nhadat.forum.st Open in urlscan Pro
94.23.159.185 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://nhadat.forum.st/t92156-topic
Submission: On September 15 via manual (September 15th 2019, 2:56:49 pm UTC) from VN

Summary HTTP 141 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 42 IPs in 10 countries across 33 domains to perform 141 HTTP transactions. The main IP is 94.23.159.185, located in London, United Kingdom and belongs to OVH, FR. The main domain is nhadat.forum.st.

This is the only time nhadat.forum.st was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	94.23.159.185 94.23.159.185	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
13	2606:4700:e2:... 2606:4700:e2::ac40:8a18	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
3	178.250.2.130 178.250.2.130	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:820::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
19	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
14	2606:4700:30:... 2606:4700:30::6812:3807	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a00:1450:400... 2a00:1450:400c:c00::52	15169 (GOOGLE) (GOOGLE - Google LLC)
2 4	103.74.123.4 103.74.123.4	18403 (FPT-AS-AP...) (FPT-AS-AP The Corporation for Financing & Promoting Technology)
2	2606:4700:10:... 2606:4700:10::6814:17fa	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
15	216.58.210.2 216.58.210.2	15169 (GOOGLE) (GOOGLE - Google LLC)
1 5	2606:4700:30:... 2606:4700:30::6818:787c	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	202.182.98.49 202.182.98.49	20473 (AS-CHOOPA) (AS-CHOOPA - Choopa)
1 4	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1 5	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	151.101.114.2 151.101.114.2	54113 (FASTLY) (FASTLY - Fastly)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
7	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1 1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2606:4700::68... 2606:4700::6810:a20d	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:81a::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2606:4700:30:... 2606:4700:30::681c:e2	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 3	2.16.186.80 2.16.186.80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.8.3.174 23.8.3.174	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1	69.173.144.143 69.173.144.143	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1 1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	69.173.144.155 69.173.144.155	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1	18.202.51.56 18.202.51.56	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2 6	99.80.15.126 99.80.15.126	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2600:9000:205... 2600:9000:2057:de00:1f:287:d20a:ce1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET - Internap Corporation)
2	2600:9000:205... 2600:9000:2057:200:5:ae3a:ba00:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2600:9000:205... 2600:9000:2057:1800:5:9a4c:9b00:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	34.249.204.108 34.249.204.108	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
141	42

2 94.23.159.185 (London, United Kingdom)

ASN16276 (OVH, FR)

nhadat.forum.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:e2::ac40:8a18 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

illiweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:30::6812:3807 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

i.servimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::52 (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)

mudim.googlecode.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.74.123.4 (Viet Nam) 2 redirects

ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN)
PTR: cp123004.bkns.com.vn

www.sonsochu.com.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6814:17fa (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

remitano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 216.58.210.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s07-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:30::6818:787c (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

hitsk.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.182.98.49 (Heiwajima, Japan)

ASN20473 (AS-CHOOPA - Choopa, LLC, US)
PTR: 202.182.98.49.vultr.com

www.bandatnendongnai.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.210.248.44 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:819::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:a20d (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681c:e2 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

connect.topicit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.186.80 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-80.deploy.static.akamaitechnologies.com

b.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.8.3.174 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-8-3-174.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

optimized-by.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States) 1 redirects

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.155 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

beacon-eu2.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.202.51.56 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-202-51-56.eu-west-1.compute.amazonaws.com

s.update.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.230.142 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 99.80.15.126 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-99-80-15-126.eu-west-1.compute.amazonaws.com

api.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:de00:1f:287:d20a:ce1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET - Internap Corporation, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:200:5:ae3a:ba00:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:1800:5:9a4c:9b00:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

beacon.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.204.108 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-249-204-108.eu-west-1.compute.amazonaws.com

b.a2gw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net	344 KB
14	servimg.com i.servimg.com	193 KB
13	illiweb.com illiweb.com	25 KB
11	googletagservices.com www.googletagservices.com	251 KB
9	viglink.com 2 redirects cdn.viglink.com api.viglink.com	33 KB
9	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com Failed	200 KB
8	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	59 KB
6	google.de adservice.google.de www.google.de	1 KB
5	rubiconproject.com ads.rubiconproject.com optimized-by.rubiconproject.com beacon-eu2.rubiconproject.com s.update.rubiconproject.com eus.rubiconproject.com	10 KB
5	google-analytics.com 1 redirects www.google-analytics.com	35 KB
5	hitsk.in 1 redirects hitsk.in	8 KB
4	s-onetag.com get.s-onetag.com onetag-geo.s-onetag.com beacon.s-onetag.com	22 KB
4	facebook.com staticxx.facebook.com www.facebook.com
4	sonsochu.com.vn 2 redirects www.sonsochu.com.vn	211 B
3	scorecardresearch.com 1 redirects b.scorecardresearch.com	2 KB
3	addthis.com 1 redirects s7.addthis.com	115 KB
3	google.com 1 redirects www.google.com adservice.google.com	1 KB
3	criteo.net static.criteo.net	26 KB
3	facebook.net connect.facebook.net	60 KB
2	taboola.com cdn.taboola.com	130 KB
2	remitano.com remitano.com	55 KB
2	googlecode.com mudim.googlecode.com
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	34 KB
2	forum.st nhadat.forum.st	71 KB
1	a2gw.com b.a2gw.com
1	lijit.com ce.lijit.com	532 B
1	addthisedge.com v1.addthisedge.com	373 B
1	topicit.net connect.topicit.net	2 KB
1	gstatic.com www.gstatic.com	92 KB
1	criteo.com bidder.criteo.com	212 B
1	bandatnendongnai.vn www.bandatnendongnai.vn	244 KB
1	googleadservices.com partner.googleadservices.com	750 B
1	googletagmanager.com www.googletagmanager.com	26 KB
141	33

	Domain	Requested by
14	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net nhadat.forum.st tpc.googlesyndication.com
14	i.servimg.com	nhadat.forum.st
13	illiweb.com	nhadat.forum.st pagead2.googlesyndication.com
11	www.googletagservices.com	nhadat.forum.st pagead2.googlesyndication.com securepubads.g.doubleclick.net optimized-by.rubiconproject.com
7	platform.twitter.com	nhadat.forum.st ajax.googleapis.com platform.twitter.com
6	api.viglink.com	2 redirects cdn.viglink.com
6	pagead2.googlesyndication.com	nhadat.forum.st pagead2.googlesyndication.com
5	adservice.google.de	pagead2.googlesyndication.com www.googletagservices.com
5	www.google-analytics.com	1 redirects www.googletagmanager.com nhadat.forum.st
5	hitsk.in	1 redirects nhadat.forum.st
4	www.sonsochu.com.vn	2 redirects nhadat.forum.st
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net
3	b.scorecardresearch.com	1 redirects cdn.taboola.com nhadat.forum.st
3	www.facebook.com	ajax.googleapis.com connect.facebook.net
3	cdn.viglink.com	nhadat.forum.st
3	s7.addthis.com	1 redirects nhadat.forum.st s7.addthis.com
3	static.criteo.net	nhadat.forum.st
3	connect.facebook.net	nhadat.forum.st connect.facebook.net
2	onetag-geo.s-onetag.com	get.s-onetag.com beacon.s-onetag.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	cdn.taboola.com	nhadat.forum.st cdn.taboola.com
2	remitano.com	nhadat.forum.st
2	mudim.googlecode.com	nhadat.forum.st
2	www.google.com	1 redirects nhadat.forum.st
2	nhadat.forum.st	nhadat.forum.st
1	b.a2gw.com	nhadat.forum.st
1	beacon.s-onetag.com	get.s-onetag.com
1	ce.lijit.com	nhadat.forum.st
1	get.s-onetag.com	nhadat.forum.st
1	eus.rubiconproject.com	nhadat.forum.st
1	s.update.rubiconproject.com	nhadat.forum.st
1	beacon-eu2.rubiconproject.com	nhadat.forum.st
1	syndication.twitter.com	1 redirects
1	optimized-by.rubiconproject.com	ads.rubiconproject.com
1	ads.rubiconproject.com	securepubads.g.doubleclick.net
1	v1.addthisedge.com	s7.addthis.com
1	connect.topicit.net	nhadat.forum.st
1	fonts.googleapis.com	ajax.googleapis.com
1	staticxx.facebook.com	connect.facebook.net
1	www.google.de	nhadat.forum.st
1	stats.g.doubleclick.net	1 redirects
1	adservice.google.com	pagead2.googlesyndication.com
1	www.gstatic.com	www.google.com
1	bidder.criteo.com	static.criteo.net
1	www.bandatnendongnai.vn	nhadat.forum.st
1	partner.googleadservices.com	nhadat.forum.st
1	www.googletagmanager.com	nhadat.forum.st
1	ajax.googleapis.com	nhadat.forum.st
141	48

This site contains links to these domains. Also see Links.

Domain
louiscity.net
www.sonsochu.com.vn
www.ttc-group.vn
remitano.com
www.goldmarkcity136.vn
duanngoinhamoi.com
www.forumvi.com
help.forumotion.com

Subject Issuer	Validity	Valid
	`1970-01-01` - `1970-01-01`	a few seconds	crt.sh
*.googleapis.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
illiweb.com CloudFlare Inc ECC CA-2	`2018-10-18` - `2019-10-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-08-24` - `2019-10-19`	2 months	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2019-03-26` - `2020-03-30`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
www.google.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
servimg.com CloudFlare Inc ECC CA-2	`2018-10-19` - `2019-10-19`	a year	crt.sh
caodangmientrung.com cPanel, Inc. Certification Authority	`2019-07-24` - `2019-10-22`	3 months	crt.sh
ssl516184.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-24` - `2020-03-01`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
sni165043.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-09-09` - `2020-03-17`	6 months	crt.sh
bandatnendongnai.vn COMODO RSA Domain Validation Secure Server CA	`2018-08-15` - `2020-08-14`	2 years	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2019-06-06` - `2020-09-04`	a year	crt.sh
*.google.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
www.google.de GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2018-11-19` - `2019-11-27`	a year	crt.sh
topicit.net CloudFlare Inc ECC CA-2	`2018-11-06` - `2019-11-06`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
kazfv.com Sectigo ECC Domain Validation Secure Server CA	`2019-06-05` - `2020-06-04`	a year	crt.sh
*.s-onetag.com Amazon	`2019-06-25` - `2020-07-25`	a year	crt.sh
*.a2gw.com Amazon	`2018-10-22` - `2019-11-22`	a year	crt.sh

This page contains 20 frames:

Primary Page: http://nhadat.forum.st/t92156-topic
Frame ID: C05E3788E8BC0F55C72A1E302F2F8EE3
Requests: 87 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/show_ads_impl.js
Frame ID: 64E92985B0529A017FA0B97335810C3B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190911/r20190131/zrt_lookup.html
Frame ID: 5B831F4BFAA64A5F678CD1F6A7E54055
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: C373BB95F4F0254D9C4C4270DA1E936E
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1679833670506844&output=html&adk=4230865854&adf=2465371114&lmt=1568559390&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&ea=0&flash=0&pra=5&wgl=1&dt=1568559390291&bpp=7&bdt=161&fdt=92&idt=93&shv=r20190911&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=8137795696527&frm=20&pv=2&ga_vid=811161483.1568559390&ga_sid=1568559390&ga_hid=821553078&ga_fc=0&iag=0&icsg=10784&dssz=45&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=423550201&oid=3&pg_h=1404&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=0.ps1admteej8v&fsb=1&dtd=108
Frame ID: 3D59C7F97E4B0B4F24B76C88671BE97D
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: A6AC1F96DDA0432723D166E40520F6FE
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 862382C70BFB3D3B49650B825AA0D36B
Requests: 7 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 9B9C7B5303F11B97F0CCA53DC3E3592A
Requests: 7 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?locale=en_GB&href=http%3A%2F%2Fnhadat.forum.st%2Ft92156-&send=false&layout=standard&width=60&show_faces=false&action=like&colorscheme=light&font&height=60
Frame ID: C2DAA091416F29F8211860DB6A6CE6CE
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=350870611723837&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df3576000a4f37f%26domain%3Dnhadat.forum.st%26origin%3Dhttp%253A%252F%252Fnhadat.forum.st%252Ff2f398b2b0256e%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&layout=button_count&locale=vi_VN&sdk=joey&share=false&show_faces=false
Frame ID: 2EC3B97F52222CE94EF714244E9767AC
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d9084ca5af1ffbe01c8d444cfadfa6fe.html?origin=http%3A%2F%2Fnhadat.forum.st
Frame ID: 6CE21DFC75794D112DA08B411E044ED6
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.d9084ca5af1ffbe01c8d444cfadfa6fe.vi.html
Frame ID: 08749F5717280C69AB6FB22EF190889C
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.d9084ca5af1ffbe01c8d444cfadfa6fe.vi.html
Frame ID: 9BB018C5D42B0BCDCAA5941699541917
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuHZf8kMS-eMQMlgDAtRvAkueRlsVFOViXnZD-7k1pDPvQpMVQYaRbxleRrObGzAiUHYCpPuJcFtK074xlOVuGxgLEXISK_uoJQjr943kMwsboBZt_RXNaz0BssXfzb1o2mhVygkghSvTB8JXyn4FMVrhB9oMXlHFyyesW1N25arovEyWUqMqtgWwrEk_2-ausXKt3peBFxHEZwB03pieY1R0t7_hdXd4jEgwuRV5hwua5C3M1r3VkbGmniaKpMqw&sig=Cg0ArKJSzJo2i_erxUsrEAE&urlfix=1&adurl=
Frame ID: 2184D7EDB74260631738991DF00C2FBB
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1
Frame ID: F2815E97E2BC345F5EA37DDDBD12F512
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1
Frame ID: BC22505E082FA7E4C83131CBD5ED4320
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 5C31A54E21705B62AA2630573C235FE9
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 09582D5F44DDBCC93D3FAAB946FF5177
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20190911/r20110914/elements/html/impression/delayed_impression_vu_simple_fetch_fy2019.js
Frame ID: B19C9389D31E4B3B510085CF511B9FDF
Requests: 5 HTTP requests in this frame

Frame: https://b.a2gw.com/banner?dfp=21773487228&cw=728&ch=90&_cb=800376867
Frame ID: 72A8C54B3F0C563200CA9E07635FADCE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

VigLink (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:^[^\/]*\/\/[^\/]*viglink\.com\/api\/|vglnk\.js)/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

