raovat.4umer.com Open in urlscan Pro
94.23.76.111 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://raovat.4umer.com/t151645-topic
Submission: On October 02 via manual (October 2nd 2019, 12:12:56 am UTC) from VN

Summary HTTP 112 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 37 IPs in 9 countries across 31 domains to perform 112 HTTP transactions. The main IP is 94.23.76.111, located in Portugal and belongs to OVH, FR. The main domain is raovat.4umer.com.

This is the only time raovat.4umer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	94.23.76.111 94.23.76.111	16276 (OVH) (OVH)
1	151.139.237.11 151.139.237.11	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
11	2606:4700:e2:... 2606:4700:e2::ac40:8a18	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	178.250.0.130 178.250.0.130	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700:30:... 2606:4700:30::681b:8ce7	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	151.101.12.193 151.101.12.193	54113 (FASTLY) (FASTLY - Fastly)
9	2606:4700:30:... 2606:4700:30::6812:3807	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700:30:... 2606:4700:30::6818:797c	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	151.139.242.29 151.139.242.29	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:2a	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	2a00:1450:400... 2a00:1450:4001:817::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 5	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	151.101.14.2 151.101.14.2	54113 (FASTLY) (FASTLY - Fastly)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:824::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
7	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	178.33.43.150 178.33.43.150	16276 (OVH) (OVH)
1	198.13.34.38 198.13.34.38	20473 (AS-CHOOPA) (AS-CHOOPA - Choopa)
10	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
12	172.217.16.162 172.217.16.162	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2606:4700::68... 2606:4700::6810:a10d	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 3	2.16.186.99 2.16.186.99	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
3	99.80.192.46 99.80.192.46	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 6	34.246.252.247 34.246.252.247	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2600:9000:215... 2600:9000:2156:8800:1f:287:d20a:ce1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET - Internap Corporation)
2	2600:9000:215... 2600:9000:2156:9a00:5:ae3a:ba00:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2600:9000:200... 2600:9000:200d:a400:5:9a4c:9b00:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
112	37

8 94.23.76.111 (Portugal) 1 redirects

ASN16276 (OVH, FR)

raovat.4umer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.237.11 (Dallas, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

cdn.rawgit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:e2::ac40:8a18 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

illiweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681b:8ce7 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

2img.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:30::6812:3807 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

i.servimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i97.servimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::6818:797c (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

hitsk.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.242.29 (Dallas, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:815::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.33.43.150 (France)

ASN16276 (OVH, FR)

raovat.tuoitrevn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.13.34.38 (Heiwajima, Japan)

ASN20473 (AS-CHOOPA - Choopa, LLC, US)
PTR: 198.13.34.38.vultr.com

www.nhakhoaava.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.16.162 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:a10d (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.186.99 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-99.deploy.static.akamaitechnologies.com

b.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.80.192.46 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-99-80-192-46.eu-west-1.compute.amazonaws.com

b.a2gw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.246.252.247 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-246-252-247.eu-west-1.compute.amazonaws.com

api.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:8800:1f:287:d20a:ce1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET - Internap Corporation, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:9a00:5:ae3a:ba00:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:200d:a400:5:9a4c:9b00:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

beacon.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	doubleclick.net 1 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net	251 KB
11	illiweb.com illiweb.com	43 KB
9	viglink.com 2 redirects cdn.viglink.com api.viglink.com	33 KB
9	googletagservices.com www.googletagservices.com	215 KB
9	servimg.com i.servimg.com i97.servimg.com	52 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	147 KB
8	4umer.com 1 redirects raovat.4umer.com	165 KB
5	google-analytics.com 1 redirects www.google-analytics.com	35 KB
4	s-onetag.com get.s-onetag.com onetag-geo.s-onetag.com beacon.s-onetag.com	22 KB
4	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	117 B
4	google.de www.google.de adservice.google.de	1 KB
4	imgur.com i.imgur.com	18 KB
3	a2gw.com b.a2gw.com
3	scorecardresearch.com 1 redirects b.scorecardresearch.com	2 KB
3	criteo.net static.criteo.net	28 KB
2	facebook.net connect.facebook.net	60 KB
2	taboola.com cdn.taboola.com	130 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	83 KB
2	dmca.com images.dmca.com	4 KB
2	google.com 1 redirects www.google.com	751 B
1	lijit.com ce.lijit.com	532 B
1	facebook.com staticxx.facebook.com
1	nhakhoaava.vn www.nhakhoaava.vn	86 KB
1	tuoitrevn.net raovat.tuoitrevn.net	27 KB
1	criteo.com bidder.criteo.com	213 B
1	hitsk.in hitsk.in	1013 B
1	2img.net 2img.net	38 KB
1	googletagmanager.com www.googletagmanager.com	27 KB
1	jquery.com code.jquery.com	32 KB
1	rawgit.com cdn.rawgit.com	7 KB
112	31

	Domain	Requested by
12	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net raovat.4umer.com
11	illiweb.com	raovat.4umer.com code.jquery.com
9	www.googletagservices.com	raovat.4umer.com securepubads.g.doubleclick.net
8	i.servimg.com	raovat.4umer.com
8	raovat.4umer.com	1 redirects raovat.4umer.com code.jquery.com
7	fonts.gstatic.com	raovat.4umer.com static.criteo.net
6	api.viglink.com	2 redirects cdn.viglink.com
5	www.google-analytics.com	1 redirects www.googletagmanager.com raovat.4umer.com
4	i.imgur.com	raovat.4umer.com static.criteo.net
3	b.a2gw.com	securepubads.g.doubleclick.net
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net
3	b.scorecardresearch.com	1 redirects cdn.taboola.com raovat.4umer.com
3	cdn.viglink.com	raovat.4umer.com
3	adservice.google.de	www.googletagservices.com
3	static.criteo.net	raovat.4umer.com
2	onetag-geo.s-onetag.com	get.s-onetag.com beacon.s-onetag.com
2	connect.facebook.net	raovat.4umer.com connect.facebook.net
2	cdn.taboola.com	raovat.4umer.com cdn.taboola.com
2	fonts.googleapis.com	raovat.4umer.com code.jquery.com
2	maxcdn.bootstrapcdn.com	raovat.4umer.com
2	images.dmca.com	raovat.4umer.com
2	www.google.com	1 redirects raovat.4umer.com
1	pagead2.googlesyndication.com
1	beacon.s-onetag.com	get.s-onetag.com
1	ce.lijit.com	raovat.4umer.com
1	get.s-onetag.com	raovat.4umer.com
1	staticxx.facebook.com	connect.facebook.net
1	www.google.de	raovat.4umer.com
1	stats.g.doubleclick.net	1 redirects
1	www.nhakhoaava.vn	raovat.4umer.com
1	raovat.tuoitrevn.net	raovat.4umer.com
1	i97.servimg.com	raovat.4umer.com
1	www.gstatic.com	www.google.com
1	bidder.criteo.com	static.criteo.net
1	hitsk.in	raovat.4umer.com
1	2img.net	raovat.4umer.com
1	www.googletagmanager.com	raovat.4umer.com
1	code.jquery.com	raovat.4umer.com
1	cdn.rawgit.com	raovat.4umer.com
112	39

This site contains links to these domains. Also see Links.

Domain
www.forumotion.com
raovat.tuoitrevn.net
hocluat.vn
timthosuakhoa.com
www.nhadatdongnai.co
www.nhakhoaava.vn
goo.gl
thokhoahanoi.com
hutbephotvietnam.com
thosuacua.com
www.tuoitrevn.net
www.dmca.com
www.thoang.net
www.forumvi.com
help.forumotion.com

Subject Issuer	Validity	Valid
rawgit.com COMODO RSA Domain Validation Secure Server CA	`2018-12-29` - `2020-01-13`	a year	crt.sh
illiweb.com CloudFlare Inc ECC CA-2	`2019-09-17` - `2020-09-16`	a year	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2019-03-26` - `2020-03-30`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
www.google.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
2img.net CloudFlare Inc ECC CA-2	`2019-01-04` - `2020-01-04`	a year	crt.sh
*.imgur.com DigiCert SHA2 Secure Server CA	`2018-12-14` - `2020-02-12`	a year	crt.sh
servimg.com CloudFlare Inc ECC CA-2	`2019-09-18` - `2020-09-17`	a year	crt.sh
sni165043.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-09-28` - `2020-04-05`	6 months	crt.sh
*.googleapis.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-09-22` - `2019-12-20`	3 months	crt.sh
nhakhoaava.vn COMODO RSA Domain Validation Secure Server CA	`2018-10-02` - `2020-10-01`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
www.google.de GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
*.a2gw.com Amazon	`2019-09-24` - `2020-10-24`	a year	crt.sh
*.s-onetag.com Amazon	`2019-06-25` - `2020-07-25`	a year	crt.sh

This page contains 11 frames:

Primary Page: http://raovat.4umer.com/t151645-topic
Frame ID: B444E152946D0E47AF16D5E8A580C9A8
Requests: 80 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 71A44C6AD641116F4785A29AB6318107
Requests: 7 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 324461838025FB723F9014AC48EFC1D2
Requests: 7 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 09FEDC962A75DFC5EC89A90B23D1E2C6
Requests: 7 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 6BED4348469479DE9B3B540FA605CB76
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv839XU0AcZAndwpnfBvgysA9nhFDYANGuRLkuZZ_dX0OvbQb7B3LoHquthmQEN3nEGjryveKPyNSD4_0I3HBuGCAJ8ISrnttEGDGcV3LWurCSCmZ9nlAobJ0Ugmm8aDbB1WuLTtzU3rUUwN6HRhKN3wE3UnBA1liSxpEzJ39hbwRTne84-0Ao92M0ysE-T5HETMaJitylRIfPy9S57n1S6K09S9LIC8YG_qewK-61JGEUT4MpJErtyRS_V5cat4Qepbk2Eh74PSe8LxGCWCcQ&sai=AMfl-YSv31hk1B7BW3EtZpnVn-4WAVjlQka1QLIkJva9HfYXWDH5K3wcU3E9p9o3vnr9gdQa9IHZMe7g8m6niSutM1HzQqN0OmM1Fp1w0tZz&sig=Cg0ArKJSzMPW6D69PvpXEAE&urlfix=1&adurl=
Frame ID: 0C6A1EB429D88DE00272A9F5BE5C8B39
Requests: 3 HTTP requests in this frame

Frame: https://b.a2gw.com/banner?dfp=21773486844&cw=300&ch=250&_cb=275896255
Frame ID: AB20EC91512E98096006D66C87AC95CA
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuiR2jo_5IOSlexxb3kTp4oWMAr67tLQX7d-c80AyZ9XvplYXfg0I7rzi2KajjOI1Lafg0wRr-5S-_H9T_0mqGIshLMAChD_ttNMEh0tQmqUUiF1ovLIiJMbquWHudyq8kz6lu_xwvPOYiROYQDULzKmw79z0F83hjK0-avaXq84RaX05vahi7XsH4cp-fh2v10LSYrPK4nXTHMKLAQXp7LzlH6l-hong0TVvcNm9oTGr1vasBdXvqeHUOhoiP9NgXdgTs3TVsigwX3uh1D8A&sai=AMfl-YRYx0C5_c85yXaV8w1JMUzVkpT2d007Ie9u9ciQtf9M1iXoXxfijqEzz0Q1t2jYkEL-D7Kut0PjQYGGs46jvpByIBsxh-k-yrm0EWTX&sig=Cg0ArKJSzOTyw_jXqFW4EAE&urlfix=1&adurl=
Frame ID: 3A2D8A48E2ECAC5DC9E20F0154FDDC2B
Requests: 4 HTTP requests in this frame

Frame: https://b.a2gw.com/banner?dfp=21773487228&cw=728&ch=90&_cb=318513001
Frame ID: 83ED52B5C0A427E069FA0A6C38D8F41D
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuMUDF3gI9bx2QNchIZXerMEO6UcjeaUS1UWKbc5-iveD_1e6V6nUTfPoweUwo7Vu2oFy5eBcjGI6dNac0GDmYRspAjeUquh2YMdKdB2b90hVIIuETN0HsWkEnYIeJfpKIeFOz81r6NiWou-0GXltxkm7d0fVkGRglx9zVYEui6N3LVX4yek4bWesPr_QyOydc5LbePwfydMYpxjLBqvukdb4Ss8yDAKIH_gk17AqHa2VpZJeE1bM56LeYGtHMoRfpttnL0dd1v5LfJVsGhTnI&sai=AMfl-YTxN2XttYG8ado5G4IWDvqN-M_fgTOnWIdZX2Yb4ItRGUUxK4hP8iJ2Vsk1KOnfd7QhtF23x_3BZD-R1NY8u-2ZrLQWLIwlx4u4aqC9xQ&sig=Cg0ArKJSzH0Esd5JWIJbEAE&urlfix=1&adurl=
Frame ID: D354DE7CFEB0049AFE72AED4D724A9F3
Requests: 3 HTTP requests in this frame

