewaXQkypfo6MUflTBiG4oc8fM3pDYcWyNdrxLjL3xKFgLdYM9pl9ovLmeyadLAiWU4q_FADrmqEhItLpN-K8go_mtrWEfLSGKDmzYDvBkYRTG3vPhsDuEx7iVSXPc&sai=AMfl-YT6FdMmDF0_5iaOzfqNJQ8ZV8RAs0EoV9YbBAtFvuwdJZmfilEbm5HtVOZoprDsk5NCuloA4Q4LsWsMQfAt0FRAssGht5Iky5ypytuH8bzcj2yRZi4zo2BW3B8bXzkdOuvq4eEOegQN_2W2FIzaGOs&sig=Cg0ArKJSzMdqVszmomCiEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.otofun.net
URL: https://www.otofun.net/members/nhacaiuytinvision.857510/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Apr 2024 00:23:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 28 Apr 2024 00:23:18 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240424/r20110914/ Frame 1255 23 KB
9 KB 344ms
118ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240424/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404240101/pubads_impl.js?cb=31083154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

51586ec2d56dc12c32b65b0612d89695b3a5b7d0c91592acad6ec8a04f8701aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Apr 2024 21:19:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11030
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9118
x-xss-protection: 0
server: cafe
etag: 6094826908298432593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 May 2024 21:19:29 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240424/r20110914/client/ Frame 1255 3 KB
2 KB 329ms
116ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240424/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404240101/pubads_impl.js?cb=31083154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Apr 2024 21:19:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11029
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 May 2024 21:19:30 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1255 214 KB
65 KB 341ms
113ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404240101/pubads_impl.js?cb=31083154

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

b47638e2b3e5a0f28ac238700ecd6a54d333bd521a54b20bb873a565fec58687

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Apr 2024 23:55:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1688
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66271
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 28 Apr 2024 00:55:11 GMT

GET
H2 200 7473727234690569947
tpc.googlesyndication.com/simgad/ Frame 1255 186 KB
187 KB 421ms
171ms Image
image/jpeg 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7473727234690569947

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404240101/pubads_impl.js?cb=31083154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

394fd1bfe7ee789516a95ebda05a7d67fae187ec2e2cca5ad44f8411ba776865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sun, 27 Apr 2025 05:18:14 GMT
date: Sat, 27 Apr 2024 05:18:14 GMT
x-content-type-options: nosniff
age: 68705
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190588
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 07:46:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 1255 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9e4978eebcc01d2fac3795c70169f1b1d24cb740b0be4295fb42fd5b84903f6

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
345 B 340ms
112ms XHR
text/plain 74.125.71.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-33744322-1&cid=1592852134.1714263799&jid=903127252&gjid=1962237241&_gid=1411859676.1714263799&_u=YADAAUAAAAAAACAAI~&z=837898465

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.71.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wn-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.otofun.net/
Accept-Language: he-IL,he;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 28 Apr 2024 00:23:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.otofun.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
612 B 408ms
133ms XHR
application/json 3.248.140.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.140.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-140-97.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 6f350e8b0ddc9fd1e984318e71ab87c295ec4c55f21b9bc009d3e7a9d6297e2e