141
Requests

77 %
HTTPS

58 %
IPv6

33
Domains

48
Subdomains

42
IPs

10
Countries

2037 kB
Transfer

4928 kB
Size

20
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://louiscity.net/

Search URL Search Domain Scan URL

URL: https://www.sonsochu.com.vn/

Search URL Search Domain Scan URL

URL: http://www.ttc-group.vn/trang-tuyen-dung#nhan-vien-kinh-doanh

Search URL Search Domain Scan URL

URL: https://remitano.com/vn?ref=dnn2018

Search URL Search Domain Scan URL

URL: http://www.goldmarkcity136.vn/

Search URL Search Domain Scan URL

URL: http://duanngoinhamoi.com/
Title: ngôi nhà mới

Search URL Search Domain Scan URL

URL: https://www.sonsochu.com.vn/dang-ky-mo-dai-ly-phan-phoi-son-sochu-nano-nhat-ban
Title: tìm đại lý phân phối sơn

Search URL Search Domain Scan URL

URL: http://www.forumvi.com/create-forum/phpbb3
Title: Free forum

Search URL Search Domain Scan URL

URL: https://www.forumvi.com/phpbb
Title: phpBB

Search URL Search Domain Scan URL

URL: https://help.forumotion.com/
Title: Free forum support

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://www.sonsochu.com.vn/wp-content/uploads/2017/11/banner1.png HTTP 302
https://www.sonsochu.com.vn/cgi-sys/suspendedpage.cgi

Request Chain 33

http://s7.addthis.com/js/300/addthis_widget.js HTTP 308
https://s7.addthis.com/js/300/addthis_widget.js

Request Chain 37

https://www.sonsochu.com.vn/wp-content/uploads/2017/11/banners-2.png HTTP 302
https://www.sonsochu.com.vn/cgi-sys/suspendedpage.cgi

Request Chain 45

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 61

http://hitsk.in/t/12/15/30/i_icon_online.gif HTTP 302
https://hitsk.in/t/12/15/30/i_icon_online.gif

Request Chain 63

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=821553078&t=pageview&_s=1&dl=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&ul=en-us&de=UTF-8&dt=%C6%AFu%20%C4%91%C3%A3i%2C%203%20su%E1%BA%A5t%20ngo%E1%BA%A1i%20giao%20%C4%91%E1%BA%A5t%20n%E1%BB%81n%20th%E1%BB%95%20c%C6%B0%20tr%E1%BA%A3ng%20bom%20gi%C3%A1%20r%E1%BA%BB&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=838254249&gjid=1641476315&cid=811161483.1568559390&tid=UA-144347007-1&_gid=1535319964.1568559390&_r=1&gtm=2ou941&z=484193406 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-144347007-1&cid=811161483.1568559390&jid=838254249&_gid=1535319964.1568559390&gjid=1641476315&_v=j79&z=484193406 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144347007-1&cid=811161483.1568559390&jid=838254249&_v=j79&z=484193406 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144347007-1&cid=811161483.1568559390&jid=838254249&_v=j79&z=484193406&slf_rd=1&random=3569330026

Request Chain 69

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1953576079&utmhn=nhadat.forum.st&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C6%AFu%20%C4%91%C3%A3i%2C%203%20su%E1%BA%A5t%20ngo%E1%BA%A1i%20giao%20%C4%91%E1%BA%A5t%20n%E1%BB%81n%20th%E1%BB%95%20c%C6%B0%20tr%E1%BA%A3ng%20bom%20gi%C3%A1%20r%E1%BA%BB&utmhid=821553078&utmr=-&utmp=%2Ft92156-topic&utmht=1568559390454&utmac=UA-26327096-1&utmcc=__utma%3D258443733.811161483.1568559390.1568559390.1568559390.1%3B%2B__utmz%3D258443733.1568559390.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1364990823&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQBAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1953576079&utmhn=nhadat.forum.st&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C6%AFu%20%C4%91%C3%A3i%2C%203%20su%E1%BA%A5t%20ngo%E1%BA%A1i%20giao%20%C4%91%E1%BA%A5t%20n%E1%BB%81n%20th%E1%BB%95%20c%C6%B0%20tr%E1%BA%A3ng%20bom%20gi%C3%A1%20r%E1%BA%BB&utmhid=821553078&utmr=-&utmp=%2Ft92156-topic&utmht=1568559390454&utmac=UA-26327096-1&utmcc=__utma%3D258443733.811161483.1568559390.1568559390.1568559390.1%3B%2B__utmz%3D258443733.1568559390.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1364990823&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQBAAAE~

Request Chain 70

http://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1868618900&utmhn=nhadat.forum.st&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C6%AFu%20%C4%91%C3%A3i%2C%203%20su%E1%BA%A5t%20ngo%E1%BA%A1i%20giao%20%C4%91%E1%BA%A5t%20n%E1%BB%81n%20th%E1%BB%95%20c%C6%B0%20tr%E1%BA%A3ng%20bom%20gi%C3%A1%20r%E1%BA%BB&utmhid=821553078&utmr=-&utmp=%2Ft92156-topic&utmht=1568559390457&utmac=UA-26327096-1&utmcc=__utma%3D258443733.811161483.1568559390.1568559390.1568559390.1%3B%2B__utmz%3D258443733.1568559390.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qAAAAAAAAAAAAAAAQAQBAAAE~ HTTP 307
https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1868618900&utmhn=nhadat.forum.st&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C6%AFu%20%C4%91%C3%A3i%2C%203%20su%E1%BA%A5t%20ngo%E1%BA%A1i%20giao%20%C4%91%E1%BA%A5t%20n%E1%BB%81n%20th%E1%BB%95%20c%C6%B0%20tr%E1%BA%A3ng%20bom%20gi%C3%A1%20r%E1%BA%BB&utmhid=821553078&utmr=-&utmp=%2Ft92156-topic&utmht=1568559390457&utmac=UA-26327096-1&utmcc=__utma%3D258443733.811161483.1568559390.1568559390.1568559390.1%3B%2B__utmz%3D258443733.1568559390.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qAAAAAAAAAAAAAAAQAQBAAAE~

Request Chain 92

http://b.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1568559390614&ns_c=UTF-8&cv=3.1&c8=%C6%AFu%20%C4%91%C3%A3i%2C%203%20su%E1%BA%A5t%20ngo%E1%BA%A1i%20giao%20%C4%91%E1%BA%A5t%20n%E1%BB%81n%20th%E1%BB%95%20c%C6%B0%20tr%E1%BA%A3ng%20bom%20gi%C3%A1%20r%E1%BA%BB&c7=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&c9= HTTP 302
http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1568559390614&ns_c=UTF-8&cv=3.1&c8=%C6%AFu%20%C4%91%C3%A3i%2C%203%20su%E1%BA%A5t%20ngo%E1%BA%A1i%20giao%20%C4%91%E1%BA%A5t%20n%E1%BB%81n%20th%E1%BB%95%20c%C6%B0%20tr%E1%BA%A3ng%20bom%20gi%C3%A1%20r%E1%BA%BB&c7=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&c9=

Request Chain 113

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 125

http://api.viglink.com/api/sync.js?key=9019de09e2fbd24ca1be00a9fededd9e HTTP 302
http://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js

Request Chain 126

http://api.viglink.com/api/sync.gif?key=9019de09e2fbd24ca1be00a9fededd9e HTTP 302
http://ce.lijit.com/merge?pid=8008&3pid=2c6fa9e2efc8591b38d56b4db2c71cea

141 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request t92156-topic Show response
nhadat.forum.st/ 65 KB
16 KB 239ms
221ms Document
text/html 94.23.159.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://nhadat.forum.st/t92156-topic

Protocol

HTTP/1.1

Server

94.23.159.185 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

fcbe0e52986350dd06720959cac45ad3cd91a69a44012bef9027d590f1327d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0; mode=block

Request headers

Host: nhadat.forum.st
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 15 Sep 2019 14:56:30 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache
Pragma: no-cache
Expires: Sun, 15 Sep 2019 00:00:00 GMT
Last-Modified: Sun, 15 Sep 2019 14:56:30 GMT
Vary: User-Agent
X-Content-Type-Options: nosniff
X-XSS-Protection: 0; mode=block
Access-Control-Allow-Origin: *
X-Cache-NE: MISS
Content-Encoding: gzip

GET
H/1.1 200
OK 0-ltr.css
nhadat.forum.st/ 151 KB
55 KB 70ms
65ms Stylesheet
text/css 94.23.159.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://nhadat.forum.st/0-ltr.css

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

HTTP/1.1

Security

, ,

Server

94.23.159.185 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

49634ba201ae609a6a5935ce7c0a3c64b8515f5b8f7fafcf7ba9c0475f7a8a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 15 Sep 2019 14:56:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sun, 15 Sep 2019 00:00:00 GMT
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
X-Cache-NE: EXPIRED
Content-Length: 55843
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 93 KB
33 KB 9ms
5ms Script
text/javascript 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 10:43:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1397570
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 33845
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Aug 2020 10:43:40 GMT

GET
H2 200 vi.js Show response
illiweb.com/rs3/51/frm/lang/ 70 KB
16 KB 59ms
15ms Script
application/x-javascript 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/51/frm/lang/vi.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4542c5ce6094ffbc5d0f25ce86fa947d99391476498220916fe8823125b27fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 348909
cf-polished: origSize=71234
status: 200
x-xss-protection: 1; mode=block
x-cache-ne: EXPIRED
last-modified: Mon, 09 Sep 2019 08:07:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
expires: Mon, 14 Sep 2020 14:56:30 GMT
cache-control: public, max-age=31536000
x-cache-pr: EXPIRED
cf-ray: 516b729cb887c2e5-FRA
cf-bgj: minify

GET
H2 200 all.js Show response
connect.facebook.net/vi_VN/ 3 KB
2 KB 9ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/all.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

673f7fa223246af1701b09c14c845a679f9b048c135fd0bb987e4564932d6f77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: z9bPfqsLs3BchIpAJv50RA==
status: 200
vary: Accept-Encoding
content-length: 1781
x-fb-debug: DO2egK1TU6NcE3rLy5aJtliG+KIr+GdL7GCkWmsMkp0Egu1GS9/p/Q3rCpeSmCislW2gfplFxL+MLsDVFOtPVA==
x-fb-trip-id: 420120009
x-fb-content-md5: 23c551472ebe476fe2083ded5f6dd334
etag: "5cf471338a3514f934b340ffddbc3f7b"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 15 Sep 2019 14:57:53 GMT

GET
H2 200 fb_login.js Show response
illiweb.com/rs3/51/frm/ograph/ 2 KB
730 B 56ms
13ms Script
application/x-javascript 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/51/frm/ograph/fb_login.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a25ffd0157934358e43303fb3d068256095cf6bc686fc8b1c72b39fe222e73d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 349181
status: 200
cf-bgj: minify
x-xss-protection: 1; mode=block
x-cache-ne: MISS
last-modified: Tue, 27 Aug 2019 14:00:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-cache-pr: MISS
cf-ray: 516b729cc889c2e5-FRA
expires: Mon, 14 Sep 2020 14:56:30 GMT

GET
H2 200 ticker.css
illiweb.com/rs3/51/frm/jquery/ticker/ 388 B
246 B 55ms
12ms Stylesheet
text/css 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/51/frm/jquery/ticker/ticker.css

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0915a998c8a41f69e82331eca861ccb6635aac2eeb5639348f370e6e189c663c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 349182
cf-polished: origSize=390
status: 200
x-xss-protection: 1; mode=block
x-cache-ne: MISS
last-modified: Tue, 27 Aug 2019 14:00:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
expires: Mon, 14 Sep 2020 14:56:30 GMT
cache-control: public, max-age=31536000
x-cache-pr: MISS
cf-ray: 516b729cb885c2e5-FRA
cf-bgj: minify

GET
H2 200 ticker.js Show response
illiweb.com/rs3/51/frm/jquery/ticker/ 7 KB
1 KB 57ms
14ms Script
application/x-javascript 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/51/frm/jquery/ticker/ticker.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3682a82a1dd6c67a32cb888e738e45bba2b1aace5ce26a4479cd18a007841399

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 349174
cf-polished: origSize=8803
status: 200
x-xss-protection: 1; mode=block
x-cache-ne: HIT
last-modified: Tue, 27 Aug 2019 14:00:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
expires: Mon, 14 Sep 2020 14:56:30 GMT
cache-control: public, max-age=31536000
x-cache-pr: HIT
cf-ray: 516b729cc88ac2e5-FRA
cf-bgj: minify

GET
H/1.1 200
OK publishertag.js Show response
static.criteo.net/js/ld/ 82 KB
25 KB 53ms
26ms Script
text/javascript 178.250.2.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 6f965e91fcd9010bc9f4d1225479b4996cecf25c4bff92f99df371bf159379f3

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 15 Sep 2019 14:56:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Jul 2019 22:21:06 GMT
Server: nginx
ETag: W/"5d38d9d2-14765"
Transfer-Encoding: chunked
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public
Timing-Allow-Origin: *
Expires: Mon, 16 Sep 2019 14:56:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 69 KB
26 KB 17ms
15ms Script
application/javascript 2a00:1450:4001:820::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-144347007-1

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2d8b76ce721e4684e231dce5ac0c227a4220a2c054c94613924835750824b544

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
content-encoding: br
last-modified: Sun, 15 Sep 2019 12:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 26911
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:56:30 GMT

GET
H2 200 jquery.cookie.js Show response
illiweb.com/rs3/51/frm/jquery/cookie/ 1011 B
884 B 53ms
11ms Script
application/x-javascript 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/51/frm/jquery/cookie/jquery.cookie.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 349182
status: 200
cf-bgj: minify
x-xss-protection: 1; mode=block
x-cache-ne: MISS
last-modified: Tue, 27 Aug 2019 14:00:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-cache-pr: MISS
cf-ray: 516b729cc88cc2e5-FRA
expires: Mon, 14 Sep 2020 14:56:30 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 762 B
537 B 17ms
16ms Script
text/javascript 2a00:1450:4001:81c::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

c2be71422735c4c62ae840477bd44581ba2006ae2ed94b381a3d25fb60300ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 448
x-xss-protection: 1; mode=block
expires: Sun, 15 Sep 2019 14:56:30 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 96 KB
35 KB 28ms
20ms Script
text/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

2ea955cabe710b582d2dab5a5659f00c789af91e5a1fb8a1678e5cc69c82f107

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Sun, 15 Sep 2019 14:56:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 13665209909426514778
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 35377
X-XSS-Protection: 0
Expires: Sun, 15 Sep 2019 14:56:30 GMT

GET
H2 200 okok0110.gif
i.servimg.com/u/f49/16/89/24/22/ 62 KB
62 KB 65ms
18ms Image
image/gif 2606:4700:30::6812:3807
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f49/16/89/24/22/okok0110.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3807 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b55324a12c6a457bef25d9b69a12e32c82fcc4e4de60f327497a68e79faad754

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2832
status: 200
content-length: 62979
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Nov 2014 12:23:45 GMT
server: cloudflare
etag: "5458c551-f603"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b729cced8cbc0-VIE
expires: Mon, 14 Sep 2020 14:56:30 GMT

