raovat49.com Open in urlscan Pro
207.244.243.69 Public Scan

URL: https://www.facebook.com/antoanvietquan12/
Title: https://www.facebook.com/antoanvietquan12/

URL: https://www.tumblr.com/antoanvietcom
Title: https://www.tumblr.com/antoanvietcom

URL: https://twitter.com/antoanvietcom
Title: https://twitter.com/antoanvietcom

URL: https://www.pinterest.com/antoanvietcom/
Title: https://www.pinterest.com/antoanvietcom/

URL: https://sites.google.com/view/antoanvietcom/
Title: https://sites.google.com/view/antoanvietcom/

URL: https://www.youtube.com/channel/UClrKaA6mIx_PTIjOCW5VOiA
Title: https://www.youtube.com/channel/UClrKaA6mIx_PTIjOCW5VOiA

Redirected requests

There were HTTP redirect chains for the following requests:

80 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request an-toan-viet-5304457 Show response
raovat49.com/s/ 55 KB
11 KB 2046ms
388ms Document
text/html 207.244.243.69
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

https://raovat49.com/s/an-toan-viet-5304457

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

c46836d388fce1d5022bf0b0b3968030c70466c159f5117b8a17a42026fe0e93

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 11 May 2024 14:38:40 GMT
server: Microsoft-IIS/10.0
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-html-minification-powered-by: WebMarkupMin
x-powered-by: ASP.NET

GET
H2 200 bootstrap_min.css
raovat49.com/Themes/v1/assets/bootstrap/css/ 118 KB
27 KB 414ms
413ms Stylesheet
text/css 207.244.243.69
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

https://raovat49.com/Themes/v1/assets/bootstrap/css/bootstrap_min.css

Requested by

Host: raovat49.com
URL: https://raovat49.com/s/an-toan-viet-5304457

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

dc0a7aea2a8359b56611fdccd2d893ebed6eae8c69f9cd81a399a020e1a6f2a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/s/an-toan-viet-5304457
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
date: Sat, 11 May 2024 14:38:40 GMT
last-modified: Sat, 01 Apr 2023 14:36:57 GMT
server: Microsoft-IIS/10.0
etag: "1d964a7691c53d0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes

GET
H2 200 style.css
raovat49.com/Themes/v1/assets/css/ 113 KB
28 KB 382ms
381ms Stylesheet
text/css 207.244.243.69
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

https://raovat49.com/Themes/v1/assets/css/style.css?v=12052021

Requested by

Host: raovat49.com
URL: https://raovat49.com/s/an-toan-viet-5304457

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

dc87654a6d636a179920315df7487166906d8c111d5abb6ca65b1e1095c25c93

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/s/an-toan-viet-5304457
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
date: Sat, 11 May 2024 14:38:40 GMT
last-modified: Thu, 15 Jun 2023 11:12:24 GMT
server: Microsoft-IIS/10.0
etag: "1d99f7a42d0581a"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes

GET
H2 200 jquery.min.js Show response
raovat49.com/Themes/v1/assets/js/jquery/ 91 KB
41 KB 228ms
227ms Script
application/javascript 207.244.243.69
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

https://raovat49.com/Themes/v1/assets/js/jquery/jquery.min.js

Requested by

Host: raovat49.com
URL: https://raovat49.com/s/an-toan-viet-5304457

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

8bf150f6b29d6c9337de6c945a8f63c929b203442040688878bc2753fe13e007

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/s/an-toan-viet-5304457
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
date: Sat, 11 May 2024 14:38:40 GMT
last-modified: Fri, 11 Dec 2020 19:54:14 GMT
server: Microsoft-IIS/10.0
etag: "1d6cff766a41c81"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
51 KB 394ms
157ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9837065932233532

Requested by

Host: raovat49.com
URL: https://raovat49.com/s/an-toan-viet-5304457

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbbda284bdc569eea5da7ea6f44ee64b05843ca54a3ba9372618be42a210bc42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://raovat49.com/
Origin: https://raovat49.com
Accept-Language: he-IL,he;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 11 May 2024 14:38:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52343
x-xss-protection: 0
server: cafe
etag: 11761630969185215424
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 11 May 2024 14:38:41 GMT

GET
H2 200 pub-9837065932233532 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 403ms
142ms Script
application/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-9837065932233532?ers=1

Requested by

Host: raovat49.com
URL: https://raovat49.com/s/an-toan-viet-5304457

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

ESF /

Resource Hash

48538f12a1fa5755be0ef006d8aebf254d387f421d04f6159a6e54fb64def654

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1dhsvjN4meGIAeYRlJ_yFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 11 May 2024 14:38:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-1dhsvjN4meGIAeYRlJ_yFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw0pBiOO90h-k6EBtoPGeyAGKJry-ZNIA45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUCc9O88axEId19grQLinYsvsB4E4lVHLrBuAuL2zxdYpwPxN_aLrP-AuNzxIms9EAvxcHxs_beRTWDDtAMzmJQ0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDEwNLPUMjOMLDAA6E0p0"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 swg-basic.js Show response
news.google.com/swg/js/v1/ 252 KB
73 KB 371ms
115ms Script
text/javascript 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-basic.js

Requested by

Host: raovat49.com
URL: https://raovat49.com/s/an-toan-viet-5304457

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c297dd0ce4816acaf52c91d3406e0cc2dd81bf7cbc7d339f9810040e36bba61d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 11 May 2024 14:27:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74636
x-xss-protection: 0
last-modified: Wed, 08 May 2024 15:50:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sat, 11 May 2024 15:17:35 GMT