Frame: https://b.a2gw.com/banner?dfp=21773486844&cw=300&ch=250&_cb=1103884918
Frame ID: F1E6F6FD2B5FDC5B3066240FC8710C59
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

VigLink (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:^[^\/]*\/\/[^\/]*viglink\.com\/api\/|vglnk\.js)/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

112
Requests

71 %
HTTPS

62 %
IPv6

31
Domains

39
Subdomains

37
IPs

9
Countries

1507 kB
Transfer

3768 kB
Size

11
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://www.forumotion.com/

Search URL Search Domain Scan URL

URL: http://raovat.tuoitrevn.net/

Search URL Search Domain Scan URL

URL: https://hocluat.vn/
Title: Học luật trực tuyến

Search URL Search Domain Scan URL

URL: https://timthosuakhoa.com/
Title: Tìm Thợ Sửa Khóa

Search URL Search Domain Scan URL

URL: https://www.nhadatdongnai.co/

Search URL Search Domain Scan URL

URL: https://www.nhakhoaava.vn/nieng-rang-tra-gop-lai-suat-0/
Title: Niềng răng trả góp

Search URL Search Domain Scan URL

URL: http://goo.gl/9RaOAl

Search URL Search Domain Scan URL

URL: https://thokhoahanoi.com/
Title: Thợ mở khóa tại nhà 100k

Search URL Search Domain Scan URL

URL: https://hutbephotvietnam.com/
Title: Thuê Hút bể phốt Trọn gói

Search URL Search Domain Scan URL

URL: http://thosuacua.com/
Title: Thợ sửa cửa Phương Đông

Search URL Search Domain Scan URL

URL: https://hocluat.vn/danh-sach-cac-cong-ty-luat-van-phong-luat-su-tai-hai-duong/
Title: Văn phòng luật sư ở Hải Dương

Search URL Search Domain Scan URL

URL: https://hocluat.vn/danh-sach-cac-cong-ty-luat-van-phong-luat-su-tai-hai-phong/
Title: Văn phòng luật sư ở Hải Phòng

Search URL Search Domain Scan URL

URL: http://www.tuoitrevn.net/sitemap.xml
Title: XML Sitemaps Generator

Search URL Search Domain Scan URL

URL: http://www.dmca.com/Protection/Status.aspx?ID=1ac35e80-a59b-49c5-8442-8103d887d699&refurl=http://raovat.4umer.com/t151645-topic
Title:

Search URL Search Domain Scan URL

URL: http://www.tuoitrevn.net/
Title: Tuổi trẻ Việt Nam online

Search URL Search Domain Scan URL

URL: http://www.thoang.net/
Title: Thoang Net

Search URL Search Domain Scan URL

URL: http://www.forumvi.com/
Title: Free forum

Search URL Search Domain Scan URL

URL: https://www.forumvi.com/phpbb
Title: phpBB

Search URL Search Domain Scan URL

URL: https://help.forumotion.com/
Title: Free forum support

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

http://raovat.4umer.com/11971.js HTTP 301
http://raovat.4umer.com/11128.js

Request Chain 40

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 41

http://connect.facebook.net/vi_VN/sdk.js HTTP 307
https://connect.facebook.net/vi_VN/sdk.js

Request Chain 59

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=647693877&t=pageview&_s=1&dl=http%3A%2F%2Fraovat.4umer.com%2Ft151645-topic&ul=en-us&de=UTF-8&dt=Ni%E1%BB%81ng%20r%C4%83ng%20tr%E1%BA%A3%20g%C3%B3p%20l%C3%A3i%20su%E1%BA%A5t%200%25%20t%E1%BA%A1i%20TpHCM&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=902214181&gjid=55097632&cid=864735235.1569975158&tid=UA-144337024-1&_gid=264764531.1569975158&_r=1&gtm=2ou9p0&z=642130730 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-144337024-1&cid=864735235.1569975158&jid=902214181&_gid=264764531.1569975158&gjid=55097632&_v=j79&z=642130730 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144337024-1&cid=864735235.1569975158&jid=902214181&_v=j79&z=642130730 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144337024-1&cid=864735235.1569975158&jid=902214181&_v=j79&z=642130730&slf_rd=1&random=3999477167

Request Chain 60

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=841379990&utmhn=raovat.4umer.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ni%E1%BB%81ng%20r%C4%83ng%20tr%E1%BA%A3%20g%C3%B3p%20l%C3%A3i%20su%E1%BA%A5t%200%25%20t%E1%BA%A1i%20TpHCM&utmhid=647693877&utmr=-&utmp=%2Ft151645-topic&utmht=1569975157796&utmac=UA-87786621-1&utmcc=__utma%3D84484378.864735235.1569975158.1569975158.1569975158.1%3B%2B__utmz%3D84484378.1569975158.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1082838738&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=841379990&utmhn=raovat.4umer.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ni%E1%BB%81ng%20r%C4%83ng%20tr%E1%BA%A3%20g%C3%B3p%20l%C3%A3i%20su%E1%BA%A5t%200%25%20t%E1%BA%A1i%20TpHCM&utmhid=647693877&utmr=-&utmp=%2Ft151645-topic&utmht=1569975157796&utmac=UA-87786621-1&utmcc=__utma%3D84484378.864735235.1569975158.1569975158.1569975158.1%3B%2B__utmz%3D84484378.1569975158.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1082838738&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~

Request Chain 61

http://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1808689970&utmhn=raovat.4umer.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ni%E1%BB%81ng%20r%C4%83ng%20tr%E1%BA%A3%20g%C3%B3p%20l%C3%A3i%20su%E1%BA%A5t%200%25%20t%E1%BA%A1i%20TpHCM&utmhid=647693877&utmr=-&utmp=%2Ft151645-topic&utmht=1569975157798&utmac=UA-87786621-1&utmcc=__utma%3D84484378.864735235.1569975158.1569975158.1569975158.1%3B%2B__utmz%3D84484378.1569975158.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qAAAAAAAAAAAAAAAQAABAAAE~ HTTP 307
https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1808689970&utmhn=raovat.4umer.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ni%E1%BB%81ng%20r%C4%83ng%20tr%E1%BA%A3%20g%C3%B3p%20l%C3%A3i%20su%E1%BA%A5t%200%25%20t%E1%BA%A1i%20TpHCM&utmhid=647693877&utmr=-&utmp=%2Ft151645-topic&utmht=1569975157798&utmac=UA-87786621-1&utmcc=__utma%3D84484378.864735235.1569975158.1569975158.1569975158.1%3B%2B__utmz%3D84484378.1569975158.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qAAAAAAAAAAAAAAAQAABAAAE~

Request Chain 79

http://b.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1569975157950&ns_c=UTF-8&cv=3.1&c8=Ni%E1%BB%81ng%20r%C4%83ng%20tr%E1%BA%A3%20g%C3%B3p%20l%C3%A3i%20su%E1%BA%A5t%200%25%20t%E1%BA%A1i%20TpHCM&c7=http%3A%2F%2Fraovat.4umer.com%2Ft151645-topic&c9= HTTP 302
http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1569975157950&ns_c=UTF-8&cv=3.1&c8=Ni%E1%BB%81ng%20r%C4%83ng%20tr%E1%BA%A3%20g%C3%B3p%20l%C3%A3i%20su%E1%BA%A5t%200%25%20t%E1%BA%A1i%20TpHCM&c7=http%3A%2F%2Fraovat.4umer.com%2Ft151645-topic&c9=

Request Chain 105

http://api.viglink.com/api/sync.js?key=9019de09e2fbd24ca1be00a9fededd9e HTTP 302
http://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js

Request Chain 106

http://api.viglink.com/api/sync.gif?key=9019de09e2fbd24ca1be00a9fededd9e HTTP 302
http://ce.lijit.com/merge?pid=8008&3pid=5da85ca09631a4283cd35fb1f2b70b70

112 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request t151645-topic Show response
raovat.4umer.com/ 75 KB
22 KB 229ms
198ms Document
text/html 94.23.76.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://raovat.4umer.com/t151645-topic

Protocol

HTTP/1.1

Server

94.23.76.111 , Portugal, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

bb092cc53aa842d93f42f54f6129ca2d834e280e0a172bafc4ec13688a8d7d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0; mode=block

Request headers

Host: raovat.4umer.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 02 Oct 2019 00:12:37 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache
Pragma: no-cache
Expires: Wed, 02 Oct 2019 00:00:00 GMT
Last-Modified: Wed, 02 Oct 2019 00:12:37 GMT
Vary: User-Agent
X-Content-Type-Options: nosniff
X-XSS-Protection: 0; mode=block
Access-Control-Allow-Origin: *
X-Cache-NE: MISS
Content-Encoding: gzip

GET
H/1.1 200
OK 2-ltr.css
raovat.4umer.com/ 198 KB
68 KB 158ms
107ms Stylesheet
text/css 94.23.76.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://raovat.4umer.com/2-ltr.css

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

HTTP/1.1

Server

94.23.76.111 , Portugal, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

031d5c793b10392a1e6e8d5ca80f0b6988bc773a1debb79d277ebed917e92cbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 02 Oct 2019 00:12:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Oct 2019 00:00:00 GMT
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
X-Cache-NE: EXPIRED
Content-Length: 68866
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 4rv1.05.css
cdn.rawgit.com/tuoitrevn/forum/master/ 27 KB
7 KB 313ms
249ms Stylesheet
text/css 151.139.237.11
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rawgit.com/tuoitrevn/forum/master/4rv1.05.css

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.237.11 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

NetDNA-cache/2.2 /

Resource Hash

4895ea123004a86ed0195e733b973aac213b6ef43487b706a3cda470b32d2322

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload, max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cf-ray: 51f2773daa4fc78d-AMS
x-cache: MISS
status: 200
vary: Accept-Encoding
rawgit-cache-status: HIT
content-type: text/css;charset=utf-8
server: NetDNA-cache/2.2
etag: W/"d43d62056039bd93b90a9be0ef012667ef89e91d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; preload, max-age=31536000; preload
sunset: Tue, 01 Oct 2019 00:00:00 GMT
access-control-allow-origin: *
cache-control: max-age=86400
x-robots-tag: none
link: <https://rawgit.com/>; rel="sunset"; title="RawGit will soon shut down. Please stop using it."

GET
H/1.1 200
OK jquery-1.9.1.min.js Show response
code.jquery.com/ 90 KB
32 KB 13ms
6ms Script
application/javascript 2001:4de0:ac18::1:a:3b
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://code.jquery.com/jquery-1.9.1.min.js
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic
Protocol: HTTP/1.1
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 02 Oct 2019 00:12:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Oct 2014 00:16:07 GMT
Server: nginx
ETag: W/"54499a47-169d5"
Vary: Accept-Encoding
X-HW: 1569975157.dop001.fr8.t,1569975157.cds011.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 32772

GET
H2 200 vi.js Show response
illiweb.com/rs3/51/frm/lang/ 70 KB
16 KB 67ms
17ms Script
application/x-javascript 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/51/frm/lang/vi.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4542c5ce6094ffbc5d0f25ce86fa947d99391476498220916fe8823125b27fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1764676
cf-polished: origSize=71234
status: 200
x-xss-protection: 1; mode=block
x-cache-ne: EXPIRED
last-modified: Mon, 09 Sep 2019 08:07:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
expires: Thu, 01 Oct 2020 00:12:37 GMT
cache-control: public, max-age=31536000
x-cache-pr: EXPIRED
cf-ray: 51f2773d7a2edfeb-FRA
cf-bgj: minify

GET
H/1.1 200
OK publishertag.js Show response
static.criteo.net/js/ld/ 87 KB
27 KB 126ms
49ms Script
text/javascript 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 9a064cb03f4d284288b7ac46e8a3b0b30492a89c4219d1f91de96b4ce224493e

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:37 GMT
content-encoding: gzip
last-modified: Tue, 17 Sep 2019 16:58:46 GMT
server: nginx
etag: W/"5d8110c6-15d00"
transfer-encoding: chunked
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Thu, 03 Oct 2019 00:12:37 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 69 KB
27 KB 47ms
44ms Script
application/javascript 2a00:1450:4001:81a::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-144337024-1

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d2321a9b67cdba84c641ef6c4e52468e8d3494b5555b23593d44e6a3cb4d922c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:37 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27197
x-xss-protection: 0
expires: Wed, 02 Oct 2019 00:12:37 GMT