GET
H/1.1 404
Not Found mudim-0.8-r126.js
mudim.googlecode.com/files/ 0
0 30ms
14ms Script
text/html 2a00:1450:400c:c00::52
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://mudim.googlecode.com/files/mudim-0.8-r126.js
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Security: , ,
Server: 2a00:1450:400c:c00::52 Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 empty.gif
illiweb.com/fa/ 42 B
161 B 10ms
10ms Image
image/gif 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/empty.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 17936051
status: 200
content-length: 42
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-2a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b729d2a17c2e5-FRA
expires: Mon, 14 Sep 2020 14:56:30 GMT

GET
H2 200 tranh_10.png
i.servimg.com/u/f49/16/89/24/22/ 817 B
927 B 16ms
16ms Image
image/png 2606:4700:30::6812:3807
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f49/16/89/24/22/tranh_10.png

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3807 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c989150dada9ab8cd2b204788e7f30ea067372f849833b9ead2938a096db9eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2832
status: 200
content-length: 817
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Nov 2014 12:23:44 GMT
server: cloudflare
etag: "5458c550-331"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b729d3feccbc0-VIE
expires: Mon, 14 Sep 2020 14:56:30 GMT

GET
H2 200 dien_d13.png
i.servimg.com/u/f49/16/89/24/22/ 811 B
889 B 20ms
15ms Image
image/png 2606:4700:30::6812:3807
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f49/16/89/24/22/dien_d13.png

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3807 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4b1ec13fc84d5296e1b1332ebff97d5e783238341bfc5adcec2e3d1631d7b09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2832
status: 200
content-length: 811
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Nov 2014 12:23:44 GMT
server: cloudflare
etag: "5458c550-32b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b729d5820cbc0-VIE
expires: Mon, 14 Sep 2020 14:56:30 GMT

GET
H2 200 tro_gi13.png
i.servimg.com/u/f49/16/89/24/22/ 750 B
828 B 27ms
23ms Image
image/png 2606:4700:30::6812:3807
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f49/16/89/24/22/tro_gi13.png

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3807 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1bd7d449c312e3f1395dade6040e69514b646a495051dbd87f6cff386239eec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2832
status: 200
content-length: 750
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Nov 2014 12:23:44 GMT
server: cloudflare
etag: "5458c550-2ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b729d5822cbc0-VIE
expires: Mon, 14 Sep 2020 14:56:30 GMT

GET
H2 200 tim_ki13.png
i.servimg.com/u/f49/16/89/24/22/ 685 B
763 B 32ms
28ms Image
image/png 2606:4700:30::6812:3807
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f49/16/89/24/22/tim_ki13.png

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3807 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec4fb05ff94d7a46463cf9920e089852f81ad10bdfd03b4f3741c88602ee00b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2832
status: 200
content-length: 685
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Nov 2014 12:23:44 GMT
server: cloudflare
etag: "5458c550-2ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b729d5823cbc0-VIE
expires: Mon, 14 Sep 2020 14:56:30 GMT

GET
H2 200 thanh_13.png
i.servimg.com/u/f49/16/89/24/22/ 789 B
868 B 19ms
15ms Image
image/png 2606:4700:30::6812:3807
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f49/16/89/24/22/thanh_13.png

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3807 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a525e9410427b0509fe2214292dcf2f342dbaaaafe41a3eb33e3b6a28688f7f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2832
status: 200
content-length: 789
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Nov 2014 12:23:44 GMT
server: cloudflare
etag: "5458c550-315"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b729d5824cbc0-VIE
expires: Mon, 14 Sep 2020 14:56:30 GMT

GET
H2 200 dang_k13.png
i.servimg.com/u/f49/16/89/24/22/ 860 B
939 B 27ms
23ms Image
image/png 2606:4700:30::6812:3807
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f49/16/89/24/22/dang_k13.png

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3807 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a2ac2019375eb1e51e20fdd63a65eb9c94964a8da0633fe76718d6d0c7decff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2832
status: 200
content-length: 860
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Nov 2014 12:23:45 GMT
server: cloudflare
etag: "5458c551-35c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b729d5825cbc0-VIE
expires: Mon, 14 Sep 2020 14:56:30 GMT

GET
H2 200 dang_n13.png
i.servimg.com/u/f49/16/89/24/22/ 861 B
940 B 19ms
16ms Image
image/png 2606:4700:30::6812:3807
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f49/16/89/24/22/dang_n13.png

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3807 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ef7a93fa3f7be107e4de1d65b50da318841b0f08bdeafff4a62277f17e7c6cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2832
status: 200
content-length: 861
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Nov 2014 12:23:45 GMT
server: cloudflare
etag: "5458c551-35d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b729d5826cbc0-VIE
expires: Mon, 14 Sep 2020 14:56:30 GMT

GET
H2

200

suspendedpage.cgi
www.sonsochu.com.vn/cgi-sys/
Redirect Chain

https://www.sonsochu.com.vn/wp-content/uploads/2017/11/banner1.png
https://www.sonsochu.com.vn/cgi-sys/suspendedpage.cgi

0
0

267ms
267ms

Image
text/html

103.74.123.4
FPT-AS-AP The Cor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sonsochu.com.vn/cgi-sys/suspendedpage.cgi
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.74.123.4 , Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS: cp123004.bkns.com.vn
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date: Sun, 15 Sep 2019 14:56:30 GMT
server: LiteSpeed
status: 302
content-type: text/html
location: https://www.sonsochu.com.vn/cgi-sys/suspendedpage.cgi
cache-control: no-cache, no-store, must-revalidate, max-age=0
alt-svc: quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length: 681

GET
H2 200 louis-10.gif
i.servimg.com/u/f11/16/90/56/73/ 18 KB
18 KB 20ms
17ms Image
image/gif 2606:4700:30::6812:3807
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f11/16/90/56/73/louis-10.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3807 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c78642b1b256f276db999a53f10c1c638abc3d01f31aadd48894c18d4bc215f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2832
status: 200
content-length: 18171
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Aug 2017 10:41:03 GMT
server: cloudflare
etag: "598843bf-46fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b729d5828cbc0-VIE
expires: Mon, 14 Sep 2020 14:56:30 GMT

GET
H2 200 21010110.gif
i.servimg.com/u/f11/16/90/56/73/ 18 KB
18 KB 31ms
28ms Image
image/gif 2606:4700:30::6812:3807
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f11/16/90/56/73/21010110.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3807 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b41fda21beefc30d61f983ea8764572e82499e3bd7ccf1d25ee0701b3acb79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2832
status: 200
content-length: 18386
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Sep 2017 02:53:31 GMT
server: cloudflare
etag: "59b0b4ab-47d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b729d5829cbc0-VIE
expires: Mon, 14 Sep 2020 14:56:30 GMT

GET
H2 200 remi970x90.png
remitano.com/banners/vn/ 29 KB
29 KB 594ms
535ms Image
image/png 2606:4700:10::6814:17fa
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://remitano.com/banners/vn/remi970x90.png
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:17fa , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c2ce2107c4196e933dd1cb15b07adb3e8245a9e6b96066562c49033aacd239f0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
cf-cache-status: MISS
last-modified: Fri, 13 Sep 2019 11:50:29 GMT
server: cloudflare
x-powered-by: Express
etag: W/"7416-16d2a75d788"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 516b729da993cba4-VIE
content-length: 29718
expires: Sun, 15 Sep 2019 18:56:30 GMT

GET
H2 200 google_service.js Show response
partner.googleadservices.com/gampad/ 1 KB
750 B 25ms
5ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/google_service.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

27860bbd92fc2f77d8f4c4b0c01ab7649cc8002ad183240e7289338d217b0566

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:12:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2626
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 373
x-xss-protection: 0
server: cafe
etag: 953604975598805376
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 15 Sep 2019 15:12:44 GMT

GET
H2 200 i_down_arrow.gif
hitsk.in/t/12/15/30/ 357 B
437 B 71ms
24ms Image
image/gif 2606:4700:30::6818:787c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hitsk.in/t/12/15/30/i_down_arrow.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6818:787c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e70a5676138000a3c1c75120e9e961af1a97d62e28a5d02ce512fc54bd7b2380

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2832
status: 200
content-length: 357
x-xss-protection: 1; mode=block
last-modified: Thu, 14 Aug 2008 14:51:53 GMT
server: cloudflare
etag: "48a44689-165"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b729d98638c8c-VIE
expires: Mon, 14 Sep 2020 14:56:30 GMT

GET
H2 200 i_icon_minipost.gif
hitsk.in/t/11/16/45/ 790 B
1 KB 67ms
20ms Image
image/gif 2606:4700:30::6818:787c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hitsk.in/t/11/16/45/i_icon_minipost.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6818:787c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

facb3e5741e7c0bdef290f3b75a5b221b30908330d428630e4bea4e1e7555ffa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2832
status: 200
content-length: 790
x-xss-protection: 1; mode=block
last-modified: Wed, 27 Oct 2010 15:00:26 GMT
server: cloudflare
etag: "4cc83e8a-316"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b729d98648c8c-VIE
expires: Mon, 14 Sep 2020 14:56:30 GMT

GET
H2 200 ban-dat-trang-bom-an-vien.jpg
www.bandatnendongnai.vn/wp-content/uploads/2019/04/ 243 KB
244 KB 814ms
263ms Image
image/jpeg 202.182.98.49
Choopa

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bandatnendongnai.vn/wp-content/uploads/2019/04/ban-dat-trang-bom-an-vien.jpg
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.182.98.49 Heiwajima, Japan, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS: 202.182.98.49.vultr.com
Software: Nginx / Bandatnendongnai
Resource Hash: 6868d74127ba9b30860f736c99cbdc77e7e4979a03d9028e525552b252d52143

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
last-modified: Thu, 18 Jul 2019 02:50:00 GMT
server: Nginx
x-powered-by: Bandatnendongnai
etag: "5d2fde58-3cc7c"
content-type: image/jpeg
status: 200
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 248956
expires: Tue, 15 Oct 2019 14:56:30 GMT

GET
H2 200 newmem10.jpg
i.servimg.com/u/f73/12/53/31/94/ 1 KB
1 KB 25ms
22ms Image
image/jpeg 2606:4700:30::6812:3807
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f73/12/53/31/94/newmem10.jpg

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3807 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c662377c5cb31fe72c72e0162b44a2cbf811720aab0a80d8cfc30aac9a1376e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2832
status: 200
content-length: 1369
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Dec 2008 04:41:08 GMT
server: cloudflare
etag: "4934bc64-559"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b729d582ccbc0-VIE
expires: Mon, 14 Sep 2020 14:56:30 GMT

GET
H2 200 icon_user_profile_en.gif
illiweb.com/fa/subsilver3/ 659 B
768 B 15ms
12ms Image
image/gif 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/subsilver3/icon_user_profile_en.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

21fdee7b0b8fe6e50ae8757d088eec9d41f83e2e6b1fafd73dea3deb5452c81e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19032552
status: 200
content-length: 659
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:02:05 GMT
server: cloudflare
etag: "5739a8ad-293"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b729d4ad4c2e5-FRA
expires: Mon, 14 Sep 2020 14:56:30 GMT

GET
H2 200 i_up_arrow.gif
hitsk.in/t/12/15/30/ 356 B
459 B 68ms
22ms Image
image/gif 2606:4700:30::6818:787c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hitsk.in/t/12/15/30/i_up_arrow.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6818:787c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8aee7e72f173d63fbd15c24521847ab7d25f3a570d1bc132d5be26653bcedd8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2832
status: 200
content-length: 356
x-xss-protection: 1; mode=block
last-modified: Thu, 14 Aug 2008 14:51:53 GMT
server: cloudflare
etag: "48a44689-164"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b729d98668c8c-VIE
expires: Mon, 14 Sep 2020 14:56:30 GMT

GET
H2

200

addthis_widget.js Show response
s7.addthis.com/js/300/
Redirect Chain

http://s7.addthis.com/js/300/addthis_widget.js
https://s7.addthis.com/js/300/addthis_widget.js

349 KB
113 KB

43ms
30ms

Script
application/javascript

23.210.248.44
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

bf39734c6b0b0aa2a63217dc803eaba3d79520d3bdd30c4018ee10a181b2b2fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 11 Sep 2019 20:38:55 GMT
server: nginx/1.15.8
etag: W/"5d795b5f-5755d"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
cache-control: public, max-age=600
date: Sun, 15 Sep 2019 14:56:30 GMT
x-host: s7.addthis.com
content-length: 115051

Redirect headers

Date: Sun, 15 Sep 2019 14:56:30 GMT
Server: nginx/1.15.8
X-Distribution: 99
Content-Type: text/html
Location: https://s7.addthis.com/js/300/addthis_widget.js
X-Host: s7.addthis.com
Connection: keep-alive
Content-Length: 171

GET
H2 200 icon_mini_search.gif
illiweb.com/fa/ 238 B
322 B 13ms
11ms Image
image/gif 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/icon_mini_search.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

605183a8594eb65a3db95a7735ad7adac28b7b9814a70334837fe630bdd8d5f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 17894895
status: 200
content-length: 238
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b729d4ad7c2e5-FRA
expires: Mon, 14 Sep 2020 14:56:30 GMT

GET
H2 200 dien_d10.gif
i.servimg.com/u/f49/16/89/24/22/ 21 KB
21 KB 20ms
18ms Image
image/gif 2606:4700:30::6812:3807
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f49/16/89/24/22/dien_d10.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3807 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

79da493095f8897605de282590eb6f2746fe9a72a0d4c2a499b048565a04ede6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2832
status: 200
content-length: 21600
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Nov 2014 12:23:46 GMT
server: cloudflare
etag: "5458c552-5460"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b729d582fcbc0-VIE
expires: Mon, 14 Sep 2020 14:56:30 GMT

GET
H2 200 remi200x200.png
remitano.com/banners/vn/ 26 KB
26 KB 595ms
537ms Image
image/png 2606:4700:10::6814:17fa
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://remitano.com/banners/vn/remi200x200.png
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:17fa , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 80e452e1f9cc09e9f4afc6ea675ffd329c0c375af071ccd3dde49e9e3f8c3be0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
cf-cache-status: MISS
last-modified: Fri, 13 Sep 2019 11:50:29 GMT
server: cloudflare
x-powered-by: Express
etag: W/"6687-16d2a75d788"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 516b729da997cba4-VIE
content-length: 26247
expires: Sun, 15 Sep 2019 18:56:30 GMT

GET
H2

200

suspendedpage.cgi
www.sonsochu.com.vn/cgi-sys/
Redirect Chain

https://www.sonsochu.com.vn/wp-content/uploads/2017/11/banners-2.png
https://www.sonsochu.com.vn/cgi-sys/suspendedpage.cgi