Request headers

Referer: https://www.otofun.net/
Accept-Language: he-IL,he;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 28 Apr 2024 00:23:19 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.otofun.net
cache-control: no-cache
x-server: 10.45.2.208
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
H2 200 syncframe
gum.criteo.com/ Frame 03DF 0
0 378ms
126ms Document
text/html 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.otofun.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 28 Apr 2024 00:23:18 GMT
server: Kestrel
server-processing-duration-in-ticks: 301445
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1255 0
0 377ms
148ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstR-ZFXvE31Xf9n72VnEp0QNXEO4gZo_Oq62AlpuwVBSrDYCnxMOPTw0onbKqG98vQyvjRDdX9gT-f40is6fimf2KjBI7Bt6YnHxU2B96XwPmrgj24NBtAuy0db7pG2pDVcApssjJMqv3Ymqt6FmHx_tNFTYbjSzJv9fiqn1FhYGn6uIkBkOh3a2hKdpsmJ9a0REVPINffCHvqhwlG_8iSRurXLVJtRM8Hdrjdaw_ZN1SxT7LHNqLJ1-I3sRJb-L-5xor3V6wa2NBTP6Mjc5zGYVszQlw5Z8JQhLsAvQohIat2fzG-84Kt7fKY9xJWj6W_gf0ZzUaDgc_ZKTBVgRJzGA3r1dzOb8Eo&sai=AMfl-YSEttSvu5uFCkvUYqnFvtGo2xLQMwySvP1QYUsMkpfkxNiwGVN6PtjPxCYib23G2idKHxGae-uANFqoEjsLxJDmHer25Lw-InZLAvmwIwX_7LCWN4u5VPTn9CKmturp1NA0QQ8_BX0F4BMIS9TWNl0&sig=Cg0ArKJSzBwLpRXQosYKEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Apr 2024 00:23:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 28 Apr 2024 00:23:19 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1255 0
0 372ms
143ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Apr 2024 00:23:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pd
google-bidout-d.openx.net/w/1.0/ Frame 39A8 0
0 245ms
117ms Document
text/html 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Sun, 28 Apr 2024 00:23:19 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
590 B 254ms
245ms XHR
application/json 104.20.95.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=12831166&u1=ED68FA1F0BA74FB6B2BAA951714849C0&java=1&security=9d88f85a&sc_snum=1&sess=21e3ea&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.otofun.net/members/nhacaiuytinvision.857510/%23about&t=nhacaiuytinvision%20%7C%20OTOFUN%20%7C%20C%E1%BB%98NG%20%C4%90%E1%BB%92NG%20OTO%20XE%20M%C3%81Y%20VI%E1%BB%86T%20NAM&invisible=1&sc_rum_e_s=4408&sc_rum_e_e=4416&sc_rum_f_s=0&sc_rum_f_e=3019&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.95.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Apr 2024 00:23:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: https://www.otofun.net
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials: true
cf-ray: 87b2e72a8ff7e3cf-TLV
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK about Show response
www.otofun.net/members/nhacaiuytinvision.857510/ 5 KB
2 KB 470ms
470ms XHR
application/json 210.245.88.132
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otofun.net/members/nhacaiuytinvision.857510/about?_xfRequestUri=%2Fmembers%2Fnhacaiuytinvision.857510%2F&_xfWithData=1&_xfToken=1714263796%2Ca5a9c4cd1c36b0b9cbef62c411457dff&_xfResponseType=json

Requested by

Host: www.otofun.net
URL: https://www.otofun.net/js/vendor/jquery/jquery-3.3.1.min.js?_v=eb3130f3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),

Reverse DNS

svr.otofun.net

Software

Apache / PHP/7.2.31

Resource Hash

3943c7e42a9929d23f9f81ee7c061eb9858369e3b491d3a4fead11ec40709825

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.otofun.net/members/nhacaiuytinvision.857510/
X-Requested-With: XMLHttpRequest
Accept-Language: he-IL,he;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Apr 2024 00:23:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Via: 1.1 varnish
Age: 0
X-Powered-By: PHP/7.2.31
Content-Length: 1271
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 28 Apr 2024 00:23:19 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
X-Varnish: 1246860504
Cache-Control: private, no-cache, max-age=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 136ms
135ms XHR
application/json 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202404240101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404240101/pubads_impl.js?cb=31083154

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

295b0d885666aeb5d15a17ec29d836613ed5f8344f3b51060fe797c38984d335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Apr 2024 00:23:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12112
x-xss-protection: 0

GET
H/1.1 200
OK favicon.ico
www.otofun.net/ 1 KB
2 KB 333ms
332ms Other
image/vnd.microsoft.icon 210.245.88.132
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otofun.net/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.245.88.132 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),

Reverse DNS

svr.otofun.net

Software

Apache /

Resource Hash

1602061cbf40d418c14b391c57497c26acb357faffa5578c518ead972b473dbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/members/nhacaiuytinvision.857510/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Apr 2024 00:23:19 GMT
Via: 1.1 varnish
X-Content-Type-Options: nosniff
Last-Modified: Tue, 30 Jul 2019 09:14:13 GMT
Server: Apache
Age: 0
ETag: "4c023c-47e-58ee26e9ba340"
Content-Type: image/vnd.microsoft.icon
X-Varnish: 1246860513
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Content-Length: 1150
X-XSS-Protection: 1; mode=block