GET
H2 200 jquery.cookie.js Show response
illiweb.com/rs3/51/frm/jquery/cookie/ 1011 B
471 B 68ms
18ms Script
application/x-javascript 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/51/frm/jquery/cookie/jquery.cookie.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1764949
status: 200
cf-bgj: minify
x-xss-protection: 1; mode=block
x-cache-ne: MISS
last-modified: Tue, 27 Aug 2019 14:00:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-cache-pr: MISS
cf-ray: 51f2773d7a32dfeb-FRA
expires: Thu, 01 Oct 2020 00:12:37 GMT

GET
H2 200 tooltipster.js Show response
illiweb.com/rs3/51/frm/mentions/ 17 KB
5 KB 63ms
12ms Script
application/x-javascript 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/51/frm/mentions/tooltipster.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a56d8fd2c346648167ab574f3be9f54f3a96707aeddcdd3ceabd3ac1201b8057

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1764948
status: 200
cf-bgj: minify
x-xss-protection: 1; mode=block
x-cache-ne: MISS
last-modified: Tue, 27 Aug 2019 14:00:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-cache-pr: MISS
cf-ray: 51f2773d7a33dfeb-FRA
expires: Thu, 01 Oct 2020 00:12:37 GMT

GET
H2 200 init.js Show response
illiweb.com/rs3/51/frm/mentions/ 668 B
400 B 62ms
12ms Script
application/x-javascript 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/51/frm/mentions/init.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f54301c324d81a1d069061f8932c853d1ac44fdc77298340743310ec32c4aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1764948
status: 200
cf-bgj: minify
x-xss-protection: 1; mode=block
x-cache-ne: MISS
last-modified: Tue, 27 Aug 2019 14:00:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-cache-pr: MISS
cf-ray: 51f2773d7a34dfeb-FRA
expires: Thu, 01 Oct 2020 00:12:37 GMT

GET
H2 200 FAToolbar.js Show response
illiweb.com/rs3/51/frm/jquery/toolbar/ 23 KB
5 KB 62ms
12ms Script
application/x-javascript 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/51/frm/jquery/toolbar/FAToolbar.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

53b50d936fbd0379b43181e53561a665a21e6ea1d1fd50a08b8eeaa0fee06906

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1764949
status: 200
cf-bgj: minify
x-xss-protection: 1; mode=block
x-cache-ne: MISS
last-modified: Tue, 27 Aug 2019 14:00:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-cache-pr: MISS
cf-ray: 51f2773d7a35dfeb-FRA
expires: Thu, 01 Oct 2020 00:12:37 GMT

GET
H2 200 tooltipster.css
illiweb.com/rs3/51/frm/mentions/ 6 KB
1 KB 61ms
11ms Stylesheet
text/css 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/51/frm/mentions/tooltipster.css

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d2393ec9a6d20fc58d60f8d9140fd7ccdd709ec1ab00036dce2847901c2ba92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1764948
cf-polished: origSize=6667
status: 200
x-xss-protection: 1; mode=block
x-cache-ne: MISS
last-modified: Tue, 27 Aug 2019 14:00:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
expires: Thu, 01 Oct 2020 00:12:37 GMT
cache-control: public, max-age=31536000
x-cache-pr: MISS
cf-ray: 51f2773d7a2ddfeb-FRA
cf-bgj: minify

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 729 B
562 B 47ms
45ms Script
text/javascript 2a00:1450:4001:800::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

33b9cfa85ac4128db561c2f1a037e68b359c57a05d41a5ec51315d805e1a06ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 465
x-xss-protection: 1; mode=block
expires: Wed, 02 Oct 2019 00:12:37 GMT

GET
H/1.1 200
OK / Show response
raovat.4umer.com/ 166 KB
35 KB 253ms
204ms Script
text/html 94.23.76.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://raovat.4umer.com/

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

HTTP/1.1

Server

94.23.76.111 , Portugal, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

4329939a1e757492199e1f1c66634347d40a4c361816ca3eda194dbc31aba4e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0; mode=block

Request headers

Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Oct 2019 00:12:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Oct 2019 00:12:37 GMT
Vary: User-Agent
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Transfer-Encoding: chunked
X-Cache-NE: EXPIRED
Content-Type: text/html; charset=utf-8
X-XSS-Protection: 0; mode=block
Expires: Wed, 02 Oct 2019 00:00:00 GMT

GET
H2 200 An5Xcra.png
2img.net/h/i.imgur.com/ 37 KB
38 KB 264ms
188ms Image
image/png 2606:4700:30::681b:8ce7
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2img.net/h/i.imgur.com/An5Xcra.png

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681b:8ce7 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ccb56e3c58fce6511ad69d71f3a78357043b451270ee13643a32a118899c36c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:37 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 38276
x-xss-protection: 1; mode=block
last-modified: Sat, 31 Dec 2016 13:13:08 GMT
server: cloudflare
etag: "5867aee4-9584"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 51f2773dae32cba4-VIE
expires: Sat, 29 Sep 2029 00:12:37 GMT

GET
H2 200 empty.gif
illiweb.com/fa/ 42 B
161 B 9ms
8ms Image
image/gif 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/empty.gif

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19351818
status: 200
content-length: 42
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-2a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51f2773d8a58dfeb-FRA
expires: Thu, 01 Oct 2020 00:12:37 GMT

GET
H2 200 qMsm6Ul.gif
i.imgur.com/ 599 B
745 B 67ms
23ms Image
image/gif 151.101.12.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/qMsm6Ul.gif
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 5b9015044ce252559ccbb0cd794d03c995a50f84884b2019293782fb7fe8874f

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:37 GMT
age: 12707546
x-cache: HIT, HIT
status: 200
content-length: 599
x-served-by: cache-bwi5134-BWI, cache-fra19131-FRA
last-modified: Tue, 10 Jan 2017 00:45:57 GMT
server: cat factory 1.0
x-timer: S1569975158.703911,VS0,VE1
etag: "52006aa92820afcff6d2236b88332f5c"
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 icon_www.gif
illiweb.com/fa/subsilver/ 733 B
818 B 9ms
9ms Image
image/gif 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/subsilver/icon_www.gif

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

02be12aef9119686fd59cb18175cb585e21e46a6aa5ec6b10074e6dd37476eef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 20053707
status: 200
content-length: 733
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-2dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51f2773f5d9fdfeb-FRA
expires: Thu, 01 Oct 2020 00:12:37 GMT

GET
H2 200 default2.gif
illiweb.com/itest/ranks/default/ 1 KB
1 KB 9ms
8ms Image
image/gif 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/itest/ranks/default/default2.gif

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

eea9767f3e2c171b55a01fd5da2da5ce658ae3f4e3b6c49cee0659bb38237f6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 20448590
status: 200
content-length: 1176
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-498"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51f2773f7dbbdfeb-FRA
expires: Thu, 01 Oct 2020 00:12:37 GMT

GET
H2 200 icon_n10.gif
i.servimg.com/u/f97/19/54/42/12/ 348 B
449 B 196ms
150ms Image
image/gif 2606:4700:30::6812:3807
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f97/19/54/42/12/icon_n10.gif

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3807 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

84193816087e802c9209355842e4d99b9dc73cea9179921c8070da4dcc139b7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:37 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
content-length: 348
x-xss-protection: 1; mode=block
last-modified: Sun, 25 Sep 2016 19:43:10 GMT
server: cloudflare
etag: "57e828ce-15c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51f2773fcf46cba8-VIE
expires: Thu, 01 Oct 2020 00:12:37 GMT

GET
H2 200 page-w10.png
i.servimg.com/u/f18/15/64/85/86/ 618 B
1 KB 178ms
131ms Image
image/png 2606:4700:30::6812:3807
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f18/15/64/85/86/page-w10.png

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3807 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

da281a874974bf0c9518ccd03db9c96e1f69bfbb72ad62bee649c400d97e4899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:37 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
content-length: 618
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Jun 2015 04:03:43 GMT
server: cloudflare
etag: "5580f19f-26a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51f2773fcf47cba8-VIE
expires: Thu, 01 Oct 2020 00:12:37 GMT

GET
H2 200 ti_xui11.png
i.servimg.com/u/f97/19/54/42/12/ 368 B
469 B 186ms
140ms Image
image/png 2606:4700:30::6812:3807
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f97/19/54/42/12/ti_xui11.png

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3807 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ca20cfedac5fd9258f9f8355b713ae92a640b2ebdd2b048182e0b7eafa1a9fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:37 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
content-length: 368
x-xss-protection: 1; mode=block
last-modified: Sun, 25 Sep 2016 13:00:59 GMT
server: cloudflare
etag: "57e7ca8b-170"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51f2773fcf49cba8-VIE
expires: Thu, 01 Oct 2020 00:12:37 GMT

GET
H2 200 award-10.png
i.servimg.com/u/f18/19/08/54/77/ 743 B
844 B 189ms
143ms Image
image/png 2606:4700:30::6812:3807
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f18/19/08/54/77/award-10.png

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3807 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0035ed075d597ffa4dc9deb3f28776a1d13d337daa1f6be413f13cb51f7dd0fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:37 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
content-length: 743
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Jun 2015 03:46:13 GMT
server: cloudflare
etag: "5580ed85-2e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51f2773fcf4acba8-VIE
expires: Thu, 01 Oct 2020 00:12:37 GMT

GET
H2 200 nameic12.gif
i.servimg.com/u/f97/19/54/42/12/ 428 B
537 B 181ms
135ms Image
image/gif 2606:4700:30::6812:3807
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f97/19/54/42/12/nameic12.gif

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3807 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

90e83f9812d4235e44151847751420c1b53a05a31415446dd467c85720f6e143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:37 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
content-length: 428
x-xss-protection: 1; mode=block
last-modified: Sun, 25 Sep 2016 12:48:28 GMT
server: cloudflare
etag: "57e7c79c-1ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51f2773fcf4bcba8-VIE
expires: Thu, 01 Oct 2020 00:12:37 GMT

GET
H2 200 eiopMXR.gif
i.imgur.com/ 224 B
370 B 43ms
23ms Image
image/gif 151.101.12.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/eiopMXR.gif
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 2c7a8b34d05698985a9c135034620a43a47bb11b9701867465b4909327f018a3

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:37 GMT
age: 1960871
x-cache: HIT, HIT
status: 200
content-length: 224
x-served-by: cache-bwi5147-BWI, cache-fra19131-FRA
last-modified: Thu, 03 Sep 2015 04:53:14 GMT
server: cat factory 1.0
x-timer: S1569975158.703914,VS0,VE1
etag: "f302813cec860fbe4bf53bd77f9346d3"
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 i_icon_gender_male.gif
hitsk.in/t/13/01/69/ 575 B
1013 B 169ms
133ms Image
image/gif 2606:4700:30::6818:797c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hitsk.in/t/13/01/69/i_icon_gender_male.gif

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6818:797c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

235d503d44efda2814ec2bceae1626390f3c7c8b57bfec42531b927de266758e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:37 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
content-length: 575
x-xss-protection: 1; mode=block
last-modified: Wed, 27 Oct 2010 16:39:19 GMT
server: cloudflare
etag: "4cc855b7-23f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51f2773fb8e5cbb4-VIE
expires: Thu, 01 Oct 2020 00:12:37 GMT

GET
H2 200 nameic13.gif
i.servimg.com/u/f97/19/54/42/12/ 426 B
527 B 181ms
136ms Image
image/gif 2606:4700:30::6812:3807
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f97/19/54/42/12/nameic13.gif

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3807 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f2a88a252ab5dce2170fff4889f744b5a4943b2863b220a96fec7aa9d0bae71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:37 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
content-length: 426
x-xss-protection: 1; mode=block
last-modified: Sun, 25 Sep 2016 12:51:14 GMT
server: cloudflare
etag: "57e7c842-1aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51f2773fcf4ccba8-VIE
expires: Thu, 01 Oct 2020 00:12:37 GMT

GET
H2 200 house-10.gif
i.servimg.com/u/f97/19/01/75/14/ 466 B
568 B 142ms
141ms Image
image/gif 2606:4700:30::6812:3807
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f97/19/01/75/14/house-10.gif

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3807 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5384a3023793ef64f078ec77235f40a8cb0fe8aa2dfd04fbbbbaf6e292da18c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:37 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
content-length: 466
x-xss-protection: 1; mode=block
last-modified: Sun, 25 Sep 2016 13:45:43 GMT
server: cloudflare
etag: "57e7d507-1d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51f2773fcf51cba8-VIE
expires: Thu, 01 Oct 2020 00:12:37 GMT

GET
H/1.1 200
OK LrxEstU.png
i.imgur.com/ 9 KB
10 KB 46ms
31ms Image
image/png 151.101.12.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.imgur.com/LrxEstU.png
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic
Protocol: HTTP/1.1
Server: 151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 1925534e08e043e86174c5e2e2fa50889e6c773a82fa3ae83d3365a29e2b50c0