0
0

264ms
264ms

Image
text/html

103.74.123.4
FPT-AS-AP The Cor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sonsochu.com.vn/cgi-sys/suspendedpage.cgi
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.74.123.4 , Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS: cp123004.bkns.com.vn
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date: Sun, 15 Sep 2019 14:56:30 GMT
server: LiteSpeed
status: 302
content-type: text/html
location: https://www.sonsochu.com.vn/cgi-sys/suspendedpage.cgi
cache-control: no-cache, no-store, must-revalidate, max-age=0
alt-svc: quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length: 681

GET
H2 200 louis-11.gif
i.servimg.com/u/f11/16/90/56/73/ 34 KB
34 KB 21ms
20ms Image
image/gif 2606:4700:30::6812:3807
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f11/16/90/56/73/louis-11.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3807 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbdded36da71b3cd95ebcc0e44adca2e2f6e92cfdf60635d94735a96308f48a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2832
status: 200
content-length: 34551
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Aug 2017 10:43:43 GMT
server: cloudflare
etag: "5988445f-86f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b729d5831cbc0-VIE
expires: Mon, 14 Sep 2020 14:56:30 GMT

GET
H2 200 goldma10.jpg
i.servimg.com/u/f11/16/90/56/73/ 32 KB
32 KB 25ms
24ms Image
image/jpeg 2606:4700:30::6812:3807
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f11/16/90/56/73/goldma10.jpg

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3807 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed46ff2bc02a51fa12d7e3223b20001a4ed8cf5acfcbfc8e9786996745f0adcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2832
status: 200
content-length: 32680
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Aug 2017 10:02:38 GMT
server: cloudflare
etag: "5994183e-7fa8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b729d5835cbc0-VIE
expires: Mon, 14 Sep 2020 14:56:30 GMT

GET
H2 200 all.js Show response
connect.facebook.net/vi_VN/ 187 KB
56 KB 22ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/all.js?hash=c79d113055d2bb4296b0df379b20d7dd&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

732c12aebb5b2bf8f7391cff1a38844f27453dd0b9f91369d7d120d6b1ad4964

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: cors
Referer: http://nhadat.forum.st/t92156-topic
Origin: http://nhadat.forum.st
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ie5Ggksw3ARc74u+UCU4Aw==
status: 200
content-length: 56477
etag: "ecbe6643a54ac06bb02bd17a1ac7d2b7"
x-fb-debug: slOEwH4wkX9jSLUb3f2vtVBQ8Ty3qsxopqjN3zyyy4KozIC8BvOcukSx7ELFW+qSrZaJYK+XZ7FAEzUQK3ghyw==
x-fb-trip-id: 420120009
x-fb-content-md5: 4906c68ba607d450241c5aa9f19474ad
x-frame-options: DENY
date: Sun, 15 Sep 2019 14:56:30 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Mon, 14 Sep 2020 13:17:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:819::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144347007-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 777
date: Sun, 15 Sep 2019 14:43:33 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17803
expires: Sun, 15 Sep 2019 16:43:33 GMT

GET
H/1.1 200
OK loader.js Show response
cdn.taboola.com/libtrc/forforumotion-vi/ 64 KB
18 KB 110ms
103ms Script
application/javascript 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/libtrc/forforumotion-vi/loader.js
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Security: , ,
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 341c18f0561ecad04421132132fdd7306fa3134f65aa6e7e4a0a8b78dd929051

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: 7L.p.klH3dM9grh.mNQTo9hZBR7XkSI8
Content-Encoding: gzip
ETag: "1738146ca3e16eae031224532cfa1eb7"
Age: 0
X-Cache: HIT
Connection: keep-alive
Content-Length: 17615
x-amz-id-2: zww5ePz5EeWKXDAAr0CNwR3nbaOSba2xpm9/x8LmfDpdx6Y8G9JApvvNeG5U5oFIn2GxNpjnQsk=
X-Served-By: cache-hhn4048-HHN
Last-Modified: Wed, 11 Sep 2019 14:55:29 GMT
Server: AmazonS3
X-Timer: S1568559390.328215,VS0,VE98
Date: Sun, 15 Sep 2019 14:56:30 GMT
Vary: Accept-Encoding
x-amz-request-id: A7D80827D2B65B0D
Via: 1.1 varnish
Cache-Control: private,max-age=14401
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
abp: 55
X-Cache-Hits: 1

POST
H/1.1 204
No Content cdb Show response
bidder.criteo.com/ 0
212 B 30ms
15ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: http://bidder.criteo.com/cdb?ptv=68&profileId=206&cb=69358553591
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: HTTP/1.1
Security: , ,
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: http://nhadat.forum.st
date: Sun, 15 Sep 2019 14:56:29 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/api2/v1566858990656/ 264 KB
92 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:817::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/api2/v1566858990656/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

bd3cad6b7ba79270dee54a5ba1482ac6b522b147dc8f9d04791050711ada7865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 07:38:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Aug 2019 23:45:00 GMT
server: sffe
age: 1408708
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 94196
x-xss-protection: 0
expires: Sat, 29 Aug 2020 07:38:02 GMT

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

5ms
5ms

Script
text/javascript

2a00:1450:4001:819::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 2722
date: Sun, 15 Sep 2019 14:11:08 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17168
expires: Sun, 15 Sep 2019 16:11:08 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 404
Not Found mudim-0.8-r126.js
mudim.googlecode.com/files/ 0
0 15ms
14ms Script
text/html 2a00:1450:400c:c00::52
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://mudim.googlecode.com/files/mudim-0.8-r126.js
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Security: , ,
Server: 2a00:1450:400c:c00::52 Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 bg_header.gif
illiweb.com/fa/prosilver/ 682 B
766 B 11ms
10ms Image
image/gif 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/prosilver/bg_header.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cdfe222dd349c5abe81b9b8c535d16c1c5d6b04950651558ca41d4078e30d00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/0-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1168340
status: 200
content-length: 682
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-2aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b729d4accc2e5-FRA
expires: Mon, 14 Sep 2020 14:56:30 GMT

GET
H2 200 corners_left.gif
illiweb.com/fa/prosilver/ 55 B
139 B 12ms
11ms Image
image/gif 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/prosilver/corners_left.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3c89e05bf4302b8521538f38f4117d88f59e34a3251b9daa330a1ac1bbfe23b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/0-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10586073
status: 200
content-length: 55
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-37"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b729d4acec2e5-FRA
expires: Mon, 14 Sep 2020 14:56:30 GMT

GET
H2 200 corners_right.gif
illiweb.com/fa/prosilver/ 54 B
161 B 11ms
11ms Image
image/gif 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/prosilver/corners_right.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e004ee77cdd0e83653c2bd53ed833fe6a25d73e2371ece3d081f1c2b16de2478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/0-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19032885
status: 200
content-length: 54
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:00:36 GMT
server: cloudflare
etag: "5739a854-36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b729d4ad2c2e5-FRA
expires: Mon, 14 Sep 2020 14:56:30 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
476 B 29ms
16ms Script
application/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nhadat.forum.st

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 15 Sep 2019 14:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
323 B 18ms
18ms Script
application/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nhadat.forum.st

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 15 Sep 2019 14:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/ 222 KB
82 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

794fe0486515f44881ce168acf0fb4ba478b6971fe3448ae96176f50075fadca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 84018
x-xss-protection: 0
server: cafe
etag: 7346031692830552506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Sep 2019 14:56:30 GMT

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/ Frame 64E9 222 KB
82 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

794fe0486515f44881ce168acf0fb4ba478b6971fe3448ae96176f50075fadca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 84018
x-xss-protection: 0
server: cafe
etag: 7346031692830552506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Sep 2019 14:56:30 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190911/r20190131/ Frame 5B83 0
0 6ms
6ms Document
text/html 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20190911/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20190911/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://nhadat.forum.st/t92156-topic
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t92156-topic

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 12 Sep 2019 14:01:50 GMT
expires: Thu, 26 Sep 2019 14:01:50 GMT
content-type: text/html; charset=UTF-8
etag: 14866779439905550351
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 7273
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 262480
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 sprite_prosilver_navbar.png
illiweb.com/fa/ 3 KB
3 KB 16ms
16ms Image
image/png 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/sprite_prosilver_navbar.png

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

913bbda58746d2834fa514a1960eddd741c0dad41288fdcca43afb0203fde631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/0-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 18878257
status: 200
content-length: 2994
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:01:50 GMT
server: cloudflare
etag: "5739a89e-bb2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b729d6b3cc2e5-FRA
expires: Mon, 14 Sep 2020 14:56:30 GMT

GET
H2 200 bg_button.gif
illiweb.com/fa/prosilver/ 174 B
259 B 12ms
12ms Image
image/gif 2606:4700:e2::ac40:8a18
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/prosilver/bg_button.gif

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e8a79a702c74305fd3a2a0e10d8fadc1752d72ea159b0a4b25825acf3ef42ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/0-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 17898816
status: 200
content-length: 174
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b729d6b3ec2e5-FRA
expires: Mon, 14 Sep 2020 14:56:30 GMT

GET
H/1.1 200
OK pixel.gif
static.criteo.net/images/ 43 B
400 B 36ms
18ms Image
image/gif 178.250.2.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Security: , ,
Server: 178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 15 Sep 2019 14:56:30 GMT
Last-Modified: Tue, 09 Dec 2008 16:52:36 GMT
Server: nginx
ETag: "493ea254-2b"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=31104000, public
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 43
Expires: Wed, 09 Sep 2020 14:56:30 GMT

GET
H/1.1 200
OK pixel.gif
static.criteo.net/images/ 43 B
400 B 38ms
19ms Image
image/gif 178.250.2.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Security: , ,
Server: 178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 15 Sep 2019 14:56:30 GMT
Last-Modified: Tue, 09 Dec 2008 16:52:36 GMT
Server: nginx
ETag: "493ea254-2b"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=31104000, public
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 43
Expires: Wed, 09 Sep 2020 14:56:30 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 94 KB
28 KB 12ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Security: , ,
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40B4) /
Resource Hash: 01d6aaec4ff29f98c9a96f9ecdeffa2168e4f8e3e4e2ca8ee9aa73e858f38323

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 15 Sep 2019 14:56:30 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Sep 2019 22:21:05 GMT
Server: ECS (fcn/40B4)
Etag: "e1e1dc1ca60d338ed4a19d4b34207784+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28436

GET
H2 200 all.js Show response
connect.facebook.net/vi_VI/ 3 KB
2 KB 57ms
57ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VI/all.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

7cab80216e76ca45311b4ab451d8cdf7466633adbdb01feb967e6361ee6998c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ECHAf/6xogunGg3gAzd7MA==
status: 200
content-length: 1779
etag: "166e7ffe664b51db6a77a9f5b97ff006"
x-fb-debug: qjaP8brjxaaq/F1qJneI4cjCm1krPD7g6yg4s21BI70mMToIhTT43Nj54CqGwqvrTpI2tCF0/hQWqXT664HkRQ==
x-fb-trip-id: 420120009
x-fb-content-md5: 1caa84aadcb80508cdee423549401a11
x-frame-options: DENY
date: Sun, 15 Sep 2019 14:56:30 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 15 Sep 2019 15:16:30 GMT

GET
H2

200

i_icon_online.gif
hitsk.in/t/12/15/30/
Redirect Chain

http://hitsk.in/t/12/15/30/i_icon_online.gif
https://hitsk.in/t/12/15/30/i_icon_online.gif

5 KB
6 KB

15ms
15ms

Image
image/gif

2606:4700:30::6818:787c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hitsk.in/t/12/15/30/i_icon_online.gif

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6818:787c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c8290b8ae9591719ec9f329dd17790a6b7e633ebd941deca3467285b97e3f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://nhadat.forum.st/0-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2832
status: 200
content-length: 5573
x-xss-protection: 1; mode=block
last-modified: Wed, 27 Oct 2010 15:49:48 GMT
server: cloudflare
etag: "4cc84a1c-15c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 516b729e88e38c8c-VIE
expires: Mon, 14 Sep 2020 14:56:30 GMT

Redirect headers

Date: Sun, 15 Sep 2019 14:56:30 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Server: cloudflare
Vary: Accept-Encoding
Location: https://hitsk.in/t/12/15/30/i_icon_online.gif
Cache-Control: no-cache
Connection: keep-alive
CF-RAY: 516b729dba3b594c-VIE
Content-Length: 0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame C373 40 KB
13 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cafcc9a51d760f8caf35209bffaa361d8be982ef5018292042d789b8433dd2b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "279 / 934 of 1000 / last-modified: 1568323734"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 12668
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:56:30 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=821553078&t=pageview&_s=1&dl=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&ul=en-us&de=UTF-8&dt=%C6%AFu%20%C4%91%C3%A3i%2C%203%20su%E1%BA%A5t%2...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-144347007-1&cid=811161483.1568559390&jid=838254249&_gid=1535319964.1568559390&gjid=1641476315&_v=j79&z=484193406
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144347007-1&cid=811161483.1568559390&jid=838254249&_v=j79&z=484193406
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144347007-1&cid=811161483.1568559390&jid=838254249&_v=j79&z=484193406&slf_rd=1&random=3569330026

42 B
109 B

30ms
29ms

Image
image/gif

2a00:1450:4001:81c::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144347007-1&cid=811161483.1568559390&jid=838254249&_v=j79&z=484193406&slf_rd=1&random=3569330026

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Sep 2019 14:56:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 15 Sep 2019 14:56:30 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144347007-1&cid=811161483.1568559390&jid=838254249&_v=j79&z=484193406&slf_rd=1&random=3569330026
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 3D59 0
0 30ms
29ms Document
text/html 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1679833670506844&output=html&adk=4230865854&adf=2465371114&lmt=1568559390&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&ea=0&flash=0&pra=5&wgl=1&dt=1568559390291&bpp=7&bdt=161&fdt=92&idt=93&shv=r20190911&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=8137795696527&frm=20&pv=2&ga_vid=811161483.1568559390&ga_sid=1568559390&ga_hid=821553078&ga_fc=0&iag=0&icsg=10784&dssz=45&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=423550201&oid=3&pg_h=1404&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=0.ps1admteej8v&fsb=1&dtd=108

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1679833670506844&output=html&adk=4230865854&adf=2465371114&lmt=1568559390&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&ea=0&flash=0&pra=5&wgl=1&dt=1568559390291&bpp=7&bdt=161&fdt=92&idt=93&shv=r20190911&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=8137795696527&frm=20&pv=2&ga_vid=811161483.1568559390&ga_sid=1568559390&ga_hid=821553078&ga_fc=0&iag=0&icsg=10784&dssz=45&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=423550201&oid=3&pg_h=1404&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=0.ps1admteej8v&fsb=1&dtd=108
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://nhadat.forum.st/t92156-topic
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t92156-topic

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 15 Sep 2019 14:56:30 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 15-Sep-2019 15:11:30 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
expires: Sun, 15 Sep 2019 14:56:30 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 77 KB
29 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fa6c0d77f097497e1a53b31c22f0aac13947e9a7a72a5202806411bebf7c916a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568373336498356"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29135
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:56:30 GMT

GET
H2 200 xd_arbiter.php
staticxx.facebook.com/connect/ Frame A6AC 0
0 7ms
6ms Document
text/html 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/all.js?hash=c79d113055d2bb4296b0df379b20d7dd&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter.php?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://nhadat.forum.st/t92156-topic
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t92156-topic

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Sat, 12 Sep 2020 19:10:09 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: JqXfjpbU40RvdQjylLmE8fu2IubWbqLxAJX5PYbDtYIMOan4M8lN2PcgVQDDA1OkT0RUKyegEhbqhi2zbjerbQ==
content-length: 11704
x-fb-trip-id: 420120009
date: Sun, 15 Sep 2019 14:56:30 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 8623 40 KB
12 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cafcc9a51d760f8caf35209bffaa361d8be982ef5018292042d789b8433dd2b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "279 / 124 of 1000 / last-modified: 1568323734"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 12668
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:56:30 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 9B9C 40 KB
12 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cafcc9a51d760f8caf35209bffaa361d8be982ef5018292042d789b8433dd2b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "279 / 964 of 1000 / last-modified: 1568323734"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 12668
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:56:30 GMT

GET
H2

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1953576079&utmhn=nhadat.forum.st&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C6%A...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1953576079&utmhn=nhadat.forum.st&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C6%...