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 121ms
121ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404240101/pubads_impl.js?cb=31083154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Apr 2024 00:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 28 Apr 2024 00:23:19 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DB78 0
0 339ms
111ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
age: 5289
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 27 Apr 2024 22:55:11 GMT
expires: Sun, 27 Apr 2025 22:55:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 8F82 0
0 350ms
122ms Document
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Fx8-GOl8VaJRuyn1mvfNLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Fx8-GOl8VaJRuyn1mvfNLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 28 Apr 2024 00:23:20 GMT
expires: Sun, 28 Apr 2024 00:23:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1255 42 B
64 B 147ms
147ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvGJ-Sjef5jxV5XT8TuyW22tMXTktb07uFk0OY4ygyjz8a_j-pG3zDp3Z_Mw2Gndu2rdFGevYiF7xteTQXEIR6nROtf68jm5E6DNzJYy2eXQbv2GV163tIWlWf57UCT0xzYkJdKIBzVjN_ozXZMoaHT2ZGMUR328QJryQi6EQ&sig=Cg0ArKJSzNEpJ_C-aK1SEAE&id=lidar2&mcvt=1000&p=707,310,957,1290&mtos=543,1000,1000,1000,1000&tos=543,457,0,0,0&v=20240424&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=290005781&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1019659900&rst=1714263798793&rpt=576&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Apr 2024 00:23:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 116ms
113ms Ping
text/plain 216.239.32.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-REM18K04V3&gtm=45je44o0v9102070077za200&_p=1714263797791&gcd=13l3l3l3l1&npa=0&dma=0&cid=1592852134.1714263799&ul=he-il&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1714263798&sct=1&seg=0&dl=https%3A%2F%2Fwww.otofun.net%2Fmembers%2Fnhacaiuytinvision.857510%2F&dt=nhacaiuytinvision%20%7C%20OTOFUN%20%7C%20C%E1%BB%98NG%20%C4%90%E1%BB%92NG%20OTO%20XE%20M%C3%81Y%20VI%E1%BB%86T%20NAM&en=scroll&epn.percent_scrolled=90&_et=14&tfd=8620
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-REM18K04V3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://www.otofun.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Apr 2024 00:23:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.otofun.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202404240101&jk=542266526317769&bg=!zc6lzoHNAAYBeExMIXg7ADQBe5WfOK6niKmu8_Z6dxH8eaarlIDOsaCPfXNZ0hyuy0s1q8lffU_wP9u3UXXRJqYQOKUMAgAAAFVSAAAAAmgBB34ANcujBH-XiE0oJ2OAyPY60pUZqt9nhK8jeKNHw0fYN0yIL8t474vZsC0NEjBhQ41QfqaWUcj8CgA7bLmr-WGlzZq6F7HeV6XJB8PfFC2YVne95LpjyRMnvGepDRbzLhOgVBlA3pCZIO0Ulnm9n-3FX-MVeGiZAprtrPqKonJa_I-oSBYYtG7Xk4eHwBRO5PJkP3P_Ds8GiBgQKdVW4cEwNXj8iIl-g_KdJBDWE7dN3F7QT4VeZn8y7xTE1RssYuDLTXwwP8RcNm29b00NfwNAuJbGVY-tk-UXduRdqI93An62EZNPpvR7apxcNYJVvHIHgBRlSy7GNzfzujkbmVzWZT3dXNTX_0mkYocfb6FPo7RF1xKdw_v0HrQr5y8BB7E2Aop0QKplhM17zxqxfk0S-0o2qCeoyvDzk3lJtUsnLErXvjM2OIbFewpL2tPw7KMHtV7K7C2fOAq3eStCR2dsYtz2uc13vJc11LvLLEtNu6RwD19Rok84inooQiP4rmFbpiGqfOVOvRdcdPEqviHHzAkp0AZ5U9B51DODX6oD6nFbG1RZsbG6wmaByoq6EAkeDmZqy53pWz5cSlvrUvaPMlBqqU6-WUipIOd7zYyLj_p3LHBolHdI3nAYgUNklYi0s3vJALlKTQmDhFomXkV2tKV3oaXk0Anphpa7IO9fejtx5vTfxBPhJARXu6kZe7yl6FzkXqZcynTzn-EalP3cufOWl751AAO2K4v-FpE9R9omQEpxOadeoGDu-5klMsM0Y2MZfe_JOuFU6OvrVqndnSSX5P8AhXKCCR1wHXsvZQSIGR9eN2yTzNDwwR_JqVFlLSoaK57A7WwLVxCVTCyzq7Xzw_5iC-wryylrWu01Lcz44wnkS80s8HKAeywqRtWjmdeKVGa4zp8LUKTl5roQjhzDkURzsVkFMDPpMabYM-TQRetZFyRMYutJ0ljkZXQRQW4p6gYao1-wzXPDiD4oDfwn5ijJgjHboFDnoK6ZEOsymLmresV1MBzJoJ55m5PEf_c-7ni_xKBEQifJyPC9hMk