Request headers

Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 02 Oct 2019 00:12:37 GMT
Age: 2910802
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 9443
X-Served-By: cache-bwi5131-BWI, cache-fra19174-FRA
Last-Modified: Thu, 11 Oct 2018 03:48:47 GMT
Server: cat factory 1.0
X-Timer: S1569975158.706352,VS0,VE1
ETag: "f77356488f712a731fb0c3465f17b189"
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
cache-control: public, max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H2 200 lky9lf10.jpg
i.servimg.com/u/f37/19/52/31/91/ 45 KB
45 KB 191ms
190ms Image
image/jpeg 2606:4700:30::6812:3807
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f37/19/52/31/91/lky9lf10.jpg

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3807 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

20ea9b0f35d57e898e1761b34d5b9d019df3201b0d027908cd02d0656c2960d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:37 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
content-length: 45626
x-xss-protection: 1; mode=block
last-modified: Fri, 06 Jan 2017 05:44:40 GMT
server: cloudflare
etag: "586f2ec8-b23a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51f2773fcf50cba8-VIE
expires: Thu, 01 Oct 2020 00:12:37 GMT

GET
H/1.1 200
OK 21489.js Show response
raovat.4umer.com/ 16 KB
6 KB 73ms
73ms Script
application/x-javascript 94.23.76.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://raovat.4umer.com/21489.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

HTTP/1.1

Server

94.23.76.111 , Portugal, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

166361649cb058cd61e6f87d19a0b47a859deb79a17396c59d8dd9b1c661bc9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 02 Oct 2019 00:12:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 07 Jul 2017 17:28:09 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
X-Cache-NE: EXPIRED
Content-Length: 6097
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK dmca_protected_sml_120w.png
images.dmca.com/Badges/ 3 KB
4 KB 19ms
16ms Image
image/png 151.139.242.29
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.dmca.com/Badges/dmca_protected_sml_120w.png?ID=57b6ebc2-7a41-4eae-90fc-44e5f9c3d8d2
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic
Protocol: HTTP/1.1
Server: 151.139.242.29 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 / ASP.NET
Resource Hash: 10dfcb598d3dd6c0f995f34de110a0612d6e68ee3f9928bcbe1f348084f0d9bf

Request headers

Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 02 Oct 2019 00:12:37 GMT
Last-Modified: Tue, 04 May 2010 23:19:11 GMT
Server: NetDNA-cache/2.2
X-Powered-By: ASP.NET
ETag: "81a47634e0ebca1:0"
X-Cache: HIT
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Link: <http://dmca-images.azurewebsites.net/Badges/dmca_protected_sml_120w.png>; rel="canonical"
Content-Length: 3173
Expires: Fri, 01 Nov 2019 00:12:37 GMT

GET
H/1.1 200
OK DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ 465 B
789 B 35ms
17ms Script
application/javascript 151.139.242.29
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic
Protocol: HTTP/1.1
Server: 151.139.242.29 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 02 Oct 2019 00:12:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Jun 2019 20:14:34 GMT
Server: NetDNA-cache/2.2
X-Powered-By: ASP.NET
ETag: "26b181f16d28d51:0"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Link: <http://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical"
Content-Length: 280
Expires: Fri, 01 Nov 2019 00:12:25 GMT

GET
H/1.1

200
OK

11128.js Show response
raovat.4umer.com/
Redirect Chain

http://raovat.4umer.com/11971.js
http://raovat.4umer.com/11128.js

52 KB
14 KB

65ms
65ms

Script
application/x-javascript

94.23.76.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://raovat.4umer.com/11128.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

HTTP/1.1

Server

94.23.76.111 , Portugal, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

0760bb6abffd75a3316d0416c3240161e058e1b9fb5a91db8966b5adf443112a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 02 Oct 2019 00:12:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 09 Aug 2019 16:28:48 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
X-Cache-NE: EXPIRED
Content-Length: 13550
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: http://raovat.4umer.com/11128.js
Date: Wed, 02 Oct 2019 00:12:37 GMT
Cache-Control: max-age=315360000
Content-Length: 0
X-Cache-NE: EXPIRED
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 33735.js Show response
raovat.4umer.com/ 10 KB
4 KB 66ms
66ms Script
application/x-javascript 94.23.76.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://raovat.4umer.com/33735.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

HTTP/1.1

Server

94.23.76.111 , Portugal, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

f2b57c5797018dd0ef9c1c8386ef46d1d27c13ea0615617ffd6e7012074e6948

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 02 Oct 2019 00:12:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 15 Apr 2019 12:52:15 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
X-Cache-NE: EXPIRED
Content-Length: 3960
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 12ms
6ms Stylesheet
text/css 2001:4de0:ac19::1:b:2a
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 02 Oct 2019 00:12:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Dec 2018 18:35:20 GMT
Connection: Keep-Alive
ETag: "1544639720"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
cache-control: public, max-age=31536000
X-Hello-Human: Say hello back! @getBootstrapCDN on Twitter
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 7050

GET
H2 200 css
fonts.googleapis.com/ 7 KB
737 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:817::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin,vietnamese

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

2c459af038b187354a6342ef343b41451f024d3791bb4456c68d998ed9027ec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 02 Oct 2019 00:12:37 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Wed, 02 Oct 2019 00:12:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Wed, 02 Oct 2019 00:12:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144337024-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 151
date: Wed, 02 Oct 2019 00:10:06 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Wed, 02 Oct 2019 02:10:06 GMT

GET
H/1.1 200
OK loader.js Show response
cdn.taboola.com/libtrc/forforumotion-vi/ 64 KB
18 KB 146ms
131ms Script
application/javascript 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/libtrc/forforumotion-vi/loader.js
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic
Protocol: HTTP/1.1
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b5dcc348dfc17febe1b10d98e56cf012bd92b93de5a6656afdc42d930bec152b

Request headers

Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: 2Y_0tvrDAUQulc1ZfCbDnf.r1p3Q0_S1
Content-Encoding: gzip
ETag: "4d46b8dbc941e3926b36b4719555efb3"
Age: 0
X-Cache: HIT
Connection: keep-alive
Content-Length: 17616
x-amz-id-2: Q2CmlGU9Vbiw5fuUnvHMQZfw3nHSPk1IYTi4QBmL2UwJP9grb6CEXi8t4R3EVffd6yruYn6x5Bk=
X-Served-By: cache-fra19148-FRA
Last-Modified: Thu, 26 Sep 2019 08:16:12 GMT
Server: AmazonS3
X-Timer: S1569975158.755046,VS0,VE94
Date: Wed, 02 Oct 2019 00:12:37 GMT
Vary: Accept-Encoding
x-amz-request-id: DD2F15CCF4991699
Via: 1.1 varnish
Cache-Control: private,max-age=14401
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
abp: 37
X-Cache-Hits: 1

POST
H/1.1 204
No Content cdb Show response
bidder.criteo.com/ 0
213 B 62ms
48ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: http://bidder.criteo.com/cdb?ptv=73&profileId=206&cb=81460814858
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: HTTP/1.1
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: http://raovat.4umer.com
date: Wed, 02 Oct 2019 00:12:37 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Zy-zVXWdnDW6AUZkKlojAKGe/ 262 KB
92 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:824::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Zy-zVXWdnDW6AUZkKlojAKGe/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ee4b6ac81622a15d376488d3a25228b90de031ac08f84dd9e1c4d2918c4a751a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 18:22:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 21 Sep 2019 00:09:51 GMT
server: sffe
age: 712200
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 94031
x-xss-protection: 0
expires: Tue, 22 Sep 2020 18:22:37 GMT

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

6ms
5ms

Script
text/javascript

2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 3499
date: Tue, 01 Oct 2019 23:14:18 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17168
expires: Wed, 02 Oct 2019 01:14:18 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H2

200

sdk.js Show response
connect.facebook.net/vi_VN/
Redirect Chain

http://connect.facebook.net/vi_VN/sdk.js
https://connect.facebook.net/vi_VN/sdk.js

3 KB
2 KB

6ms
6ms

Script
application/x-javascript

2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

7d01bdeaddc4a197b7464fa3319ee6fd20ad425bb14ae321ebcf3b0726ea0408

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: vWH3Lo1F0HxExFp5muhEhQ==
status: 200
content-length: 1780
etag: "ef644c1b7241593cb090e8ab74793faa"
x-fb-debug: XbexA8oJwqjR1Q4mrEM5FdeT5hl3oY4mJYMKVm4iocf42jP/Der5st3Bktb8RzYmy0P7FYUtlL1LyW3n5WkVEA==
x-fb-trip-id: 420120009
x-fb-content-md5: 527acff91ae5726c4d01b2f28c2f2253
x-frame-options: DENY
date: Wed, 02 Oct 2019 00:12:37 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 02 Oct 2019 00:23:34 GMT

Redirect headers

Location: https://connect.facebook.net/vi_VN/sdk.js#xfbml=1&version=v2.6
Non-Authoritative-Reason: HSTS

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin,vietnamese
Origin: http://raovat.4umer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 14:56:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 3316543
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11016
x-xss-protection: 0
expires: Sun, 23 Aug 2020 14:56:54 GMT

GET
H2 200 jOYlpgu.gif
i.imgur.com/ 7 KB
7 KB 27ms
23ms Image
image/gif 151.101.12.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/jOYlpgu.gif
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: b844a2bb8061f0b3382e300f63fb07d62a08cca0d9eceb0c995ddc2b118fc062

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/2-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:37 GMT
age: 317558
x-cache: HIT, HIT
status: 200
content-length: 6742
x-served-by: cache-bwi5141-BWI, cache-fra19131-FRA
last-modified: Sun, 18 Dec 2016 03:25:11 GMT
server: cat factory 1.0
x-timer: S1569975158.703908,VS0,VE1
etag: "cd76b72c9113ceddde33e39a44af1fa4"
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 KFOlCnqEu92Fr1MmWUlfChc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfChc4AMP6lbBP.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d4a0134009f70c36d82c43c77b2a6f0ee48a57beb8d4f9e9ff7c3dd3887212bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin,vietnamese
Origin: http://raovat.4umer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 12:03:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 2549361
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7924
x-xss-protection: 0
expires: Tue, 01 Sep 2020 12:03:16 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin,vietnamese
Origin: http://raovat.4umer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 26 Aug 2019 15:12:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:46 GMT
server: sffe
age: 3142836
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8024
x-xss-protection: 0
expires: Tue, 25 Aug 2020 15:12:01 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin,vietnamese
Origin: http://raovat.4umer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 18:28:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 2526270
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11020
x-xss-protection: 0
expires: Tue, 01 Sep 2020 18:28:07 GMT

GET
H/1.1 200
OK pixel.gif
static.criteo.net/images/ 43 B
400 B 62ms
48ms Image
image/gif 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic
Protocol: HTTP/1.1
Server: 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:37 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 26 Sep 2020 00:12:37 GMT

GET
H/1.1 200
OK pixel.gif
static.criteo.net/images/ 43 B
400 B 62ms
48ms Image
image/gif 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic
Protocol: HTTP/1.1
Server: 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:37 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 26 Sep 2020 00:12:37 GMT

GET
H/1.1 200
OK logos12.png
i97.servimg.com/u/f97/18/91/53/88/ 2 KB
3 KB 112ms
86ms Image
image/png 2606:4700:30::6812:3807
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://i97.servimg.com/u/f97/18/91/53/88/logos12.png

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

HTTP/1.1

Server

2606:4700:30::6812:3807 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe6d42f3670bd140d05899fd0bc6161882da3f9fb4173f241148836279fa5477

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 02 Oct 2019 00:12:37 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Connection: keep-alive
Content-Length: 2148
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 28 Sep 2016 12:33:52 GMT
Server: cloudflare
ETag: "57ebb8b0-864"
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 51f2773fc8dbcba4-VIE
Expires: Thu, 01 Oct 2020 00:12:37 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 12ms
7ms Font
font/woff2 2001:4de0:ac19::1:b:2a
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: http://raovat.4umer.com

Response headers

Date: Wed, 02 Oct 2019 00:12:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Dec 2018 18:36:18 GMT
Connection: Keep-Alive
ETag: "1544639778"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: font/woff2
Access-Control-Allow-Origin: *
cache-control: public, max-age=31536000
X-Hello-Human: Say hello back! @getBootstrapCDN on Twitter
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 77171

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin,vietnamese
Origin: http://raovat.4umer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 17:17:15 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 111322
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11180
x-xss-protection: 0
expires: Tue, 29 Sep 2020 17:17:15 GMT

GET
H/1.1 200
OK avatar10.png
raovat.tuoitrevn.net/users/3517/21/16/80/avatars/gallery/ 26 KB
27 KB 1114ms
95ms Image
image/png 178.33.43.150
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://raovat.tuoitrevn.net/users/3517/21/16/80/avatars/gallery/avatar10.png