35 B
111 B

15ms
14ms

Image
image/gif

2a00:1450:4001:819::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1953576079&utmhn=nhadat.forum.st&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C6%AFu%20%C4%91%C3%A3i%2C%203%20su%E1%BA%A5t%20ngo%E1%BA%A1i%20giao%20%C4%91%E1%BA%A5t%20n%E1%BB%81n%20th%E1%BB%95%20c%C6%B0%20tr%E1%BA%A3ng%20bom%20gi%C3%A1%20r%E1%BA%BB&utmhid=821553078&utmr=-&utmp=%2Ft92156-topic&utmht=1568559390454&utmac=UA-26327096-1&utmcc=__utma%3D258443733.811161483.1568559390.1568559390.1568559390.1%3B%2B__utmz%3D258443733.1568559390.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1364990823&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQBAAAE~

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Sep 2019 14:56:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1953576079&utmhn=nhadat.forum.st&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C6%AFu%20%C4%91%C3%A3i%2C%203%20su%E1%BA%A5t%20ngo%E1%BA%A1i%20giao%20%C4%91%E1%BA%A5t%20n%E1%BB%81n%20th%E1%BB%95%20c%C6%B0%20tr%E1%BA%A3ng%20bom%20gi%C3%A1%20r%E1%BA%BB&utmhid=821553078&utmr=-&utmp=%2Ft92156-topic&utmht=1568559390454&utmac=UA-26327096-1&utmcc=__utma%3D258443733.811161483.1568559390.1568559390.1568559390.1%3B%2B__utmz%3D258443733.1568559390.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1364990823&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQBAAAE~
Non-Authoritative-Reason: HSTS

GET
H2

200

__utm.gif
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1868618900&utmhn=nhadat.forum.st&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C6%AFu...
https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1868618900&utmhn=nhadat.forum.st&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C6%AF...

35 B
109 B

6ms
6ms

Image
image/gif

2a00:1450:4001:819::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1868618900&utmhn=nhadat.forum.st&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C6%AFu%20%C4%91%C3%A3i%2C%203%20su%E1%BA%A5t%20ngo%E1%BA%A1i%20giao%20%C4%91%E1%BA%A5t%20n%E1%BB%81n%20th%E1%BB%95%20c%C6%B0%20tr%E1%BA%A3ng%20bom%20gi%C3%A1%20r%E1%BA%BB&utmhid=821553078&utmr=-&utmp=%2Ft92156-topic&utmht=1568559390457&utmac=UA-26327096-1&utmcc=__utma%3D258443733.811161483.1568559390.1568559390.1568559390.1%3B%2B__utmz%3D258443733.1568559390.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qAAAAAAAAAAAAAAAQAQBAAAE~

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Sep 2019 20:29:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1016818
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1868618900&utmhn=nhadat.forum.st&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C6%AFu%20%C4%91%C3%A3i%2C%203%20su%E1%BA%A5t%20ngo%E1%BA%A1i%20giao%20%C4%91%E1%BA%A5t%20n%E1%BB%81n%20th%E1%BB%95%20c%C6%B0%20tr%E1%BA%A3ng%20bom%20gi%C3%A1%20r%E1%BA%BB&utmhid=821553078&utmr=-&utmp=%2Ft92156-topic&utmht=1568559390457&utmac=UA-26327096-1&utmcc=__utma%3D258443733.811161483.1568559390.1568559390.1568559390.1%3B%2B__utmz%3D258443733.1568559390.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qAAAAAAAAAAAAAAAQAQBAAAE~
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK vglnk.js Show response
cdn.viglink.com/api/ 78 KB
28 KB 36ms
23ms Script
text/javascript 2606:4700::6810:a20d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.viglink.com/api/vglnk.js
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700::6810:a20d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27a1b8a51741d0473ab2eab70188657fd20d755ba84e0b3e6a51e6f94d7e3a4b

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 15 Sep 2019 14:56:30 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 1706495
CF-RAY: 516b729ead218c86-VIE
Connection: keep-alive
Content-Length: 27531
x-amz-id-2: QQEpphTl7TxKUL6dQMqJ/Q57rCsnyZunZv5Vk6t1uzRmKAfzGf4hFzJt65dol/WwwvmfCmRIcnw=
Last-Modified: Mon, 29 Jul 2019 20:54:38 GMT
Server: cloudflare
ETag: "bdefbb6abea5b94d18f16f50ec3ebaae"
Vary: Accept-Encoding
x-amz-request-id: 4E5EC98B2C1F3F7D
Cache-Control: public, max-age=1800
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Sun, 15 Sep 2019 15:26:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
822 B 29ms
17ms Font
text/css 2a00:1450:4001:81a::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

2b7caf43d9c84f7b05243a68e7bc41555f0b873a115a1e1c691f86bed97dd4d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://nhadat.forum.st/t92156-topic
Origin: http://nhadat.forum.st
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sun, 15 Sep 2019 14:56:30 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Sun, 15 Sep 2019 14:56:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:56:30 GMT

GET
H2 200 like.php
www.facebook.com/plugins/ Frame C2DA 0
0 57ms
57ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?locale=en_GB&href=http%3A%2F%2Fnhadat.forum.st%2Ft92156-&send=false&layout=standard&width=60&show_faces=false&action=like&colorscheme=light&font&height=60

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?locale=en_GB&href=http%3A%2F%2Fnhadat.forum.st%2Ft92156-&send=false&layout=standard&width=60&show_faces=false&action=like&colorscheme=light&font&height=60
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://nhadat.forum.st/t92156-topic
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t92156-topic

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: l94ELhRnCRYS6qDi/9kg+utb9AOogXEK8bnfo0vZiCBQhOfLLWhOB11t2c6dZAxaovMCBkdrrgkVt5TXTPpEpw==
date: Sun, 15 Sep 2019 14:56:30 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 94 KB
28 KB 24ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js?_=1568559390490
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E1) /
Resource Hash: 01d6aaec4ff29f98c9a96f9ecdeffa2168e4f8e3e4e2ca8ee9aa73e858f38323

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 15 Sep 2019 14:56:30 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Sep 2019 22:21:05 GMT
Server: ECS (fcn/40E1)
Etag: "e1e1dc1ca60d338ed4a19d4b34207784+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28436

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 31ms
31ms Fetch
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=350870611723837&input_token&origin=1&redirect_uri=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/all.js?hash=c79d113055d2bb4296b0df379b20d7dd&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: cors
Referer: http://nhadat.forum.st/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
status: 200
content-length: 0
pragma: no-cache
x-fb-debug: geI4uzY22DSFdhsWAZCvvIyDC6PwNQ+LCzpx+K4f0Jdt5QT8Bv1MHE4ftswsWNK8DIal/LAKPKl+ghLZd7+62A==
fb-s: unknown
cache-control: private, no-cache, no-store, must-revalidate
date: Sun, 15 Sep 2019 14:56:30 GMT
x-frame-options: DENY
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://nhadat.forum.st
access-control-expose-headers: fb-s
fb-error-description: "This endpoint may only be called from an HTTPS Origin."
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 connect.js Show response
connect.topicit.net/scripts/ 3 KB
2 KB 63ms
20ms Script
application/javascript 2606:4700:30::681c:e2
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.topicit.net/scripts/connect.js

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:e2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

39ce845fc0203d4cb00559dff89d9448765e0ebd65ebbaf76623cc9850827542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1453
cf-polished: origSize=5437
status: 200
last-modified: Tue, 27 Aug 2019 14:04:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
etag: W/"5d653880-153d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 516b729eef49cbb0-VIE
expires: Mon, 16 Sep 2019 14:56:30 GMT

GET
H2 200 like.php
www.facebook.com/plugins/ Frame 2EC3 0
0 70ms
70ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?action=like&app_id=350870611723837&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df3576000a4f37f%26domain%3Dnhadat.forum.st%26origin%3Dhttp%253A%252F%252Fnhadat.forum.st%252Ff2f398b2b0256e%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&layout=button_count&locale=vi_VN&sdk=joey&share=false&show_faces=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/all.js?hash=c79d113055d2bb4296b0df379b20d7dd&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?action=like&app_id=350870611723837&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df3576000a4f37f%26domain%3Dnhadat.forum.st%26origin%3Dhttp%253A%252F%252Fnhadat.forum.st%252Ff2f398b2b0256e%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&layout=button_count&locale=vi_VN&sdk=joey&share=false&show_faces=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://nhadat.forum.st/t92156-topic
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t92156-topic

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: 3d+teuwRNxEoy4IgC5FV9/VxZtXKRGApLqvWyGsbwTph6i2Px+wyLHcoIIcUPP3T+pOBCxTIdp8P6QbjQ3qkgA==
date: Sun, 15 Sep 2019 14:56:30 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/forumotion/ 166 B
373 B 25ms
23ms Script
application/javascript 23.210.248.44
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/forumotion/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.8.v20180619) /
Resource Hash: 4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
surrogate-key: forumotion
server: Jetty(9.4.8.v20180619)
etag: 659743217
cache-tag: forumotion
status: 200
cache-control: public, max-age=8, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-type: application/javascript;charset=utf-8
content-length: 166

GET
H/1.1 200
OK widget_iframe.d9084ca5af1ffbe01c8d444cfadfa6fe.html
platform.twitter.com/widgets/ Frame 6CE2 0
0 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.d9084ca5af1ffbe01c8d444cfadfa6fe.html?origin=http%3A%2F%2Fnhadat.forum.st
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40DE) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: http://nhadat.forum.st/t92156-topic
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t92156-topic

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 15 Sep 2019 14:56:30 GMT
Etag: "7d3f6ed140174a20e7c8be261a70a863+gzip"
Last-Modified: Mon, 09 Sep 2019 22:11:15 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40DE)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5816

GET
H2 200 pubads_impl_2019082901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame C373 158 KB
59 KB 15ms
14ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

ec6c461b6a7da1d28c5bb10b93c755c080ccdaed59821bdf1076bdc3866cc956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Aug 2019 13:06:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 59716
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:56:30 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame C373 113 B
178 B 16ms
16ms Script
application/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=nhadat.forum.st

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 15 Sep 2019 14:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 108
x-xss-protection: 0

GET
H/1.1 200
OK impl.20190911-24-RELEASE.js Show response
cdn.taboola.com/libtrc/ 393 KB
112 KB 5ms
5ms Script
application/javascript 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/libtrc/impl.20190911-24-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/forforumotion-vi/loader.js
Protocol: HTTP/1.1
Security: , ,
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 079c6baf748d3b543bd11d58558f93c92619dfc023b34b66a1c3648a4f01feee

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: Blzyav7I7Fqr90naydKIw6WeS8AJ8pk2
Content-Encoding: gzip
ETag: "46435c29fa55e5bb182a8089f8899af1"
Age: 65
X-Cache: HIT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 113770
x-amz-id-2: TpwWJhvTI2hPC4MqvfN6kcPHT+HJbADzqUA74zo+2QRKfb2VA14qMvLQnsDazZSdOLTYf5jCbYo=
X-Served-By: cache-hhn4048-HHN
Last-Modified: Wed, 11 Sep 2019 13:41:59 GMT
Server: AmazonS3
X-Timer: S1568559391.549722,VS0,VE0
Date: Sun, 15 Sep 2019 14:56:30 GMT
Vary: Accept-Encoding
x-amz-request-id: F64D595A7D85A57A
Via: 1.1 varnish
Cache-Control: private,max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
abp: 67
X-Cache-Hits: 449

GET
H/1.1 200
OK beacon.js Show response
b.scorecardresearch.com/ 1 KB
1 KB 12ms
6ms Script
application/x-javascript 2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://b.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/forforumotion-vi/loader.js
Protocol: HTTP/1.1
Security: , ,
Server: 2.16.186.80 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 15 Sep 2019 14:56:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 901
Expires: Mon, 16 Sep 2019 14:56:30 GMT

GET
H2 200 pubads_impl_2019082901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 8623 158 KB
58 KB 14ms
13ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

ec6c461b6a7da1d28c5bb10b93c755c080ccdaed59821bdf1076bdc3866cc956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Aug 2019 13:06:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 59716
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:56:30 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame 8623 113 B
175 B 15ms
15ms Script
application/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=nhadat.forum.st

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 15 Sep 2019 14:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 108
x-xss-protection: 0

GET
H2 200 pubads_impl_2019082901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 9B9C 158 KB
58 KB 14ms
13ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

ec6c461b6a7da1d28c5bb10b93c755c080ccdaed59821bdf1076bdc3866cc956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Aug 2019 13:06:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 59716
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:56:30 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame 9B9C 113 B
175 B 15ms
15ms Script
application/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=nhadat.forum.st

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 15 Sep 2019 14:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 108
x-xss-protection: 0

GET
H/1.1 200
OK button.fc9ebf951a9289ff2153fdd98b8fd4a4.js Show response
platform.twitter.com/js/ 7 KB
3 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.fc9ebf951a9289ff2153fdd98b8fd4a4.js
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40FE) /
Resource Hash: 713ee1f99eb3fea3d726a797e55dcc0b6b8ab5eb1db72bc2ac7430d6c6c5e1c5

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 15 Sep 2019 14:56:30 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Sep 2019 22:11:07 GMT
Server: ECS (fcn/40FE)
Etag: "0f356c4c57ab07dd2a1b3edb361aa130+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 2294