Verdicts & Comments Add Verdict or Comment

164 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.otofun.net/	1969-12-31 23:59:59	Name: xf_csrf Value: 3BvjrFBwtVrqCo7H
www.otofun.net/	1969-12-31 23:59:59	Name: SERVERID Value: s3
.otofun.net/	1970-01-20 22:20:39	Name: _fbp Value: fb.1.1714263798511.817762187
.otofun.net/	1970-01-21 05:47:03	Name: _ga_REM18K04V3 Value: GS1.1.1714263798.1.0.1714263798.60.0.0
.otofun.net/	1970-01-21 05:47:03	Name: _ga Value: GA1.2.1592852134.1714263799
.otofun.net/	1970-01-20 20:12:30	Name: _gid Value: GA1.2.1411859676.1714263799
.otofun.net/	1970-01-20 20:11:03	Name: _gat_gtag_UA_33744322_1 Value: 1
.otofun.net/	1970-01-21 05:32:39	Name: __gads Value: ID=4e72e1c79a719cab:T=1714263798:RT=1714263798:S=ALNI_MaA_00C2Mn-XFfWDAUClF7a_Ot7mA
.otofun.net/	1970-01-21 05:32:39	Name: __gpi Value: UID=00000e02b9144510:T=1714263798:RT=1714263798:S=ALNI_MbC6kwPYJWRCbQq-w2ZuQWpQ3RaEw
.otofun.net/	1970-01-21 00:30:15	Name: __eoi Value: ID=cb79278d4d274327:T=1714263798:RT=1714263798:S=AA-AfjbvFK-QwnFRGUz3T3m9wZyy
.otofun.net/	1970-01-20 20:11:03	Name: lotame_domain_check Value: otofun.net
.doubleclick.net/	1970-01-21 05:47:03	Name: IDE Value: AHWqTUlCegMYUR_csFcfVI4bmIqvS5p1lRsAR6UuyZPlj4O4dXQXhRR-W5Z5UZf-EEY
.openx.net/	1970-01-21 04:56:39	Name: i Value: 2792495c-b175-4e03-a929-dd793ce63356\|1714263799
.crwdcntrl.net/	1970-01-21 02:39:50	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-21 02:39:50	Name: _cc_id Value: a1969b37e9ea77412ecb646c6e838eb4
.criteo.com/	1970-01-21 05:32:39	Name: uid Value: 9d10019f-0321-48f6-93ab-b94c4f9733b8
.otofun.net/	1970-01-21 02:39:51	Name: _cc_id Value: a1969b37e9ea77412ecb646c6e838eb4
.otofun.net/	1970-01-20 20:12:30	Name: panoramaId_expiry Value: 1714350199267
.otofun.net/	1970-01-21 05:47:03	Name: sc_is_visitor_unique Value: rx12831166.1714263799.ED68FA1F0BA74FB6B2BAA951714849C0.1.1.1.1.1.1.1.1.1
.otofun.net/	1970-01-21 05:32:39	Name: cto_bundle Value: owI7kF9uOUYlMkIlMkZINldydCUyRkw2UzFtRHQyVEFFUjJ1aEdoRWYwQldiS1klMkZHMnJhdXhDWXhiVG5tazJkWXJ1VlN3Zm1OR1BTTTk5ZmtHRG5GMGRTNVQ4ZWRWVlVPcHY1N2hRRW9UbVB5cFFLcmtSMEtsNk5SOWF4OERWOVFaUWRDTktoUmJFYmdGOGxhTW1YblBUU1RIaiUyRjFzeUNRJTNEJTNE
.statcounter.com/	1970-01-21 05:47:03	Name: is_unique Value: sc12831166.1714263799.0
.statcounter.com/	1970-01-21 05:47:03	Name: is_visitor_unique Value: 1714263799548000930