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

HTTP/1.1

Server

178.33.43.150 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

690a9c5e2ba9f5cfb4bb225bf84b658d899b75825472da0851845edb636463dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 02 Oct 2019 00:12:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 02 Jan 2017 05:24:04 GMT
ETag: "5869e3f4-692c"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Content-Length: 26924
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7WxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ 3 KB
3 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu7WxKKTU1Kvnz.woff2

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

6742ec1271dff587e859a90ce7e4bee26cfd60625f5bb95325650c6b04afda8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin,vietnamese
Origin: http://raovat.4umer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 23:26:05 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:45 GMT
server: sffe
age: 89192
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3384
x-xss-protection: 0
expires: Tue, 29 Sep 2020 23:26:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfCxc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ 3 KB
3 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfCxc4AMP6lbBP.woff2

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4efba2511ac7b398ee519551405416b684264c28f052829e9dd86bb836257d90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin,vietnamese
Origin: http://raovat.4umer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 26 Aug 2019 10:07:05 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 3161132
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3352
x-xss-protection: 0
expires: Tue, 25 Aug 2020 10:07:05 GMT

GET
H2 200 nieng-rang-moc-chen-chuc.jpg
www.nhakhoaava.vn/wp-content/uploads/2019/04/ 86 KB
86 KB 796ms
256ms Image
image/jpeg 198.13.34.38
Choopa

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nhakhoaava.vn/wp-content/uploads/2019/04/nieng-rang-moc-chen-chuc.jpg
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.13.34.38 Heiwajima, Japan, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS: 198.13.34.38.vultr.com
Software: Nginx / VPSSIM
Resource Hash: 9fc64234adef2ec886ef2f655f20ee3c67efc568b0f47b1137e26681ef986d02

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:38 GMT
last-modified: Sat, 27 Apr 2019 06:22:19 GMT
server: Nginx
x-powered-by: VPSSIM
etag: "5cc3f51b-15641"
content-type: image/jpeg
status: 200
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 87617
expires: Fri, 01 Nov 2019 00:12:38 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 71A4 44 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

02f7429e1f922775f825814370ddc033dba875ce2318b4ba11463d60bcc853f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "296 / 544 of 1000 / last-modified: 1569872947"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14275
x-xss-protection: 0
expires: Wed, 02 Oct 2019 00:12:37 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 3244 44 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4fd1acd345a275a4bac18996c4de2352999db69b6a14a24bdda89af0e7c4ce3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "296 / 298 of 1000 / last-modified: 1569872919"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14275
x-xss-protection: 0
expires: Wed, 02 Oct 2019 00:12:37 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 09FE 44 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4fd1acd345a275a4bac18996c4de2352999db69b6a14a24bdda89af0e7c4ce3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "296 / 600 of 1000 / last-modified: 1569872919"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14275
x-xss-protection: 0
expires: Wed, 02 Oct 2019 00:12:37 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=647693877&t=pageview&_s=1&dl=http%3A%2F%2Fraovat.4umer.com%2Ft151645-topic&ul=en-us&de=UTF-8&dt=Ni%E1%BB%81ng%20r%C4%83ng%20tr%E1%BA%A3%20g%C...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-144337024-1&cid=864735235.1569975158&jid=902214181&_gid=264764531.1569975158&gjid=55097632&_v=j79&z=642130730
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144337024-1&cid=864735235.1569975158&jid=902214181&_v=j79&z=642130730
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144337024-1&cid=864735235.1569975158&jid=902214181&_v=j79&z=642130730&slf_rd=1&random=3999477167

42 B
109 B

39ms
17ms

Image
image/gif

2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144337024-1&cid=864735235.1569975158&jid=902214181&_v=j79&z=642130730&slf_rd=1&random=3999477167

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Oct 2019 00:12:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Oct 2019 00:12:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144337024-1&cid=864735235.1569975158&jid=902214181&_v=j79&z=642130730&slf_rd=1&random=3999477167
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=841379990&utmhn=raovat.4umer.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ni%E1...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=841379990&utmhn=raovat.4umer.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ni%E...

35 B
111 B

13ms
13ms

Image
image/gif

2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=841379990&utmhn=raovat.4umer.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ni%E1%BB%81ng%20r%C4%83ng%20tr%E1%BA%A3%20g%C3%B3p%20l%C3%A3i%20su%E1%BA%A5t%200%25%20t%E1%BA%A1i%20TpHCM&utmhid=647693877&utmr=-&utmp=%2Ft151645-topic&utmht=1569975157796&utmac=UA-87786621-1&utmcc=__utma%3D84484378.864735235.1569975158.1569975158.1569975158.1%3B%2B__utmz%3D84484378.1569975158.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1082838738&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Oct 2019 00:12:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=841379990&utmhn=raovat.4umer.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ni%E1%BB%81ng%20r%C4%83ng%20tr%E1%BA%A3%20g%C3%B3p%20l%C3%A3i%20su%E1%BA%A5t%200%25%20t%E1%BA%A1i%20TpHCM&utmhid=647693877&utmr=-&utmp=%2Ft151645-topic&utmht=1569975157796&utmac=UA-87786621-1&utmcc=__utma%3D84484378.864735235.1569975158.1569975158.1569975158.1%3B%2B__utmz%3D84484378.1569975158.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1082838738&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~
Non-Authoritative-Reason: HSTS

GET
H2

200

__utm.gif
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1808689970&utmhn=raovat.4umer.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ni%E1%...
https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1808689970&utmhn=raovat.4umer.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ni%E1...

35 B
108 B

6ms
6ms

Image
image/gif

2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1808689970&utmhn=raovat.4umer.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ni%E1%BB%81ng%20r%C4%83ng%20tr%E1%BA%A3%20g%C3%B3p%20l%C3%A3i%20su%E1%BA%A5t%200%25%20t%E1%BA%A1i%20TpHCM&utmhid=647693877&utmr=-&utmp=%2Ft151645-topic&utmht=1569975157798&utmac=UA-87786621-1&utmcc=__utma%3D84484378.864735235.1569975158.1569975158.1569975158.1%3B%2B__utmz%3D84484378.1569975158.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qAAAAAAAAAAAAAAAQAABAAAE~

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Sep 2019 18:37:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 106501
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1808689970&utmhn=raovat.4umer.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ni%E1%BB%81ng%20r%C4%83ng%20tr%E1%BA%A3%20g%C3%B3p%20l%C3%A3i%20su%E1%BA%A5t%200%25%20t%E1%BA%A1i%20TpHCM&utmhid=647693877&utmr=-&utmp=%2Ft151645-topic&utmht=1569975157798&utmac=UA-87786621-1&utmcc=__utma%3D84484378.864735235.1569975158.1569975158.1569975158.1%3B%2B__utmz%3D84484378.1569975158.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qAAAAAAAAAAAAAAAQAABAAAE~
Non-Authoritative-Reason: HSTS

GET
H2 200 sdk.js Show response
connect.facebook.net/vi_VN/ 195 KB
58 KB 17ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk.js?hash=0af0fe263f73a2c76f34e614c829f3fe&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

f1ec3e538f687c5ea7065b9a3be9c91ec6f78e10dc99e269254548c22d23a699

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: cors
Referer: http://raovat.4umer.com/t151645-topic
Origin: http://raovat.4umer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: o6NTuCIr+AceGu0siQa5cg==
status: 200
content-length: 59119
etag: "15c2a4e15f6760a69f55f4f0c90cff6f"
x-fb-debug: +hYjfhxO8/bH01Mzk9uCqlsSRHuAOHI7shXJADtBBrJd45x42pDOKnrPHct/ptv3SxhW+z3FbfcPdE8IZnlYQQ==
x-fb-trip-id: 420120009
x-fb-content-md5: 6447a4a9dd4b5474b307a6a103f7ce75
x-frame-options: DENY
date: Wed, 02 Oct 2019 00:12:37 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Wed, 30 Sep 2020 19:18:12 GMT

GET
H2 200 pubads_impl_2019092602.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 71A4 158 KB
58 KB 124ms
73ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019092602.js?21064698

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

35aefd2d1de0b25d9a5640cf3129dfc507a3c417a7da34f4bb6f9b4a79e19484

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 26 Sep 2019 18:43:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 59149
x-xss-protection: 0
expires: Wed, 02 Oct 2019 00:12:37 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame 71A4 113 B
598 B 28ms
15ms Script
application/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=raovat.4umer.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Oct 2019 00:12:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 108
x-xss-protection: 0

GET
H2 200 pubads_impl_modern_2019092602.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 3244 145 KB
56 KB 101ms
55ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019092602.js?21064579

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

831d19d3c80ca082ccf9394743c71280aa5a2b7c40b8176382eb1ce20ad06ae7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 26 Sep 2019 18:43:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 56843
x-xss-protection: 0
expires: Wed, 02 Oct 2019 00:12:37 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame 3244 113 B
175 B 23ms
15ms Script
application/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=raovat.4umer.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Oct 2019 00:12:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 108
x-xss-protection: 0

GET
H/1.1 200
OK h5- Show response
raovat.4umer.com/ 53 KB
16 KB 150ms
150ms XHR
text/html 94.23.76.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://raovat.4umer.com/h5-?_=1569975157642

Requested by

Host: code.jquery.com
URL: http://code.jquery.com/jquery-1.9.1.min.js

Protocol

HTTP/1.1

Server

94.23.76.111 , Portugal, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

811d82c552e689c78fe3aa0c272ce60168ff969fbf23c7b7249ce8eefe5971e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0; mode=block

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: http://raovat.4umer.com/t151645-topic
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Oct 2019 00:12:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Oct 2019 00:12:37 GMT
Vary: User-Agent
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
X-Cache-NE: MISS
Content-Type: text/html; charset=utf-8
X-XSS-Protection: 0; mode=block
Expires: Wed, 02 Oct 2019 00:00:00 GMT

GET
H2 200 pubads_impl_2019092602.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 09FE 158 KB
58 KB 139ms
97ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019092602.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

35aefd2d1de0b25d9a5640cf3129dfc507a3c417a7da34f4bb6f9b4a79e19484

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 26 Sep 2019 18:43:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 59149
x-xss-protection: 0
expires: Wed, 02 Oct 2019 00:12:37 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame 09FE 113 B
175 B 19ms
16ms Script
application/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=raovat.4umer.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Oct 2019 00:12:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 108
x-xss-protection: 0

GET
H/1.1 200
OK vglnk.js Show response
cdn.viglink.com/api/ 78 KB
28 KB 33ms
20ms Script
text/javascript 2606:4700::6810:a10d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.viglink.com/api/vglnk.js
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic
Protocol: HTTP/1.1
Server: 2606:4700::6810:a10d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1e3d2c14e73d02c96b42ade56dfbb0535e4cf0537161c2b5bce2e149a09384b

Request headers

Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 02 Oct 2019 00:12:37 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 1313826
CF-RAY: 51f2774088e2cbc4-VIE
Connection: keep-alive
Content-Length: 27719
x-amz-id-2: GUMVId8hJNJ2q62EPig17g1egW/ThBglsGIDzrY2oWrXkfF4pAlhmMtC9+MxlzUS/LOg0+Koy7s=
Last-Modified: Mon, 16 Sep 2019 19:15:01 GMT
Server: cloudflare
ETag: "1545d811432c0074356408ee8f6c1e23"
Vary: Accept-Encoding
x-amz-request-id: AD7180B7B2CDBE1C
Cache-Control: public, max-age=1800
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Wed, 02 Oct 2019 00:42:37 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
882 B 30ms
17ms Font
text/css 2a00:1450:4001:806::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed

Requested by

Host: code.jquery.com
URL: http://code.jquery.com/jquery-1.9.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

2b7caf43d9c84f7b05243a68e7bc41555f0b873a115a1e1c691f86bed97dd4d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://raovat.4umer.com/t151645-topic
Origin: http://raovat.4umer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 02 Oct 2019 00:12:37 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Wed, 02 Oct 2019 00:12:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Wed, 02 Oct 2019 00:12:37 GMT

GET
H2 200 toolbar.png
illiweb.com/fa/i/toolbar/ 11 KB
11 KB 31ms
29ms Image
image/png 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/i/toolbar/toolbar.png

Requested by

Host: code.jquery.com
URL: http://code.jquery.com/jquery-1.9.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

075cc698968c8fabdc079e0f5a8bf11ed379ddb445d0d7caa5085cf67ff12b57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/2-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19603015
status: 200
content-length: 11066
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 08:34:44 GMT
server: cloudflare
etag: "57398624-2b3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51f277409fa7dfeb-FRA
expires: Thu, 01 Oct 2020 00:12:37 GMT