GET
H/1.1 200
OK pixel.gif
cdn.viglink.com/images/ 43 B
551 B 22ms
22ms Image
image/gif 2606:4700::6810:a20d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.viglink.com/images/pixel.gif?ch=1&rn=8.429015377489364
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700::6810:a20d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 15 Sep 2019 14:56:30 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 10 Feb 2015 03:29:39 GMT
Server: cloudflare
Age: 3
ETag: "221d8352905f2c38b3cb2bd191d630b0"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=15, must-revalidate
Content-Length: 43
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 516b729f3d758c86-VIE
x-amz-request-id: 17C4A8DE225C39CC
x-amz-id-2: 7zuEfQ4DpkW+9tJkXi8rP8iettvh+76JESNEiC2oce55OzYsGCX5L7L3JH9FaLiL2fA40c84AC0=

GET
H/1.1 200
OK pixel.gif
cdn.viglink.com/images/ 43 B
551 B 34ms
22ms Image
image/gif 2606:4700::6810:a20d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.viglink.com/images/pixel.gif?ch=2&rn=8.429015377489364
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700::6810:a20d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 15 Sep 2019 14:56:30 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 10 Feb 2015 03:29:39 GMT
Server: cloudflare
Age: 3
ETag: "221d8352905f2c38b3cb2bd191d630b0"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=15, must-revalidate
Content-Length: 43
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 516b729f5a0ccbcc-VIE
x-amz-request-id: 17C4A8DE225C39CC
x-amz-id-2: 7zuEfQ4DpkW+9tJkXi8rP8iettvh+76JESNEiC2oce55OzYsGCX5L7L3JH9FaLiL2fA40c84AC0=

GET
H2 200 client.vi.min.json Show response
s7.addthis.com/l10n/ 4 KB
2 KB 26ms
13ms XHR
application/json 23.210.248.44
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/l10n/client.vi.min.json

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

177956c92b2e1a8845baa7dd3f06d8ae1f1b5181563566710e6eef565888028a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode: cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 20 Aug 2019 19:33:54 GMT
server: nginx/1.15.8
status: 200
etag: W/"5d5c4b22-e76"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, s-maxage=604800
date: Sun, 15 Sep 2019 14:56:30 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 1664

GET
H/1.1

204
No Content

b2
b.scorecardresearch.com/
Redirect Chain

http://b.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1568559390614&ns_c=UTF-8&cv=3.1&c8=%C6%AFu%20%C4%91%C3%A3i%2C%203%20su%E1%BA%A5t%20ngo%E1%BA%A1i%20giao%20%C4%91%E1%BA%A5t%20n...
http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1568559390614&ns_c=UTF-8&cv=3.1&c8=%C6%AFu%20%C4%91%C3%A3i%2C%203%20su%E1%BA%A5t%20ngo%E1%BA%A1i%20giao%20%C4%91%E1%BA%A5t%20...

0
248 B

6ms
6ms

Image
text/plain

2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1568559390614&ns_c=UTF-8&cv=3.1&c8=%C6%AFu%20%C4%91%C3%A3i%2C%203%20su%E1%BA%A5t%20ngo%E1%BA%A1i%20giao%20%C4%91%E1%BA%A5t%20n%E1%BB%81n%20th%E1%BB%95%20c%C6%B0%20tr%E1%BA%A3ng%20bom%20gi%C3%A1%20r%E1%BA%BB&c7=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&c9=
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Security: , ,
Server: 2.16.186.80 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 15 Sep 2019 14:56:30 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1568559390614&ns_c=UTF-8&cv=3.1&c8=%C6%AFu%20%C4%91%C3%A3i%2C%203%20su%E1%BA%A5t%20ngo%E1%BA%A1i%20giao%20%C4%91%E1%BA%A5t%20n%E1%BB%81n%20th%E1%BB%95%20c%C6%B0%20tr%E1%BA%A3ng%20bom%20gi%C3%A1%20r%E1%BA%BB&c7=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&c9=
Pragma: no-cache
Date: Sun, 15 Sep 2019 14:56:30 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C373 4 KB
3 KB 192ms
192ms XHR
text/plain 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1767761420931641&correlator=279323226533278&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fif&eid=21061864%2C21062724%2C21063818%2C21064545&vrg=2019082901&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=0&sfv=1-0-35&ecs=20190915&iu=%2F3324476%2F728x90-top&sz=728x90&eri=6&cookie_enabled=1&bc=23&lmt=1568559390&dt=1568559390652&dlt=1568559390337&idt=280&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=2&adx=322&ady=488&adk=1505497364&uci=wq2wv8iyg5ac&ifi=1&ifk=2529259803&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&top=nhadat.forum.st&dssz=2&icsg=10&std=0&vis=1&scr_x=0&scr_y=0&blev=1&bisch=1&ga_vid=811161483.1568559390&ga_sid=1568559390&ga_hid=1602339232&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

622ec32e5d5ea993ed155d0c21ae43799507b27ba243e8bfe7b801a30cf7e6d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 2193
x-xss-protection: 0
google-lineitem-id: 2395396
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 101399525116
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://nhadat.forum.st
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019082901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame C373 66 KB
25 KB 14ms
14ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

05e529a757d25aa9d160d28e57c20041eee3f973870c0f0ad4ac7c21937254b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Aug 2019 13:06:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 25315
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:56:30 GMT

GET container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame C373 0
0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 8623 4 KB
2 KB 193ms
192ms XHR
text/plain 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3533525549998245&correlator=478645982147380&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fif&eid=21063964%2C21064526&vrg=2019082901&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=0&sfv=1-0-35&ecs=20190915&iu=%2F3324476%2F300x250&sz=300x250&eri=6&cookie_enabled=1&bc=23&lmt=1568559390&dt=1568559390700&dlt=1568559390432&idt=258&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adx=354&ady=1569&adk=3788786385&uci=eputh54z6806&ifi=1&ifk=3508167448&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&top=nhadat.forum.st&dssz=2&icsg=10&std=0&vis=1&scr_x=0&scr_y=0&blev=1&bisch=1&ga_vid=811161483.1568559390&ga_sid=1568559390&ga_hid=200593471&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

a928550576e6dc33ebb06e0f2e807b6bf350b118e0cf39b44eb5301831d00b5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 1991
x-xss-protection: 0
google-lineitem-id: 2378356
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138237774710
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://nhadat.forum.st
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019082901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 8623 66 KB
25 KB 14ms
14ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

05e529a757d25aa9d160d28e57c20041eee3f973870c0f0ad4ac7c21937254b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Aug 2019 13:06:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 25315
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:56:30 GMT

GET container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame 8623 0
0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 9B9C 8 KB
5 KB 167ms
166ms XHR
text/plain 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1000266181663847&correlator=1233777962194120&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fif&eid=21062415%2C21063817&vrg=2019082901&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=0&sfv=1-0-35&ecs=20190915&iu=%2F3324476%2F300x250&sz=300x250&eri=6&cookie_enabled=1&bc=23&lmt=1568559390&dt=1568559390741&dlt=1568559390436&idt=298&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adx=718&ady=1569&adk=3788786385&uci=b3ivjl4bzy1j&ifi=1&ifk=3508167448&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&top=nhadat.forum.st&dssz=2&icsg=10&std=0&vis=1&scr_x=0&scr_y=0&blev=1&bisch=1&ga_vid=811161483.1568559390&ga_sid=1568559390&ga_hid=901257927&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

8873006f9510990782c1b977f37fa659415d5377fbe4e1436e1112a1c53e4d07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 4591
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://nhadat.forum.st
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019082901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 9B9C 66 KB
25 KB 14ms
14ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

05e529a757d25aa9d160d28e57c20041eee3f973870c0f0ad4ac7c21937254b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Aug 2019 13:06:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 25315
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:56:30 GMT

GET container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame 9B9C 0
0

GET
H/1.1 200
OK tweet_button.d9084ca5af1ffbe01c8d444cfadfa6fe.vi.html
platform.twitter.com/widgets/ Frame 0874 0
0 7ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.d9084ca5af1ffbe01c8d444cfadfa6fe.vi.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41D8) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: http://nhadat.forum.st/t92156-topic
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t92156-topic

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 15 Sep 2019 14:56:30 GMT
Etag: "cc41d771a7f9110588318da4d5fb07f9+gzip"
Last-Modified: Mon, 09 Sep 2019 22:11:15 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/41D8)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 12528

GET
H/1.1 200
OK tweet_button.d9084ca5af1ffbe01c8d444cfadfa6fe.vi.html
platform.twitter.com/widgets/ Frame 9BB0 0
0 13ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.d9084ca5af1ffbe01c8d444cfadfa6fe.vi.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40D7) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: http://nhadat.forum.st/t92156-topic
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t92156-topic

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 15 Sep 2019 14:56:30 GMT
Etag: "cc41d771a7f9110588318da4d5fb07f9+gzip"
Last-Modified: Mon, 09 Sep 2019 22:11:15 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40D7)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 12528

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 2184 0
75 B 18ms
16ms Fetch
image/gif 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuHZf8kMS-eMQMlgDAtRvAkueRlsVFOViXnZD-7k1pDPvQpMVQYaRbxleRrObGzAiUHYCpPuJcFtK074xlOVuGxgLEXISK_uoJQjr943kMwsboBZt_RXNaz0BssXfzb1o2mhVygkghSvTB8JXyn4FMVrhB9oMXlHFyyesW1N25arovEyWUqMqtgWwrEk_2-ausXKt3peBFxHEZwB03pieY1R0t7_hdXd4jEgwuRV5hwua5C3M1r3VkbGmniaKpMqw&sig=Cg0ArKJSzJo2i_erxUsrEAE&urlfix=1&adurl=

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 15 Sep 2019 14:56:30 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK 11662.js Show response
ads.rubiconproject.com/ad/ Frame 2184 26 KB
8 KB 22ms
7ms Script
text/javascript 23.8.3.174
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/11662.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082901.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.8.3.174 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-8-3-174.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: d02197080b9680999381b5f5337fedd92674e5a1550ddfcc0c70612d3170a5e3

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 15 Sep 2019 14:56:30 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3458
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 7558
Expires: Sun, 15 Sep 2019 15:54:08 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2184 78 KB
29 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5ae991940db5f8d052ab0ff33ec4be064db50ed1f3f649a4576af4687bff8d21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568373336498356"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29635
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:56:30 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame C373 77 KB
29 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fa6c0d77f097497e1a53b31c22f0aac13947e9a7a72a5202806411bebf7c916a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568373336498356"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29135
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:56:30 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame F281 0
0 19ms
6ms Document
text/html 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-35/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://nhadat.forum.st/t92156-topic
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t92156-topic

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 3491
date: Thu, 12 Sep 2019 17:35:26 GMT
expires: Fri, 11 Sep 2020 17:35:26 GMT
last-modified: Fri, 21 Jun 2019 14:35:26 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 249664
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8623 77 KB
29 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fa6c0d77f097497e1a53b31c22f0aac13947e9a7a72a5202806411bebf7c916a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568373336498356"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29135
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:56:30 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame BC22 0
0 10ms
6ms Document
text/html 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-35/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://nhadat.forum.st/t92156-topic
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t92156-topic

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 3491
date: Thu, 12 Sep 2019 17:35:26 GMT
expires: Fri, 11 Sep 2020 17:35:26 GMT
last-modified: Fri, 21 Jun 2019 14:35:26 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 249664
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B9C 77 KB
29 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fa6c0d77f097497e1a53b31c22f0aac13947e9a7a72a5202806411bebf7c916a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568373336498356"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29135
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:56:30 GMT

GET
H/1.1 200
OK 151372-2.js Show response
optimized-by.rubiconproject.com/a/11662/36512/ Frame 2184 2 KB
2 KB 40ms
33ms Script
text/javascript 69.173.144.143
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: http://optimized-by.rubiconproject.com/a/11662/36512/151372-2.js?&cb=0.07274462842077156&tk_st=1&rf=http%3A//nhadat.forum.st/t92156-topic&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=36512_2
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/11662.js
Protocol: HTTP/1.1
Security: , ,
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: f2b029bb11df58f468e87bfce49e1cbf5b56b98c23c40e428915151ef740a25c

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 15 Sep 2019 14:56:30 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=5, max=352
Content-Length: 1077
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1

200
OK

jot.html
platform.twitter.com/ Frame 5C31
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

7ms
6ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41A7) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: null
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 15 Sep 2019 14:56:31 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Mon, 09 Sep 2019 22:21:05 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/41A7)
X-Cache: HIT
Content-Length: 80

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Sun, 15 Sep 2019 14:56:31 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Sun, 15 Sep 2019 14:56:31 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_o
strict-transport-security: max-age=631138519
x-connection-hash: 904214cbcae5ec93a1a6fb330a322666
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 111
x-transaction: 00fa1a28009f862a
x-tsa-request-body-time: 0
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 2184 41 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: optimized-by.rubiconproject.com
URL: http://optimized-by.rubiconproject.com/a/11662/36512/151372-2.js?&cb=0.07274462842077156&tk_st=1&rf=http%3A//nhadat.forum.st/t92156-topic&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=36512_2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b0a55cd6ac476adf475714e621d8a8c3eedff93c7fa90698dc80179bd5fae956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "279 / 301 of 1000 / last-modified: 1568323759"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 13176
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:56:31 GMT

GET
H/1.1 200
OK dd5d4785-a818-4703-ab9a-31737f116aca
beacon-eu2.rubiconproject.com/beacon/d/ Frame 2184 43 B
268 B 13ms
6ms Image
image/webp 69.173.144.155
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://beacon-eu2.rubiconproject.com/beacon/d/dd5d4785-a818-4703-ab9a-31737f116aca?oo=0&accountId=11662&siteId=36512&zoneId=151372&sizeId=2&e=6A1E40E384DA563B85D0C06C3D97C35EA1C8D783D15CD91F906F7CAC089E86647E7BC61F8430A3C813A7F2A81E023B166D748C0D8D7FAA229199858D341E5C8D1FB72C7EDE4C2D0469EB409720C900EFAC237D6FA0EBFC9A6240B348FC26EBCFAF1851064EF393BB15037C36D07AA5E5C7C1CF1F687B0E7183009FDB9DE7981633F8630F2FDB6069
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Security: , ,
Server: 69.173.144.155 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 15 Sep 2019 14:56:30 GMT
Cache-Control: private, max-age=0, no-cache
Server: Rubicon Project
Content-Type: image/webp
Content-Length: 43
Expires: 01 Jan 1970 10:00:00 GMT

GET
H2 200 pubads_impl_2019090501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 2184 159 KB
58 KB 14ms
14ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