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.otofun.net/styles/default/banner.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: https://connect.facebook.net/signals/config/1025289405302089?v=2.9.154&r=stable&domain=www.otofun.net&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.otofun.net/members/nhacaiuytinvision.857510/#about Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.otofun.net/members/nhacaiuytinvision.857510/#about Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.otofun.net/members/nhacaiuytinvision.857510/#about Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.otofun.net/members/nhacaiuytinvision.857510/#about Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.otofun.net/members/nhacaiuytinvision.857510/#about Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.otofun.net/members/nhacaiuytinvision.857510/#about Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.otofun.net/members/nhacaiuytinvision.857510/#about Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.otofun.net/members/nhacaiuytinvision.857510/#about Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.otofun.net/members/nhacaiuytinvision.857510/#about Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.otofun.net/members/nhacaiuytinvision.857510/#about Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.otofun.net/members/nhacaiuytinvision.857510/#about Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.otofun.net/members/nhacaiuytinvision.857510/#about Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.otofun.net/members/nhacaiuytinvision.857510/#about Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.otofun.net/members/nhacaiuytinvision.857510/#about Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.otofun.net/members/nhacaiuytinvision.857510/#about Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.otofun.net/members/nhacaiuytinvision.857510/#about Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
bcp.crwdcntrl.net
beea2752b34576169a7cd9196e7a8801.safeframe.googlesyndication.com
c.statcounter.com
cdn-ima.33across.com
cdn.prod.uidapi.com
connect.facebook.net
google-bidout-d.openx.net
gum.criteo.com
invstatic101.creativecdn.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
tags.crwdcntrl.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.co.il
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.otofun.net
www.statcounter.com
pagead2.googlesyndication.com
104.18.35.167
104.20.95.138
142.250.185.130
142.250.185.66
142.250.186.161
142.250.186.163
142.250.186.68
157.240.253.1
157.240.253.35
172.217.16.129
172.217.16.200
172.217.18.14
178.250.1.11
178.250.1.3
18.173.210.195
210.245.88.132
216.239.32.181
216.58.212.162
3.248.140.97
34.102.146.192
34.120.135.53
34.96.70.87
35.244.159.8
65.9.66.97
74.125.71.157
0180c3897c207cba47c04ad59be6e0a1c435b4fe0c4a7026cff0c8a01ee85211
01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0
060de9b32d61b6641d2ed4b0567a7066a4db9ba181720399872508d1b8307eba
07c6e6a76275666257a3b3f654e9021a3c6f89090a5df2cf5fe5e9cb5709b92a
082d3253a191f51e8e0264db150fbf99b0b3c8575318242656681a742831a729
10d3ea0d46cd1a13f50ad64f579fb44049af584668fb7b52c877b8422aa0c86b
119706abf6f2628df34cc02ea9b4dad78e7276c36daca18c456aab958b3ad655
1602061cbf40d418c14b391c57497c26acb357faffa5578c518ead972b473dbc