GET
H2 200 pa0.png
illiweb.com/fa/i/toolbar/ 1 KB
1 KB 31ms
30ms Image
image/png 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/i/toolbar/pa0.png

Requested by

Host: code.jquery.com
URL: http://code.jquery.com/jquery-1.9.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5b862705def8b10b9a2f6e2d285ace98b47d499942ad23d492820a6a04341dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/2-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19321391
status: 200
content-length: 1087
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 08:34:43 GMT
server: cloudflare
etag: "57398623-43f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51f277409fa9dfeb-FRA
expires: Thu, 01 Oct 2020 00:12:37 GMT

GET
H2 200 xd_arbiter.php
staticxx.facebook.com/connect/ Frame 6BED 0
0 7ms
6ms Document
text/html 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js?hash=0af0fe263f73a2c76f34e614c829f3fe&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter.php?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://raovat.4umer.com/t151645-topic
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://raovat.4umer.com/t151645-topic

Response headers

status: 200
content-encoding: br
content-type: text/html; charset=utf-8
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Wed, 30 Sep 2020 19:31:55 GMT
cache-control: public,max-age=31536000,immutable
x-fb-debug: yDe5jCMk6uVnJ+w6gliW6dBD27yCrxDtTXEzjT2+LE1RzbxoT6X7dZUu4Mc+azTxBnJCICNwP5GE1f4iKE7bdQ==
content-length: 11822
x-fb-trip-id: 420120009
date: Wed, 02 Oct 2019 00:12:37 GMT

GET
H/1.1 200
OK impl.20190925-18-RELEASE.js Show response
cdn.taboola.com/libtrc/ 394 KB
112 KB 25ms
25ms Script
application/javascript 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/libtrc/impl.20190925-18-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/forforumotion-vi/loader.js
Protocol: HTTP/1.1
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63f4f82cf06f230550429133b1cdc57ece980f534134bc947aabbdedb58fb612

Request headers

Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: SiLG3pEQU6AY0ArwqwI0wvQeEAy0aIWv
Content-Encoding: gzip
ETag: "0c930f5c532c1b3d0170c86cf0775ece"
Age: 20
X-Cache: HIT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 113920
x-amz-id-2: 8TAuLAVgn4j0J+q7BEok4hzzZkA8exiistNEZfnTnndqBE3NhMCUAHlfZm7BWdOi3SZhm7FR0uY=
X-Served-By: cache-fra19148-FRA
Last-Modified: Wed, 25 Sep 2019 16:15:26 GMT
Server: AmazonS3
X-Timer: S1569975158.909142,VS0,VE0
Date: Wed, 02 Oct 2019 00:12:37 GMT
Vary: Accept-Encoding
x-amz-request-id: A6C4D2BAEA18070E
Via: 1.1 varnish
Cache-Control: private,max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
abp: 48
X-Cache-Hits: 11

GET
H/1.1 200
OK beacon.js Show response
b.scorecardresearch.com/ 1 KB
1 KB 52ms
37ms Script
application/x-javascript 2.16.186.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://b.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/forforumotion-vi/loader.js
Protocol: HTTP/1.1
Server: 2.16.186.99 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-99.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 02 Oct 2019 00:12:37 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 901
Expires: Thu, 03 Oct 2019 00:12:37 GMT

GET
H/1.1 200
OK pixel.gif
cdn.viglink.com/images/ 43 B
552 B 20ms
19ms Image
image/gif 2606:4700::6810:a10d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.viglink.com/images/pixel.gif?ch=1&rn=3.293507087722097
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic
Protocol: HTTP/1.1
Server: 2606:4700::6810:a10d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 02 Oct 2019 00:12:37 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 10 Feb 2015 03:29:39 GMT
Server: cloudflare
Age: 12
ETag: "221d8352905f2c38b3cb2bd191d630b0"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=15, must-revalidate
Content-Length: 43
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 51f27740e953cbc4-VIE
x-amz-request-id: BCF6197221BF5488
x-amz-id-2: HrrKeHwcpae7WIw2OrZ71qNBKOTtGe87zi7c46ReqYsyaDilbmLNVsrHM//KTvEu+OHWwIYX9P0=

GET
H/1.1 200
OK pixel.gif
cdn.viglink.com/images/ 43 B
552 B 38ms
26ms Image
image/gif 2606:4700::6810:a10d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.viglink.com/images/pixel.gif?ch=2&rn=3.293507087722097
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic
Protocol: HTTP/1.1
Server: 2606:4700::6810:a10d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 02 Oct 2019 00:12:37 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 10 Feb 2015 03:29:39 GMT
Server: cloudflare
Age: 12
ETag: "221d8352905f2c38b3cb2bd191d630b0"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=15, must-revalidate
Content-Length: 43
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 51f277410c865a06-VIE
x-amz-request-id: BCF6197221BF5488
x-amz-id-2: HrrKeHwcpae7WIw2OrZ71qNBKOTtGe87zi7c46ReqYsyaDilbmLNVsrHM//KTvEu+OHWwIYX9P0=

GET
H/1.1

204
No Content

b2
b.scorecardresearch.com/
Redirect Chain

http://b.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1569975157950&ns_c=UTF-8&cv=3.1&c8=Ni%E1%BB%81ng%20r%C4%83ng%20tr%E1%BA%A3%20g%C3%B3p%20l%C3%A3i%20su%E1%BA%A5t%200%25%20t%E1%...
http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1569975157950&ns_c=UTF-8&cv=3.1&c8=Ni%E1%BB%81ng%20r%C4%83ng%20tr%E1%BA%A3%20g%C3%B3p%20l%C3%A3i%20su%E1%BA%A5t%200%25%20t%E1...

0
248 B

27ms
27ms

Image
text/plain

2.16.186.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1569975157950&ns_c=UTF-8&cv=3.1&c8=Ni%E1%BB%81ng%20r%C4%83ng%20tr%E1%BA%A3%20g%C3%B3p%20l%C3%A3i%20su%E1%BA%A5t%200%25%20t%E1%BA%A1i%20TpHCM&c7=http%3A%2F%2Fraovat.4umer.com%2Ft151645-topic&c9=
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic
Protocol: HTTP/1.1
Server: 2.16.186.99 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-99.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Oct 2019 00:12:38 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1569975157950&ns_c=UTF-8&cv=3.1&c8=Ni%E1%BB%81ng%20r%C4%83ng%20tr%E1%BA%A3%20g%C3%B3p%20l%C3%A3i%20su%E1%BA%A5t%200%25%20t%E1%BA%A1i%20TpHCM&c7=http%3A%2F%2Fraovat.4umer.com%2Ft151645-topic&c9=
Pragma: no-cache
Date: Wed, 02 Oct 2019 00:12:37 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 3244 4 KB
2 KB 147ms
147ms XHR
text/plain 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1849247162371521&correlator=3994953982290940&output=ldjh&impl=fif&eid=21064579%2C21063202%2C21064581%2C21064592&vrg=2019092602&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=0&sfv=1-0-35&ecs=20191002&iu=%2F1150267%2FEtoxicSarl_2019_300x250&sz=300x250&eri=6&cookie_enabled=1&bc=23&abxe=1&lmt=1569975158&dt=1569975158073&dlt=1569975157759&idt=285&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adx=461&ady=1953&adk=3480591353&uci=xkljkgyqvqo2&ifi=1&ifk=3672323146&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=http%3A%2F%2Fraovat.4umer.com%2Ft151645-topic&top=raovat.4umer.com&dssz=2&icsg=10&std=0&vis=1&scr_x=0&scr_y=0&ga_vid=864735235.1569975158&ga_sid=1569975158&ga_hid=963455268&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019092602.js?21064579

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

f6f0736f1f421aab99f9eb3920f692dfe595183dd40717646aa3093888c55d66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2006
x-xss-protection: 0
google-lineitem-id: 227267817
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 107686126137
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://raovat.4umer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_modern_rendering_2019092602.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 3244 59 KB
23 KB 54ms
54ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019092602.js?21064579

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019092602.js?21064579

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

ede50408d9975eb59f99b6525984e2c1cf091977e1bbc37d49a1aee6e75bcc90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 26 Sep 2019 18:43:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 23878
x-xss-protection: 0
expires: Wed, 02 Oct 2019 00:12:38 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame 3244 0
0 17ms
5ms Other
text/html 2a00:1450:4001:809::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019092602.js?21064579
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 71A4 4 KB
2 KB 158ms
158ms XHR
text/plain 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3050546998756782&correlator=3053342742517193&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fif&eid=21064698%2C21062453&vrg=2019092602&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=0&sfv=1-0-35&ecs=20191002&iu=%2F1150267%2FEtoxicSarl_2019_728x90&sz=728x90&eri=6&cookie_enabled=1&bc=23&abxe=1&lmt=1569975158&dt=1569975158094&dlt=1569975157756&idt=329&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adx=429&ady=262&adk=442451065&uci=suggzpua1hph&ifi=1&ifk=934523795&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=http%3A%2F%2Fraovat.4umer.com%2Ft151645-topic&top=raovat.4umer.com&dssz=2&icsg=10&std=0&vis=1&scr_x=0&scr_y=0&ga_vid=864735235.1569975158&ga_sid=1569975158&ga_hid=441280182&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019092602.js?21064698

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

6467ef7c6f800ba0be91edfecdbfd7b34d76b0af760878606cb49f8da3bd139c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1988
x-xss-protection: 0
google-lineitem-id: 227269977
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 80630180577
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://raovat.4umer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019092602.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 71A4 63 KB
24 KB 66ms
65ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019092602.js?21064698

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019092602.js?21064698

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

35c073a53df4dd054afab9758b90a88846802754ff15fc3b31cc9af133c8a401

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 26 Sep 2019 18:43:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24721
x-xss-protection: 0
expires: Wed, 02 Oct 2019 00:12:38 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame 71A4 0
0 5ms
5ms Other
text/html 2a00:1450:4001:809::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019092602.js?21064698
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 09FE 4 KB
2 KB 148ms
148ms XHR
text/plain 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3233515743462001&correlator=703504070982845&output=ldjh&impl=fif&eid=21062421%2C21063637%2C21064550%2C21064569%2C21064592%2C21064687&vrg=2019092602&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=0&sfv=1-0-35&ecs=20191002&iu=%2F1150267%2FEtoxicSarl_2019_300x250&sz=300x250&eri=6&cookie_enabled=1&bc=23&lmt=1569975158&dt=1569975158121&dlt=1569975157762&idt=350&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adx=825&ady=1953&adk=3480591353&uci=j3iqe3vqeud0&ifi=1&ifk=3672323146&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=http%3A%2F%2Fraovat.4umer.com%2Ft151645-topic&top=raovat.4umer.com&dssz=2&icsg=10&std=0&vis=1&scr_x=0&scr_y=0&ga_vid=864735235.1569975158&ga_sid=1569975158&ga_hid=1463571959&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019092602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

50fc7c8cd3a5483fddcd12cd8f5e15f704d5e4e8f147ee2ab2f931791bf208b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2030
x-xss-protection: 0
google-lineitem-id: 227267817
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 107686126137
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://raovat.4umer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019092602.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 09FE 63 KB
24 KB 60ms
60ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019092602.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019092602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

35c073a53df4dd054afab9758b90a88846802754ff15fc3b31cc9af133c8a401

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 26 Sep 2019 18:43:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24721
x-xss-protection: 0
expires: Wed, 02 Oct 2019 00:12:38 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame 09FE 0
0 5ms
5ms Other
text/html 2a00:1450:4001:809::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019092602.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 0C6A 0
273 B 32ms
32ms Fetch
image/gif 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv839XU0AcZAndwpnfBvgysA9nhFDYANGuRLkuZZ_dX0OvbQb7B3LoHquthmQEN3nEGjryveKPyNSD4_0I3HBuGCAJ8ISrnttEGDGcV3LWurCSCmZ9nlAobJ0Ugmm8aDbB1WuLTtzU3rUUwN6HRhKN3wE3UnBA1liSxpEzJ39hbwRTne84-0Ao92M0ysE-T5HETMaJitylRIfPy9S57n1S6K09S9LIC8YG_qewK-61JGEUT4MpJErtyRS_V5cat4Qepbk2Eh74PSe8LxGCWCcQ&sai=AMfl-YSv31hk1B7BW3EtZpnVn-4WAVjlQka1QLIkJva9HfYXWDH5K3wcU3E9p9o3vnr9gdQa9IHZMe7g8m6niSutM1HzQqN0OmM1Fp1w0tZz&sig=Cg0ArKJSzMPW6D69PvpXEAE&urlfix=1&adurl=

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Oct 2019 00:12:38 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 02 Oct 2019 00:12:38 GMT