1f948056b50b22854611638a2a293c1f4eb05e9b72c29b2e3f41eefabd789788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Sep 2019 13:05:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 59665
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:56:31 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame 2184 113 B
175 B 18ms
18ms Script
application/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=nhadat.forum.st

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 15 Sep 2019 14:56:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 108
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 2184 3 KB
2 KB 211ms
211ms XHR
text/plain 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4145536438336643&correlator=1176353408534566&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fif&eid=21064552%2C21062832%2C21064268%2C21064527&vrg=2019090501&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=0&sfv=1-0-35&ecs=20190915&iu=%2F1150267%2FEtoxicSarl_2019_728x90&sz=728x90&eri=6&cookie=ID%3D670f25cace6943b9%3AT%3D1568559390%3AS%3DALNI_MYNH9Jxtv53zdsZq5WHkKm4oOq6rA&cdm=nhadat.forum.st&bc=23&lmt=1568559391&dt=1568559391106&dlt=1568559390899&idt=192&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adx=322&ady=488&adk=442451065&uci=d1mtiv2hjhvx&ifi=1&ifk=2247955037&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&top=nhadat.forum.st&dssz=10&icsg=90&mso=1&std=0&vis=1&scr_x=0&scr_y=0&ga_vid=811161483.1568559390&ga_sid=1568559390&ga_hid=1016610641&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

63c080bfa7fd5503e4700a7ba23f74d30af05463d441fe4b5605fb8d59c6cf6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 1744
x-xss-protection: 0
google-lineitem-id: 227269977
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 80630180577
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://nhadat.forum.st
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019090501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 2184 63 KB
24 KB 14ms
14ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

4021f17f04d1808610fd53096d9a57e97d86a7d8c94cd86b970640c4f99a70c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Sep 2019 13:05:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 24375
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:56:31 GMT

GET container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame 2184 0
0

GET
H/1.1 200
OK analytics.js Show response
s.update.rubiconproject.com/2/873648/ Frame 2184 0
75 B 127ms
27ms Script
text/plain 18.202.51.56
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/873648/analytics.js?si=36512&di=nhadat.forum.st&ap=&dm=2&pi=151372&ti=dd5d4785-a818-4703-ab9a-31737f116aca&r5=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&dt=8736481428691810142000
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.202.51.56 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-202-51-56.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 15 Sep 2019 14:56:31 GMT
Content-Length: 0

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 0958 0
0 21ms
7ms Document
text/html 104.111.230.142
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: http://nhadat.forum.st/t92156-topic
Accept-Encoding: gzip, deflate, br
Cookie: khaos=K0L3RG0Z-1X-4U6G; rsid=1|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxptBfrzPAh1r4H5OGjlRsLybbqMiOGkSHO3tj2oYW2peUXLM3KhKwL/tEgKgkFF9x4mVZDhR1578z/6X/8LU6/0VKHQMF//AbqBkxRgOUD0oqplIsc4qJs=; ses2=36512^1; vis2=36512^1; audit=1|hLZGFuTafB3LqOSmTsbDAu99qzxPzGzou4mkACpDe5DJUnRdDz79OB0BKKXrPws8a5659H+SqPWAF7qA5WC/AGtQLX+YcKga
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t92156-topic

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 11 Sep 2019 18:27:19 GMT
Content-Encoding: gzip
Content-Length: 7614
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=31200
Expires: Sun, 15 Sep 2019 23:36:31 GMT
Date: Sun, 15 Sep 2019 14:56:31 GMT
Connection: keep-alive
Vary: Accept-Encoding

POST
H/1.1 200
OK ping Show response
api.viglink.com/api/ 341 B
1022 B 71ms
40ms XHR
text/javascript 99.80.15.126
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/ping
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: , ,
Server: 99.80.15.126 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-99-80-15-126.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: efaec2654cb7852826054079a4e032bbe64ffdc5fe7c54eccc40a369d1b42219

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sun, 15 Sep 2019 14:56:30 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://nhadat.forum.st
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 341
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 2184 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fec6058416e65aa2954aa900e759f1cafa1e7f316e390653a94684b8ed3b5984

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

tag.min.js Show response
get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/
Redirect Chain

http://api.viglink.com/api/sync.js?key=9019de09e2fbd24ca1be00a9fededd9e
http://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js

43 KB
14 KB

35ms
23ms

Script
text/javascript

2600:9000:2057:de00:1f:287:d20a:ce1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Security: , ,
Server: 2600:9000:2057:de00:1f:287:d20a:ce1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4581a8ee1f3b5103458e5ad88a90c847bacce216bb021fc8a21d9d9f9e0e3d1b

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: ZHambxBZf8oDBVbsA2eKvhosoGHeIUKy
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Fri, 06 Sep 2019 22:23:21 GMT
Server: AmazonS3
Age: 1498
Date: Sun, 15 Sep 2019 14:31:51 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: yxm8SMo5aCA7NIjA0yGg73pQLoZRPOfHtllPR5Hairxi2PlpuFjDSw==

Redirect headers

Pragma: no-cache
Date: Sun, 15 Sep 2019 14:56:31 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Location: http://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

http://api.viglink.com/api/sync.gif?key=9019de09e2fbd24ca1be00a9fededd9e
http://ce.lijit.com/merge?pid=8008&3pid=2c6fa9e2efc8591b38d56b4db2c71cea

0
532 B

30ms
18ms

Image
text/html

72.251.249.13
Internap Corporation

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ce.lijit.com/merge?pid=8008&3pid=2c6fa9e2efc8591b38d56b4db2c71cea
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Security: , ,
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 15 Sep 2019 14:56:31 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ap2ams1
Content-Type: text/html;charset=utf-8
X-Application-Context: application:prod:9080
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 15 Sep 2019 14:56:31 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Location: http://ce.lijit.com/merge?pid=8008&3pid=2c6fa9e2efc8591b38d56b4db2c71cea
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK domains Show response
api.viglink.com/api/ 42 B
488 B 40ms
33ms XHR
text/javascript 99.80.15.126
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/domains
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: , ,
Server: 99.80.15.126 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-99-80-15-126.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 1e542041fc3a7a8ab0dce3f2853cf988df9e5d091cc2d4b8b0d110686ec3f9a5

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sun, 15 Sep 2019 14:56:30 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://nhadat.forum.st
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK insert Show response
api.viglink.com/api/ 117 B
564 B 59ms
37ms XHR
text/javascript 99.80.15.126
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/insert
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: , ,
Server: 99.80.15.126 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-99-80-15-126.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 4c033ca9fbe6726bff70f8845f448079a830bc77deebeea7b70e287551dd866c

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sun, 15 Sep 2019 14:56:31 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://nhadat.forum.st
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 117
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK / Show response
onetag-geo.s-onetag.com/ 23 B
599 B 13ms
6ms XHR
application/json 2600:9000:2057:200:5:ae3a:ba00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: http://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
Protocol: HTTP/1.1
Security: , ,
Server: 2600:9000:2057:200:5:ae3a:ba00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: ad16e1b37490fca28df99d039d6373d2fee4d894fcd279d95b90ae872f4d860f

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 15 Sep 2019 14:09:19 GMT
Via: 1.1 fc3a4fa8a6bf80fc624a0bc082bb5b4e.cloudfront.net (CloudFront), 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
Connection: keep-alive
Age: 2831
x-amzn-RequestId: 2e58970f-a8bb-4035-9182-9c3ab91bbf73
X-Cache: Hit from cloudfront
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
X-Amz-Cf-Pop: FRA56, FRA6-C1
x-amz-apigw-id: AD_igEdbSK4FeAg=
Content-Length: 23
X-Amz-Cf-Id: qZ51VSvmJGrzrxv2RhbFrViGygfSKmzDHllK2qywMASu42CgdCzW5w==

GET
H2 200 beacon.min.js Show response
beacon.s-onetag.com/ 18 KB
6 KB 32ms
6ms Script
application/javascript 2600:9000:2057:1800:5:9a4c:9b00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.s-onetag.com/beacon.min.js
Requested by: Host: get.s-onetag.com
URL: http://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:1800:5:9a4c:9b00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 662fa6bcdf71d8f92e29010d3e2e270e0071e5d19b1d14ce205654a78aa0a7a9

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: dQ2IPgbwW_sArXQW0CBb3eN5W57SqoQ0
content-encoding: gzip
last-modified: Thu, 04 Apr 2019 09:35:05 GMT
server: AmazonS3
age: 79
date: Sun, 15 Sep 2019 14:55:12 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: FVy-ftv5ogrXSztq5d113qunkFm5V0AE1LaXwRb4LOes2sqaVrDaug==
via: 1.1 c26b8e74df43cd99786e716221463d0c.cloudfront.net (CloudFront)

POST
H/1.1 400
Bad Request optimize Show response
api.viglink.com/api/ 986 B
1 KB 32ms
28ms XHR
text/html 99.80.15.126
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/optimize
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: , ,
Server: 99.80.15.126 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-99-80-15-126.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 4192f7a925a86b25b87e422c509071dc6d5222fef92358406b627882ee2c22af

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sun, 15 Sep 2019 14:56:30 GMT
Server: Apache-Coyote/1.1
Content-Language: en
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://nhadat.forum.st
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html;charset=utf-8
Content-Length: 986
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 delayed_impression_vu_simple_fetch_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20190911/r20110914/elements/html/impression/ Frame B19C 348 B
341 B 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190911/r20110914/elements/html/impression/delayed_impression_vu_simple_fetch_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

fe737fdb93a94dadb4213dc408516d4ce0a94767c17c16e4acfdf2a3135e3a7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Sep 2019 20:27:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 325758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 232
x-xss-protection: 0
server: cafe
etag: 6967780391622126204
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Sep 2019 20:27:13 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame B19C 78 KB
29 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5ae991940db5f8d052ab0ff33ec4be064db50ed1f3f649a4576af4687bff8d21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568373336498356"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29635
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:56:31 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2184 77 KB
29 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fa6c0d77f097497e1a53b31c22f0aac13947e9a7a72a5202806411bebf7c916a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Sep 2019 14:56:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568373336498356"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29135
x-xss-protection: 0
expires: Sun, 15 Sep 2019 14:56:31 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2184 0
66 B 19ms
19ms Image
image/gif 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&r=728x90&w=728&h=90

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Sep 2019 14:56:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame B19C 0
57 B 18ms
18ms Fetch
image/gif 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4n7W_k-W52ydV0trxhRB67U9WAC0LiUEMF8YnzK1-cdORin0prHG0kJEBT1VZy4fMX0qFYVS5Ygwhpped1Zoqt47ofs3DyMxiZWulNndnJ_Pes9MGtAz7BIlEs2fUq340zv7H-ElU_bY-Z_Rp6MDYDwQu6Zzc-hM5vIJjXGnh9EVl1vcsx94ARAbJl6DhA8pGXoY3diSb-DEb1bWvOeZGBWEpFE3tNXVSlZYzZmHlqhVzHfz2bB-kCnqsuxRYt7wAf-yRiJD4vjVF8737&sig=Cg0ArKJSzG_j2xOPjaK2EAE&urlfix=1&adurl=

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20190911/r20110914/elements/html/impression/delayed_impression_vu_simple_fetch_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 15 Sep 2019 14:56:31 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK banner
b.a2gw.com/ Frame 72A8 0
0 140ms
31ms Document
text/html 34.249.204.108
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://b.a2gw.com/banner?dfp=21773487228&cw=728&ch=90&_cb=800376867
Requested by: Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.204.108 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-249-204-108.eu-west-1.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash

Request headers

Host: b.a2gw.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: http://nhadat.forum.st/t92156-topic
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://nhadat.forum.st/t92156-topic

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Sun, 15 Sep 2019 14:56:31 GMT
Expires: 0
Server: nginx/1.14.1
Content-Length: 279
Connection: keep-alive

GET
DATA 200
OK truncated
/ Frame B19C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d5d8c0ef1ca89fdfd3e78053599d3b487091c335dd917006ca5760ab749f4e5

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 2184 42 B
115 B 14ms
14ms Image
image/gif 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv9c-OHzoQr0u9lJdRb0OOHJItb16aoEv54wtO7sb-r19r4atyx7-m9x8pEmbBKBq-ok2eDd5YVjExYWpEjruHqS6g8DExlVmNGIlG480U&sig=Cg0ArKJSzDmL1YnW0VomEAE&adk=1505497364&tt=1219&bs=1585%2C1200&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&p=0,0,90,728&mcvt=1012&rs=3&ht=0&tfs=211&tls=1223&mc=1&lte=1&bas=0&bac=0&met=0&avms=nio&niot_obs=4&niot_cbk=7&md=2&lm=2&rst=1568559390907&rpt=222&isd=0&oseid=2&xdi=0&ps=1585%2C2782&ss=1600%2C1200&pt=5&bin=1&deb=1-1-1-8-13-6-15-12-0-0-0&tvt=1220&is=728%2C90&iframe_loc=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&r=v&id=osdim&vs=4&uc=11&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20190913

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Sep 2019 14:56:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame B19C 42 B
110 B 14ms
14ms Image
image/gif 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstfaPlcaWyfdFh91o7b_6-PB4djSRjX3XfiSUiQn4XdwTzJX-9TRwsHI0J8xeOzmm-J8Pz4wYFeeyYxWstYzJNCgoU-zeVtgvIQMBLtfc8&sig=Cg0ArKJSzBMRvSUCIg_dEAE&adk=442451065&tt=1116&bs=1585%2C1200&mtos=1014,1014,1014,1014,1014&tos=1014,0,0,0,0&p=0,0,90,728&mcvt=1014&rs=3&ht=0&tfs=107&tls=1121&mc=1&lte=1&bas=0&bac=0&met=0&avms=nio&niot_obs=5&niot_cbk=11&md=2&lm=2&rst=1568559391336&rpt=148&isd=0&oseid=3&xdi=0&ps=1585%2C2782&ss=1600%2C1200&pt=6&bin=1&deb=1-1-1-9-12-7-15-11-0-0-0&tvt=1117&is=728%2C90&iframe_loc=http%3A%2F%2Fnhadat.forum.st%2Ft92156-topic&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20190913

Requested by

Host: nhadat.forum.st
URL: http://nhadat.forum.st/t92156-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Sep 2019 14:56:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
onetag-geo.s-onetag.com/ 23 B
599 B 13ms
8ms XHR
application/json 2600:9000:2057:200:5:ae3a:ba00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://onetag-geo.s-onetag.com/
Requested by: Host: beacon.s-onetag.com
URL: https://beacon.s-onetag.com/beacon.min.js
Protocol: HTTP/1.1
Security: , ,
Server: 2600:9000:2057:200:5:ae3a:ba00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: ad16e1b37490fca28df99d039d6373d2fee4d894fcd279d95b90ae872f4d860f