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
163f56b3b6e604ea7f6aae49c6f6069fc9626233680d09d8a1034440d93d4ac4
16eef82325d88bccb3f09d34d6155a3ee890edfdb479d44264212b5d5eca1af9
1aaf6b014a0a6ea80d0221dcdf2f840c764a6f8aefd3935240aed46c3348ee04
1afdbdf59f020161d976cac2051b53e4f9fb101f56d75947466a1241f0a33f27
1bde71f219a0dcdd26f62679238d666897284fe85a7292157cdab78b98488bb8
295b0d885666aeb5d15a17ec29d836613ed5f8344f3b51060fe797c38984d335
303929c2017a54c7d4250402277286eb1fce4364f98522a301ad18ac323a7547
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
393c9eb38094146703dab8a0b29e3ee6dc7f109d5aa5ada591080ddca7fb1f0e
3943c7e42a9929d23f9f81ee7c061eb9858369e3b491d3a4fead11ec40709825
394fd1bfe7ee789516a95ebda05a7d67fae187ec2e2cca5ad44f8411ba776865
3a9935a8b51aa99d6b4cdbc7277bd3a1b65632ac0291adcfac9db2d31e040437
3b321cf3c9933051dacde243c3f0b411fa859f0b6ae0514cd3e5c60f6cb67ca4
3c690adbe99cf2aec9d61f8fafdad3a60fca4816971a38b033a4529344a72fde
40bf6e62f1161ed718a9a93b9fb7ee615a83e6ad4f28b2447ea513ef1507c0cb
44ad12cfbd85a9c3ccc8cb6440b594a2185f625b8cad03693b4462c0285f760d
51586ec2d56dc12c32b65b0612d89695b3a5b7d0c91592acad6ec8a04f8701aa
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
592379e14f085748bb75e3962a7b6b279df63aad0e60d1e79a3858018fc54f4d
595b6576e594c3553ce7a36527799e7e613828aa6b3e178831b087a8e6980412
5c41718d8dc62103483f895e8ef6cf310cf0bcea2227ac4c0f5236300eda59d9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f350e8b0ddc9fd1e984318e71ab87c295ec4c55f21b9bc009d3e7a9d6297e2e
715d0f297423b702eeefc041c7712d2f3cf439a28cff4a4aa38992d894066832
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
73ac4db1759e2cac13b379179bc506011c0cfb63047d75bc1ff8a72bc20306bd
7611a6161106cc47eda32ab03c3ce1ec6c0e8e90dbd71aa4a7b50081084e442f
7b85352686ac920c44529a6d385afb3aab174ed65dcb799fae7e43e248f0aaee
83f5282269ab1b6bbfac8a6af1a4996cc4473e647a88aaa2e67980bf89933cc6
9c5f96aaf1507dd3cf9d64b34011b84a78641d68615fafabdbcdaa36a2090978
9da6fd40d60a02853d877024dd7ca64a62890b7f65333b7e7acce000c3e20575
a691a103318f7ba26d21ac2dfb49e3e3a60a033ab954e57c50536c08b0b11b4e
b1954b2c88a8dd8eaf5a148c5ef4ff020f3088046b41df33fc4a4adcea14aea4
b47638e2b3e5a0f28ac238700ecd6a54d333bd521a54b20bb873a565fec58687
b8219c8fdb7ad7f8ab8783011317523c8dc768188b29ed2c4ae63bf754ea0c3d
b9e4978eebcc01d2fac3795c70169f1b1d24cb740b0be4295fb42fd5b84903f6
b9edf3eded539c9727660c0c3b073ee489484a921938b57ae87b06fc3646ae93
bc3951c1fdf28a28e752e4cd704d287c82077914ce8571c7dddb40d6c46b9e94
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de649b00ea18de36cb0ee3aa20484ac9bf0cd198254bb95cd9e93853fa91e16c
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6cd320c5ba515fef3997afe473332231160a2cb715f1a99679a7cefa1cf0be0

www.otofun.net Open in urlscan Pro 210.245.88.132 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

68 Requests

97 %HTTPS

0 %IPv6

19 Domains

26 Subdomains

26 IPs

6 Countries

1810 kBTransfer

3967 kBSize

22 Cookies

18 Outgoing links

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.otofun.net Open in urlscan Pro
210.245.88.132 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

97 %
HTTPS

0 %
IPv6

19
Domains

26
Subdomains

26
IPs

6
Countries

1810 kB
Transfer

3967 kB
Size

22
Cookies

68 HTTP transactions
1 data transactions