GET
H/1.1 200
OK banner
b.a2gw.com/ Frame AB20 0
0 184ms
37ms Document
text/html 99.80.192.46
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://b.a2gw.com/banner?dfp=21773486844&cw=300&ch=250&_cb=275896255
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019092602.js?21064579
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.192.46 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-99-80-192-46.eu-west-1.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash

Request headers

Host: b.a2gw.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: http://raovat.4umer.com/t151645-topic
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://raovat.4umer.com/t151645-topic

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Oct 2019 00:12:38 GMT
Expires: 0
Server: nginx/1.14.1
Content-Length: 277
Connection: keep-alive

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0C6A 78 KB
29 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019092602.js?21064579

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5f224a13a15499778526423761125cbae8b8063bf0f90a46862671e17ccc9e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1569842443931303"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29671
x-xss-protection: 0
expires: Wed, 02 Oct 2019 00:12:38 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3244 77 KB
29 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019092602.js?21064579

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a7708a738c64bd02df7ae231ab503159ab3336fa03de1853675631309ec07ada

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1569842443931303"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29108
x-xss-protection: 0
expires: Wed, 02 Oct 2019 00:12:38 GMT

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 3A2D 0
57 B 31ms
30ms Fetch
image/gif 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuiR2jo_5IOSlexxb3kTp4oWMAr67tLQX7d-c80AyZ9XvplYXfg0I7rzi2KajjOI1Lafg0wRr-5S-_H9T_0mqGIshLMAChD_ttNMEh0tQmqUUiF1ovLIiJMbquWHudyq8kz6lu_xwvPOYiROYQDULzKmw79z0F83hjK0-avaXq84RaX05vahi7XsH4cp-fh2v10LSYrPK4nXTHMKLAQXp7LzlH6l-hong0TVvcNm9oTGr1vasBdXvqeHUOhoiP9NgXdgTs3TVsigwX3uh1D8A&sai=AMfl-YRYx0C5_c85yXaV8w1JMUzVkpT2d007Ie9u9ciQtf9M1iXoXxfijqEzz0Q1t2jYkEL-D7Kut0PjQYGGs46jvpByIBsxh-k-yrm0EWTX&sig=Cg0ArKJSzOTyw_jXqFW4EAE&urlfix=1&adurl=

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Oct 2019 00:12:38 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK banner
b.a2gw.com/ Frame 83ED 0
0 173ms
39ms Document
text/html 99.80.192.46
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://b.a2gw.com/banner?dfp=21773487228&cw=728&ch=90&_cb=318513001
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019092602.js?21064698
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.192.46 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-99-80-192-46.eu-west-1.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash

Request headers

Host: b.a2gw.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: http://raovat.4umer.com/t151645-topic
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://raovat.4umer.com/t151645-topic

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Oct 2019 00:12:38 GMT
Expires: 0
Server: nginx/1.14.1
Content-Length: 282
Connection: keep-alive

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3A2D 78 KB
29 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019092602.js?21064698

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5f224a13a15499778526423761125cbae8b8063bf0f90a46862671e17ccc9e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1569842443931303"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29671
x-xss-protection: 0
expires: Wed, 02 Oct 2019 00:12:38 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 71A4 77 KB
29 KB 87ms
87ms Script
text/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019092602.js?21064698

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a7708a738c64bd02df7ae231ab503159ab3336fa03de1853675631309ec07ada

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1569842443931303"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29108
x-xss-protection: 0
expires: Wed, 02 Oct 2019 00:12:38 GMT

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame D354 0
255 B 31ms
31ms Fetch
image/gif 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuMUDF3gI9bx2QNchIZXerMEO6UcjeaUS1UWKbc5-iveD_1e6V6nUTfPoweUwo7Vu2oFy5eBcjGI6dNac0GDmYRspAjeUquh2YMdKdB2b90hVIIuETN0HsWkEnYIeJfpKIeFOz81r6NiWou-0GXltxkm7d0fVkGRglx9zVYEui6N3LVX4yek4bWesPr_QyOydc5LbePwfydMYpxjLBqvukdb4Ss8yDAKIH_gk17AqHa2VpZJeE1bM56LeYGtHMoRfpttnL0dd1v5LfJVsGhTnI&sai=AMfl-YTxN2XttYG8ado5G4IWDvqN-M_fgTOnWIdZX2Yb4ItRGUUxK4hP8iJ2Vsk1KOnfd7QhtF23x_3BZD-R1NY8u-2ZrLQWLIwlx4u4aqC9xQ&sig=Cg0ArKJSzH0Esd5JWIJbEAE&urlfix=1&adurl=

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Oct 2019 00:12:38 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 02 Oct 2019 00:12:38 GMT

GET
H/1.1 200
OK banner
b.a2gw.com/ Frame F1E6 0
0 159ms
40ms Document
text/html 99.80.192.46
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://b.a2gw.com/banner?dfp=21773486844&cw=300&ch=250&_cb=1103884918
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019092602.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.192.46 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-99-80-192-46.eu-west-1.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash

Request headers

Host: b.a2gw.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: http://raovat.4umer.com/t151645-topic
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://raovat.4umer.com/t151645-topic

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Oct 2019 00:12:38 GMT
Expires: 0
Server: nginx/1.14.1
Content-Length: 278
Connection: keep-alive

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame D354 78 KB
29 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019092602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5f224a13a15499778526423761125cbae8b8063bf0f90a46862671e17ccc9e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1569842443931303"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29671
x-xss-protection: 0
expires: Wed, 02 Oct 2019 00:12:38 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 09FE 77 KB
29 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019092602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a7708a738c64bd02df7ae231ab503159ab3336fa03de1853675631309ec07ada

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 02 Oct 2019 00:12:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1569842443931303"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29108
x-xss-protection: 0
expires: Wed, 02 Oct 2019 00:12:38 GMT

GET
DATA 200
OK truncated
/ Frame 3A2D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d30e29b659f8e2954bbaa36e307eb9664c15389c5def1699380c421d1e2057ed

Request headers

Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0C6A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6dfae39ef39c719aa2b6a01ad6b46d8d28f080bd935a7a0b2cdebd41dec451e9

Request headers

Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D354 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc51db94b970a9bb97b2da239f55a65b05bc6b1c70bc39aee12cd8f835d83f8e

Request headers

Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK ping Show response
api.viglink.com/api/ 340 B
1022 B 85ms
71ms XHR
text/javascript 34.246.252.247
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/ping
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Server: 34.246.252.247 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-246-252-247.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 1c63d48288b2612df258f324ae406609042abf0fde2ac3a15d6b20d70b02a377

Request headers

Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 02 Oct 2019 00:12:38 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://raovat.4umer.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 340
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

tag.min.js Show response
get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/
Redirect Chain

http://api.viglink.com/api/sync.js?key=9019de09e2fbd24ca1be00a9fededd9e
http://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js

43 KB
14 KB

13ms
6ms

Script
text/javascript

2600:9000:2156:8800:1f:287:d20a:ce1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic
Protocol: HTTP/1.1
Server: 2600:9000:2156:8800:1f:287:d20a:ce1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4581a8ee1f3b5103458e5ad88a90c847bacce216bb021fc8a21d9d9f9e0e3d1b

Request headers

Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: ZHambxBZf8oDBVbsA2eKvhosoGHeIUKy
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Fri, 06 Sep 2019 22:23:21 GMT
Server: AmazonS3
Age: 2056
Date: Tue, 01 Oct 2019 23:38:23 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: gTJe_ZQ64MmrqjG1zeqyaFLzx8EvKz1Vnh3rjIlda7Liy2hKdhqjKw==

Redirect headers

Pragma: no-cache
Date: Wed, 02 Oct 2019 00:12:38 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Location: http://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

http://api.viglink.com/api/sync.gif?key=9019de09e2fbd24ca1be00a9fededd9e
http://ce.lijit.com/merge?pid=8008&3pid=5da85ca09631a4283cd35fb1f2b70b70

0
532 B

34ms
19ms

Image
text/html

72.251.249.9
Internap Corporation

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ce.lijit.com/merge?pid=8008&3pid=5da85ca09631a4283cd35fb1f2b70b70
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t151645-topic
Protocol: HTTP/1.1
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Oct 2019 00:12:38 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ap3ams1
Content-Type: text/html;charset=utf-8
X-Application-Context: application:prod:9080
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 02 Oct 2019 00:12:38 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Location: http://ce.lijit.com/merge?pid=8008&3pid=5da85ca09631a4283cd35fb1f2b70b70
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK domains Show response
api.viglink.com/api/ 55 B
502 B 78ms
67ms XHR
text/javascript 34.246.252.247
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/domains
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Server: 34.246.252.247 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-246-252-247.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 0d1f196a97c5d36208bb3c0bbddcd989f859e5c344728dbb44b6b6696f6105cf

Request headers

Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 02 Oct 2019 00:12:38 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://raovat.4umer.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 55
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK insert Show response
api.viglink.com/api/ 117 B
565 B 52ms
43ms XHR
text/javascript 34.246.252.247
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/insert
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Server: 34.246.252.247 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-246-252-247.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 98f5c3b46098e0b6795576a28d98a7e691d19580c821ca06a624648eadff8970

Request headers

Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 02 Oct 2019 00:12:38 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://raovat.4umer.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 117
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK / Show response
onetag-geo.s-onetag.com/ 23 B
589 B 179ms
172ms XHR
application/json 2600:9000:2156:9a00:5:ae3a:ba00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: http://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
Protocol: HTTP/1.1
Server: 2600:9000:2156:9a00:5:ae3a:ba00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: ad16e1b37490fca28df99d039d6373d2fee4d894fcd279d95b90ae872f4d860f

Request headers

Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 02 Oct 2019 00:12:38 GMT
Via: 1.1 d41256fff4c52560b6f36cf42caee95d.cloudfront.net (CloudFront), 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2, FRA50-C1
x-amzn-RequestId: 7ba0c039-9375-4c2f-81b5-693368a6c159
X-Cache: Miss from cloudfront
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
x-amz-apigw-id: A6G6jGiLyK4FtSw=
Content-Length: 23
X-Amz-Cf-Id: onCtpQkvegElmhPZdEH0s8vRh4ZPsvx71bS0HnXOGqJhqA7Q7A8kGw==

GET
H2 200 beacon.min.js Show response
beacon.s-onetag.com/ 18 KB
6 KB 28ms
6ms Script
application/javascript 2600:9000:200d:a400:5:9a4c:9b00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.s-onetag.com/beacon.min.js
Requested by: Host: get.s-onetag.com
URL: http://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:a400:5:9a4c:9b00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 662fa6bcdf71d8f92e29010d3e2e270e0071e5d19b1d14ce205654a78aa0a7a9

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: dQ2IPgbwW_sArXQW0CBb3eN5W57SqoQ0
content-encoding: gzip
last-modified: Thu, 04 Apr 2019 09:35:05 GMT
server: AmazonS3
age: 689
date: Wed, 02 Oct 2019 00:01:09 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: FRA50
x-amz-cf-id: pidFyEEdVVIvRT9VipeUhWUcamh_cov95pybfR9H77KxhgZiRlLolQ==
via: 1.1 7f0216233154388a0ffe191ece5a7b12.cloudfront.net (CloudFront)

POST
H/1.1 400
Bad Request optimize Show response
api.viglink.com/api/ 986 B
1 KB 39ms
38ms XHR
text/html 34.246.252.247
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/optimize
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Server: 34.246.252.247 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-246-252-247.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 4192f7a925a86b25b87e422c509071dc6d5222fef92358406b627882ee2c22af

Request headers

Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 02 Oct 2019 00:12:38 GMT
Server: Apache-Coyote/1.1
Content-Language: en
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://raovat.4umer.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html;charset=utf-8
Content-Length: 986
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3A2D 42 B
117 B 15ms
14ms Image
image/gif 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssfD6Usoge86F0CaOOPYlsPk49iUkRFR3Gg651ccfcmO_tYzKAvyIdrk4SpGYG3ekFJAgKYk1ZaQU3buP6gWCaTNFlp9RDCKlNQBBFLN58&sig=Cg0ArKJSzI0DWpQE73--EAE&adk=442451065&tt=1119&bs=1585%2C1200&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&p=0,0,90,728&mcvt=1018&rs=3&ht=0&tfs=105&tls=1123&mc=1&lte=1&bas=0&bac=0&met=no&avms=nio&niot_obs=4&niot_cbk=33&md=2&lm=2&rst=1569975158267&rpt=161&isd=0&oseid=3&xdi=0&ps=1585%2C3107&ss=1600%2C1200&pt=5&bin=1&deb=1-1-1-7-12-6-15-11-0-0-0&tvt=1120&is=728%2C90&iframe_loc=http%3A%2F%2Fraovat.4umer.com%2Ft151645-topic&r=v&id=osdim&vs=4&za&uc=12&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20190930