Request headers

Referer: http://nhadat.forum.st/t92156-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 15 Sep 2019 14:09:19 GMT
Via: 1.1 fc3a4fa8a6bf80fc624a0bc082bb5b4e.cloudfront.net (CloudFront), 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
Connection: keep-alive
Age: 2841
x-amzn-RequestId: 2e58970f-a8bb-4035-9182-9c3ab91bbf73
X-Cache: Hit from cloudfront
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
X-Amz-Cf-Pop: FRA56, FRA6-C1
x-amz-apigw-id: AD_igEdbSK4FeAg=
Content-Length: 23
X-Amz-Cf-Id: GoMtEpe2pgXK1D7gnGUEfC6XgBbd42HvyZNcKIRElQt-hT5-xwed2Q==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=2

Verdicts & Comments Add Verdict or Comment

368 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ad-srv.net/	1970-01-19 05:52:15	Name: pwzdy6wsn8n7_uid Value: a3842c3668bf9788
eus.rubiconproject.com/	1970-01-19 05:52:15	Name: pux Value: 1512%3D85071%262249%3D85071%262307%3D85071%262974%3D85071%263778%3D85071%26brx%3D85071%26goog%3D85071%26w55c%3D85071%26
.rubiconproject.com/	1970-01-19 12:28:15	Name: audit Value: 1\|hLZGFuTafB3LqOSmTsbDAu99qzxPzGzou4mkACpDe5DJUnRdDz79OB0BKKXrPws8a5659H+SqPWAF7qA5WC/AGtQLX+YcKga
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxptBfrzPAh1r4H5OGjlRsLybbqMiOGkSHO3tj2oYW2peUXLM3KhKwL/tEgKgkFF9x4mVZDhR1578z/6X/8LU6/0VKHQMF//AbqBkxRgOUD0oqplIsc4qJs=
.rubiconproject.com/	1970-01-19 12:28:15	Name: khaos Value: K0L3RG0Z-1X-4U6G
nhadat.forum.st/	1970-01-19 13:12:53	Name: __atuvc Value: 1%7C38
.forum.st/	1970-01-19 21:13:51	Name: __gads Value: ID=670f25cace6943b9:T=1568559390:S=ALNI_MYNH9Jxtv53zdsZq5WHkKm4oOq6rA
.nhadat.forum.st/	1970-01-19 03:42:39	Name: __utmt Value: 1
.nhadat.forum.st/	1970-01-19 03:42:41	Name: __utmb Value: 258443733.2.10.1568559390
nhadat.forum.st/	1970-01-19 03:42:41	Name: __atuvs Value: 5d7e511e39b527d0000
.forum.st/	1970-01-19 03:42:39	Name: _gat_gtag_UA_144347007_1 Value: 1
.nhadat.forum.st/	1970-01-19 08:05:27	Name: __utmz Value: 258443733.1568559390.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.doubleclick.net/	1970-01-19 13:04:15	Name: IDE Value: AHWqTUm-DxORB6TFPbuXnUXby3RpEYNv3SrPcILBnkuYXFKDPp6DlVvV6dTEu--i
.nhadat.forum.st/	1969-12-31 23:59:59	Name: __utmc Value: 258443733
.nhadat.forum.st/	1970-01-19 21:13:51	Name: __utma Value: 258443733.811161483.1568559390.1568559390.1568559390.1
.rubiconproject.com/	1970-01-19 03:43:33	Name: vis2 Value: 36512^1
.forum.st/	1970-01-19 21:13:51	Name: _ga Value: GA1.2.811161483.1568559390
.rubiconproject.com/	1970-01-19 03:43:33	Name: ses2 Value: 36512^1
.forum.st/	1970-01-19 03:44:05	Name: _gid Value: GA1.2.1535319964.1568559390
.nhadat.forum.st/	1970-01-19 04:04:15	Name: _fa-screen Value: %7B%22w%22%3A1600%2C%22h%22%3A1200%7D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://nhadat.forum.st/t92156-topic(Line 20) Message: {"w":1600,"h":1200}
console-api	log	URL: http://nhadat.forum.st/t92156-topic(Line 155) Message: Failed to register service worker.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.rubiconproject.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
api.viglink.com
b.a2gw.com
b.scorecardresearch.com
beacon-eu2.rubiconproject.com
beacon.s-onetag.com
bidder.criteo.com
cdn.taboola.com
cdn.viglink.com
ce.lijit.com
connect.facebook.net
connect.topicit.net
eus.rubiconproject.com
fonts.googleapis.com
get.s-onetag.com
googleads.g.doubleclick.net
hitsk.in
i.servimg.com
illiweb.com
mudim.googlecode.com
nhadat.forum.st
onetag-geo.s-onetag.com
optimized-by.rubiconproject.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
remitano.com
s.update.rubiconproject.com
s7.addthis.com
securepubads.g.doubleclick.net
static.criteo.net
staticxx.facebook.com
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
v1.addthisedge.com
www.bandatnendongnai.vn
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.sonsochu.com.vn
tpc.googlesyndication.com
103.74.123.4
104.111.230.142
104.244.42.200
151.101.114.2
178.250.0.165
178.250.2.130
18.202.51.56
2.16.186.80
202.182.98.49
216.58.210.2
23.210.248.44
23.8.3.174
2600:9000:2057:1800:5:9a4c:9b00:93a1
2600:9000:2057:200:5:ae3a:ba00:93a1
2600:9000:2057:de00:1f:287:d20a:ce1
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6814:17fa
2606:4700:30::6812:3807
2606:4700:30::6818:787c
2606:4700:30::681c:e2
2606:4700::6810:a20d
2606:4700:e2::ac40:8a18
2a00:1450:4001:806::2002
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:817::2003
2a00:1450:4001:819::200e
2a00:1450:4001:81a::200a
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::2004
2a00:1450:4001:81d::2002
2a00:1450:4001:820::2008
2a00:1450:400c:c00::52
2a00:1450:400c:c0c::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.249.204.108
69.173.144.143
69.173.144.155
72.251.249.13
94.23.159.185
99.80.15.126
01d6aaec4ff29f98c9a96f9ecdeffa2168e4f8e3e4e2ca8ee9aa73e858f38323
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05e529a757d25aa9d160d28e57c20041eee3f973870c0f0ad4ac7c21937254b1
079c6baf748d3b543bd11d58558f93c92619dfc023b34b66a1c3648a4f01feee
0915a998c8a41f69e82331eca861ccb6635aac2eeb5639348f370e6e189c663c
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
177956c92b2e1a8845baa7dd3f06d8ae1f1b5181563566710e6eef565888028a
1b41fda21beefc30d61f983ea8764572e82499e3bd7ccf1d25ee0701b3acb79f
1c78642b1b256f276db999a53f10c1c638abc3d01f31aadd48894c18d4bc215f
1d5d8c0ef1ca89fdfd3e78053599d3b487091c335dd917006ca5760ab749f4e5
1e542041fc3a7a8ab0dce3f2853cf988df9e5d091cc2d4b8b0d110686ec3f9a5
1f948056b50b22854611638a2a293c1f4eb05e9b72c29b2e3f41eefabd789788
21fdee7b0b8fe6e50ae8757d088eec9d41f83e2e6b1fafd73dea3deb5452c81e
27860bbd92fc2f77d8f4c4b0c01ab7649cc8002ad183240e7289338d217b0566
27a1b8a51741d0473ab2eab70188657fd20d755ba84e0b3e6a51e6f94d7e3a4b
2a2ac2019375eb1e51e20fdd63a65eb9c94964a8da0633fe76718d6d0c7decff
2b7caf43d9c84f7b05243a68e7bc41555f0b873a115a1e1c691f86bed97dd4d9
2c8290b8ae9591719ec9f329dd17790a6b7e633ebd941deca3467285b97e3f5d
2d8b76ce721e4684e231dce5ac0c227a4220a2c054c94613924835750824b544
2ea955cabe710b582d2dab5a5659f00c789af91e5a1fb8a1678e5cc69c82f107
341c18f0561ecad04421132132fdd7306fa3134f65aa6e7e4a0a8b78dd929051
3682a82a1dd6c67a32cb888e738e45bba2b1aace5ce26a4479cd18a007841399
39ce845fc0203d4cb00559dff89d9448765e0ebd65ebbaf76623cc9850827542
4021f17f04d1808610fd53096d9a57e97d86a7d8c94cd86b970640c4f99a70c6
4192f7a925a86b25b87e422c509071dc6d5222fef92358406b627882ee2c22af
4581a8ee1f3b5103458e5ad88a90c847bacce216bb021fc8a21d9d9f9e0e3d1b
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
49634ba201ae609a6a5935ce7c0a3c64b8515f5b8f7fafcf7ba9c0475f7a8a6c
4a25ffd0157934358e43303fb3d068256095cf6bc686fc8b1c72b39fe222e73d
4c033ca9fbe6726bff70f8845f448079a830bc77deebeea7b70e287551dd866c
4c989150dada9ab8cd2b204788e7f30ea067372f849833b9ead2938a096db9eb
4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028
4e8a79a702c74305fd3a2a0e10d8fadc1752d72ea159b0a4b25825acf3ef42ad
5ae991940db5f8d052ab0ff33ec4be064db50ed1f3f649a4576af4687bff8d21
5ef7a93fa3f7be107e4de1d65b50da318841b0f08bdeafff4a62277f17e7c6cc
605183a8594eb65a3db95a7735ad7adac28b7b9814a70334837fe630bdd8d5f4
622ec32e5d5ea993ed155d0c21ae43799507b27ba243e8bfe7b801a30cf7e6d1
63c080bfa7fd5503e4700a7ba23f74d30af05463d441fe4b5605fb8d59c6cf6a
662fa6bcdf71d8f92e29010d3e2e270e0071e5d19b1d14ce205654a78aa0a7a9
673f7fa223246af1701b09c14c845a679f9b048c135fd0bb987e4564932d6f77
6868d74127ba9b30860f736c99cbdc77e7e4979a03d9028e525552b252d52143
6cdfe222dd349c5abe81b9b8c535d16c1c5d6b04950651558ca41d4078e30d00
6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90
6f965e91fcd9010bc9f4d1225479b4996cecf25c4bff92f99df371bf159379f3
713ee1f99eb3fea3d726a797e55dcc0b6b8ab5eb1db72bc2ac7430d6c6c5e1c5
732c12aebb5b2bf8f7391cff1a38844f27453dd0b9f91369d7d120d6b1ad4964
794fe0486515f44881ce168acf0fb4ba478b6971fe3448ae96176f50075fadca
79da493095f8897605de282590eb6f2746fe9a72a0d4c2a499b048565a04ede6
7cab80216e76ca45311b4ab451d8cdf7466633adbdb01feb967e6361ee6998c0
80e452e1f9cc09e9f4afc6ea675ffd329c0c375af071ccd3dde49e9e3f8c3be0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8873006f9510990782c1b977f37fa659415d5377fbe4e1436e1112a1c53e4d07
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aee7e72f173d63fbd15c24521847ab7d25f3a570d1bc132d5be26653bcedd8a
913bbda58746d2834fa514a1960eddd741c0dad41288fdcca43afb0203fde631
a4542c5ce6094ffbc5d0f25ce86fa947d99391476498220916fe8823125b27fc
a4b1ec13fc84d5296e1b1332ebff97d5e783238341bfc5adcec2e3d1631d7b09
a525e9410427b0509fe2214292dcf2f342dbaaaafe41a3eb33e3b6a28688f7f1
a928550576e6dc33ebb06e0f2e807b6bf350b118e0cf39b44eb5301831d00b5c
ad16e1b37490fca28df99d039d6373d2fee4d894fcd279d95b90ae872f4d860f
b0a55cd6ac476adf475714e621d8a8c3eedff93c7fa90698dc80179bd5fae956
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b55324a12c6a457bef25d9b69a12e32c82fcc4e4de60f327497a68e79faad754
bbdded36da71b3cd95ebcc0e44adca2e2f6e92cfdf60635d94735a96308f48a2
bd3cad6b7ba79270dee54a5ba1482ac6b522b147dc8f9d04791050711ada7865
bf39734c6b0b0aa2a63217dc803eaba3d79520d3bdd30c4018ee10a181b2b2fb
c2be71422735c4c62ae840477bd44581ba2006ae2ed94b381a3d25fb60300ba8
c2ce2107c4196e933dd1cb15b07adb3e8245a9e6b96066562c49033aacd239f0
c662377c5cb31fe72c72e0162b44a2cbf811720aab0a80d8cfc30aac9a1376e8
cafcc9a51d760f8caf35209bffaa361d8be982ef5018292042d789b8433dd2b3
d02197080b9680999381b5f5337fedd92674e5a1550ddfcc0c70612d3170a5e3
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
d1bd7d449c312e3f1395dade6040e69514b646a495051dbd87f6cff386239eec
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e004ee77cdd0e83653c2bd53ed833fe6a25d73e2371ece3d081f1c2b16de2478
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c89e05bf4302b8521538f38f4117d88f59e34a3251b9daa330a1ac1bbfe23b
e70a5676138000a3c1c75120e9e961af1a97d62e28a5d02ce512fc54bd7b2380
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
ec4fb05ff94d7a46463cf9920e089852f81ad10bdfd03b4f3741c88602ee00b4
ec6c461b6a7da1d28c5bb10b93c755c080ccdaed59821bdf1076bdc3866cc956
ed46ff2bc02a51fa12d7e3223b20001a4ed8cf5acfcbfc8e9786996745f0adcd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efaec2654cb7852826054079a4e032bbe64ffdc5fe7c54eccc40a369d1b42219
f2b029bb11df58f468e87bfce49e1cbf5b56b98c23c40e428915151ef740a25c
fa6c0d77f097497e1a53b31c22f0aac13947e9a7a72a5202806411bebf7c916a
facb3e5741e7c0bdef290f3b75a5b221b30908330d428630e4bea4e1e7555ffa
fcbe0e52986350dd06720959cac45ad3cd91a69a44012bef9027d590f1327d95
fe737fdb93a94dadb4213dc408516d4ce0a94767c17c16e4acfdf2a3135e3a7b
fec6058416e65aa2954aa900e759f1cafa1e7f316e390653a94684b8ed3b5984

nhadat.forum.st Open in urlscan Pro 94.23.159.185 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

141 Requests

77 %HTTPS

58 %IPv6

33 Domains

48 Subdomains

42 IPs

10 Countries

2037 kBTransfer

4928 kBSize

20 Cookies

10 Outgoing links

Redirected requests

141 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

nhadat.forum.st Open in urlscan Pro
94.23.159.185 Public Scan

Screenshot
Live screenshot

Full Image

141
Requests

77 %
HTTPS

58 %
IPv6

33
Domains

48
Subdomains

42
IPs

10
Countries

2037 kB
Transfer

4928 kB
Size

20
Cookies

141 HTTP transactions
2 data transactions