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Oct 2019 00:12:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
onetag-geo.s-onetag.com/ 23 B
588 B 9ms
9ms XHR
application/json 2600:9000:2156:9a00:5:ae3a:ba00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://onetag-geo.s-onetag.com/
Requested by: Host: beacon.s-onetag.com
URL: https://beacon.s-onetag.com/beacon.min.js
Protocol: HTTP/1.1
Server: 2600:9000:2156:9a00:5:ae3a:ba00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: ad16e1b37490fca28df99d039d6373d2fee4d894fcd279d95b90ae872f4d860f

Request headers

Referer: http://raovat.4umer.com/t151645-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 02 Oct 2019 00:12:38 GMT
Via: 1.1 d41256fff4c52560b6f36cf42caee95d.cloudfront.net (CloudFront), 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2, FRA50-C1
x-amzn-RequestId: 7ba0c039-9375-4c2f-81b5-693368a6c159
X-Cache: Hit from cloudfront
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
x-amz-apigw-id: A6G6jGiLyK4FtSw=
Content-Length: 23
X-Amz-Cf-Id: UkHzdj3AF8El3GRR-PRexi3iGSSp7ckSb6Q6b97Rl5PqfBpxnbs3Tg==

Verdicts & Comments Add Verdict or Comment

292 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.4umer.com/	1970-01-19 21:37:27	Name: __gads Value: ID=dcfd2441a98d7dd0:T=1569975158:S=ALNI_MbBhNnFoLrLYhjbACApmEyS4o90zw
raovat.4umer.com/	1969-12-31 23:59:59	Name: toolbar_state Value: fa_show
.raovat.4umer.com/	1970-01-19 04:06:16	Name: __utmb Value: 84484378.2.10.1569975158
.raovat.4umer.com/	1970-01-19 08:29:03	Name: __utmz Value: 84484378.1569975158.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.raovat.4umer.com/	1970-01-19 21:37:27	Name: __utma Value: 84484378.864735235.1569975158.1569975158.1569975158.1
.raovat.4umer.com/	1970-01-19 04:06:15	Name: __utmt Value: 1
.raovat.4umer.com/	1970-01-19 04:27:51	Name: _fa-screen Value: %7B%22w%22%3A1600%2C%22h%22%3A1200%7D
.4umer.com/	1970-01-19 04:06:15	Name: _gat_gtag_UA_144337024_1 Value: 1
.4umer.com/	1970-01-19 04:07:41	Name: _gid Value: GA1.2.264764531.1569975158
.raovat.4umer.com/	1969-12-31 23:59:59	Name: __utmc Value: 84484378
.4umer.com/	1970-01-19 21:37:27	Name: _ga Value: GA1.2.864735235.1569975158

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://raovat.4umer.com/t151645-topic(Line 23) Message: {"w":1600,"h":1200}
console-api	log	URL: http://raovat.4umer.com/t151645-topic(Line 188) Message: Failed to register service worker.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2img.net
adservice.google.de
api.viglink.com
b.a2gw.com
b.scorecardresearch.com
beacon.s-onetag.com
bidder.criteo.com
cdn.rawgit.com
cdn.taboola.com
cdn.viglink.com
ce.lijit.com
code.jquery.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
hitsk.in
i.imgur.com
i.servimg.com
i97.servimg.com
illiweb.com
images.dmca.com
maxcdn.bootstrapcdn.com
onetag-geo.s-onetag.com
pagead2.googlesyndication.com
raovat.4umer.com
raovat.tuoitrevn.net
securepubads.g.doubleclick.net
static.criteo.net
staticxx.facebook.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.nhakhoaava.vn
151.101.12.193
151.101.14.2
151.139.237.11
151.139.242.29
172.217.16.162
178.250.0.130
178.250.0.165
178.33.43.150
198.13.34.38
2.16.186.99
2001:4de0:ac18::1:a:3b
2001:4de0:ac19::1:b:2a
2600:9000:200d:a400:5:9a4c:9b00:93a1
2600:9000:2156:8800:1f:287:d20a:ce1
2600:9000:2156:9a00:5:ae3a:ba00:93a1
2606:4700:30::6812:3807
2606:4700:30::6818:797c
2606:4700:30::681b:8ce7
2606:4700::6810:a10d
2606:4700:e2::ac40:8a18
2a00:1450:4001:800::2004
2a00:1450:4001:806::200a
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2003
2a00:1450:4001:815::2002
2a00:1450:4001:815::200e
2a00:1450:4001:817::200a
2a00:1450:4001:819::2002
2a00:1450:4001:819::2003
2a00:1450:4001:81a::2008
2a00:1450:4001:824::2003
2a00:1450:400c:c06::9b
2a03:2880:f02d:12:face:b00c:0:3
34.246.252.247
72.251.249.9
94.23.76.111
99.80.192.46
0035ed075d597ffa4dc9deb3f28776a1d13d337daa1f6be413f13cb51f7dd0fb
02be12aef9119686fd59cb18175cb585e21e46a6aa5ec6b10074e6dd37476eef
02f7429e1f922775f825814370ddc033dba875ce2318b4ba11463d60bcc853f6
031d5c793b10392a1e6e8d5ca80f0b6988bc773a1debb79d277ebed917e92cbe
075cc698968c8fabdc079e0f5a8bf11ed379ddb445d0d7caa5085cf67ff12b57
0760bb6abffd75a3316d0416c3240161e058e1b9fb5a91db8966b5adf443112a
0d1f196a97c5d36208bb3c0bbddcd989f859e5c344728dbb44b6b6696f6105cf
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
10dfcb598d3dd6c0f995f34de110a0612d6e68ee3f9928bcbe1f348084f0d9bf
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
166361649cb058cd61e6f87d19a0b47a859deb79a17396c59d8dd9b1c661bc9f
1925534e08e043e86174c5e2e2fa50889e6c773a82fa3ae83d3365a29e2b50c0
1c63d48288b2612df258f324ae406609042abf0fde2ac3a15d6b20d70b02a377
1ccb56e3c58fce6511ad69d71f3a78357043b451270ee13643a32a118899c36c
20ea9b0f35d57e898e1761b34d5b9d019df3201b0d027908cd02d0656c2960d1
235d503d44efda2814ec2bceae1626390f3c7c8b57bfec42531b927de266758e
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b7caf43d9c84f7b05243a68e7bc41555f0b873a115a1e1c691f86bed97dd4d9
2c459af038b187354a6342ef343b41451f024d3791bb4456c68d998ed9027ec9
2c7a8b34d05698985a9c135034620a43a47bb11b9701867465b4909327f018a3
33b9cfa85ac4128db561c2f1a037e68b359c57a05d41a5ec51315d805e1a06ad
35aefd2d1de0b25d9a5640cf3129dfc507a3c417a7da34f4bb6f9b4a79e19484
35c073a53df4dd054afab9758b90a88846802754ff15fc3b31cc9af133c8a401
3f2a88a252ab5dce2170fff4889f744b5a4943b2863b220a96fec7aa9d0bae71
4192f7a925a86b25b87e422c509071dc6d5222fef92358406b627882ee2c22af
4329939a1e757492199e1f1c66634347d40a4c361816ca3eda194dbc31aba4e4
4581a8ee1f3b5103458e5ad88a90c847bacce216bb021fc8a21d9d9f9e0e3d1b
4895ea123004a86ed0195e733b973aac213b6ef43487b706a3cda470b32d2322
4d2393ec9a6d20fc58d60f8d9140fd7ccdd709ec1ab00036dce2847901c2ba92
4efba2511ac7b398ee519551405416b684264c28f052829e9dd86bb836257d90
4fd1acd345a275a4bac18996c4de2352999db69b6a14a24bdda89af0e7c4ce3a
50fc7c8cd3a5483fddcd12cd8f5e15f704d5e4e8f147ee2ab2f931791bf208b7
5384a3023793ef64f078ec77235f40a8cb0fe8aa2dfd04fbbbbaf6e292da18c2
53b50d936fbd0379b43181e53561a665a21e6ea1d1fd50a08b8eeaa0fee06906
5b9015044ce252559ccbb0cd794d03c995a50f84884b2019293782fb7fe8874f
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5f224a13a15499778526423761125cbae8b8063bf0f90a46862671e17ccc9e7b
63f4f82cf06f230550429133b1cdc57ece980f534134bc947aabbdedb58fb612
6467ef7c6f800ba0be91edfecdbfd7b34d76b0af760878606cb49f8da3bd139c
662fa6bcdf71d8f92e29010d3e2e270e0071e5d19b1d14ce205654a78aa0a7a9
6742ec1271dff587e859a90ce7e4bee26cfd60625f5bb95325650c6b04afda8d
690a9c5e2ba9f5cfb4bb225bf84b658d899b75825472da0851845edb636463dd
6ca20cfedac5fd9258f9f8355b713ae92a640b2ebdd2b048182e0b7eafa1a9fe
6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90
6dfae39ef39c719aa2b6a01ad6b46d8d28f080bd935a7a0b2cdebd41dec451e9
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d01bdeaddc4a197b7464fa3319ee6fd20ad425bb14ae321ebcf3b0726ea0408
811d82c552e689c78fe3aa0c272ce60168ff969fbf23c7b7249ce8eefe5971e0
831d19d3c80ca082ccf9394743c71280aa5a2b7c40b8176382eb1ce20ad06ae7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84193816087e802c9209355842e4d99b9dc73cea9179921c8070da4dcc139b7d
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8f54301c324d81a1d069061f8932c853d1ac44fdc77298340743310ec32c4aa7
90e83f9812d4235e44151847751420c1b53a05a31415446dd467c85720f6e143
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
98f5c3b46098e0b6795576a28d98a7e691d19580c821ca06a624648eadff8970
9a064cb03f4d284288b7ac46e8a3b0b30492a89c4219d1f91de96b4ce224493e
9fc64234adef2ec886ef2f655f20ee3c67efc568b0f47b1137e26681ef986d02
a4542c5ce6094ffbc5d0f25ce86fa947d99391476498220916fe8823125b27fc
a56d8fd2c346648167ab574f3be9f54f3a96707aeddcdd3ceabd3ac1201b8057
a7708a738c64bd02df7ae231ab503159ab3336fa03de1853675631309ec07ada
ad16e1b37490fca28df99d039d6373d2fee4d894fcd279d95b90ae872f4d860f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e3d2c14e73d02c96b42ade56dfbb0535e4cf0537161c2b5bce2e149a09384b
b5dcc348dfc17febe1b10d98e56cf012bd92b93de5a6656afdc42d930bec152b
b844a2bb8061f0b3382e300f63fb07d62a08cca0d9eceb0c995ddc2b118fc062
bb092cc53aa842d93f42f54f6129ca2d834e280e0a172bafc4ec13688a8d7d4c
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
d2321a9b67cdba84c641ef6c4e52468e8d3494b5555b23593d44e6a3cb4d922c
d30e29b659f8e2954bbaa36e307eb9664c15389c5def1699380c421d1e2057ed
d4a0134009f70c36d82c43c77b2a6f0ee48a57beb8d4f9e9ff7c3dd3887212bc
da281a874974bf0c9518ccd03db9c96e1f69bfbb72ad62bee649c400d97e4899
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
ede50408d9975eb59f99b6525984e2c1cf091977e1bbc37d49a1aee6e75bcc90
ee4b6ac81622a15d376488d3a25228b90de031ac08f84dd9e1c4d2918c4a751a
eea9767f3e2c171b55a01fd5da2da5ce658ae3f4e3b6c49cee0659bb38237f6a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ec3e538f687c5ea7065b9a3be9c91ec6f78e10dc99e269254548c22d23a699
f2b57c5797018dd0ef9c1c8386ef46d1d27c13ea0615617ffd6e7012074e6948
f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4
f5b862705def8b10b9a2f6e2d285ace98b47d499942ad23d492820a6a04341dc
f6f0736f1f421aab99f9eb3920f692dfe595183dd40717646aa3093888c55d66
fc51db94b970a9bb97b2da239f55a65b05bc6b1c70bc39aee12cd8f835d83f8e
fe6d42f3670bd140d05899fd0bc6161882da3f9fb4173f241148836279fa5477

raovat.4umer.com Open in urlscan Pro 94.23.76.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

112 Requests

71 %HTTPS

62 %IPv6

31 Domains

39 Subdomains

37 IPs

9 Countries

1507 kBTransfer

3768 kBSize

11 Cookies

19 Outgoing links

Redirected requests

112 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

raovat.4umer.com Open in urlscan Pro
94.23.76.111 Public Scan

Screenshot
Live screenshot

Full Image

112
Requests

71 %
HTTPS

62 %
IPv6

31
Domains

39
Subdomains

37
IPs

9
Countries

1507 kB
Transfer

3768 kB
Size

11
Cookies

112 HTTP transactions
3 data transactions