GET
H2 200 logo.png
raovat49.com/images/ 6 KB
6 KB 353ms
352ms Image
image/png 207.244.243.69
NL-811-40021

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raovat49.com/images/logo.png

Requested by

Host: raovat49.com
URL: https://raovat49.com/s/an-toan-viet-5304457

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b1b3f02ca855972a4d2a283eabef6e9c3ccc133d16fb895eb539a8a2a9c3b49c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/s/an-toan-viet-5304457
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
date: Sat, 11 May 2024 14:38:40 GMT
last-modified: Fri, 11 Dec 2020 19:54:24 GMT
server: Microsoft-IIS/10.0
etag: "1d6cff76c9b4ea8"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 5800

GET
H3 200 raovat49.com.1380001.js Show response
jsc.mgid.com/r/a/ 6 KB
3 KB 795ms
656ms Script
text/javascript 104.19.129.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/r/a/raovat49.com.1380001.js

Requested by

Host: raovat49.com
URL: https://raovat49.com/s/an-toan-viet-5304457

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a907ad7bb5d2a23621c06f59cb2ec4a8259c268a2d2f0429bd925d06e9cd3ce8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 11 May 2024 14:38:41 GMT
x-amz-version-id: BPv4Rk2pT4wiF2WfmTMhy5MffMPukvDN
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: VVKFAMAGCJPSC6N3
cf-polished: origSize=6017
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: DaWE7vKNAIb0jYmCz7O5Nd91gbKBe7RP8KL7F7yR8IMin9JLDJpbXtdTMCoZWp8KjjubcZ5LAEU=
cf-bgj: minify
last-modified: Fri, 26 Apr 2024 11:07:18 GMT
server: cloudflare
etag: W/"c63282e71b19d93a79cc260d562e6903"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 8822ea050b089290-FRA
expires: Sat, 11 May 2024 17:38:41 GMT

GET
H3 200 raovat49.com.1380009.js Show response
jsc.mgid.com/r/a/ 6 KB
3 KB 764ms
625ms Script
text/javascript 104.19.129.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/r/a/raovat49.com.1380009.js

Requested by

Host: raovat49.com
URL: https://raovat49.com/s/an-toan-viet-5304457

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9f5ec6e3434a5b2936c488c4e7acd9fef916f517d6395cdb30c657c06e48384

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 11 May 2024 14:38:41 GMT
x-amz-version-id: JY.W4tpu1ls.fI7WWoUHGlf7lyl8KFyS
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: VZZ1GR20GT7WRBYE
cf-polished: origSize=6017
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 80eUXFZsTOvIvtLYzsMI7em2GZeExYwM16L+neC664Ld+i+gc5/MRs3cTV3Xmn/G8iTFdp76t30=
cf-bgj: minify
last-modified: Fri, 26 Apr 2024 11:07:19 GMT
server: cloudflare
etag: W/"22d4d6261e79e4da5e6d325c76d9f33e"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 8822ea050b0b9290-FRA
expires: Sat, 11 May 2024 17:38:41 GMT

GET
H2 200 noimage.jpg
raovat49.com/img/ 8 KB
8 KB 360ms
360ms Image
image/jpeg 207.244.243.69
NL-811-40021

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raovat49.com/img/noimage.jpg

Requested by

Host: raovat49.com
URL: https://raovat49.com/s/an-toan-viet-5304457

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

be06c1b8199376db1040e89f3f0835df9cd17647a05513b8820e257db4fcb291

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/s/an-toan-viet-5304457
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
date: Sat, 11 May 2024 14:38:40 GMT
last-modified: Fri, 11 Dec 2020 19:54:20 GMT
server: Microsoft-IIS/10.0
etag: "1d6cff76a38df6f"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 8559

GET
H3 200 raovat49.com.1379964.js Show response
jsc.mgid.com/r/a/ 6 KB
3 KB 1563ms
1425ms Script
text/javascript 104.19.129.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/r/a/raovat49.com.1379964.js

Requested by

Host: raovat49.com
URL: https://raovat49.com/s/an-toan-viet-5304457

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ddfbe90fed854eca032e96453af0761073bd00c8cf330cece1e6893deea2873

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 11 May 2024 14:38:42 GMT
x-amz-version-id: v.5MX9bVMyq.i_PpSPFzJ5p.bgnon2zZ
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: VVK1AV9KK18NVDS9
cf-polished: origSize=6017
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Qv/9hTsIPjoKL4wDvzJBDrF+l3RxbJq7rb9GicjDs8DkRJN4GVyrWpDqAJHH+ZXEeLFkhb1HzNQ=
cf-bgj: minify
last-modified: Fri, 26 Apr 2024 11:07:10 GMT
server: cloudflare
etag: W/"64e199fc7ca78bf50a855d2fb1e969c5"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 8822ea050b0c9290-FRA
expires: Sat, 11 May 2024 17:38:42 GMT

GET 1185007
adhitzads.com/ 0
0

GET
H2 200 c2c_ad_image.jpg
raovat49.com/Themes/v1/assets/img/ 12 KB
12 KB 229ms
227ms Image
image/jpeg 207.244.243.69
NL-811-40021

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raovat49.com/Themes/v1/assets/img/c2c_ad_image.jpg?w=330

Requested by

Host: raovat49.com
URL: https://raovat49.com/s/an-toan-viet-5304457

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

275a0ec88d109d6f36bec793bcaae6490a0995e833d1c9c5aed09583b0cb9d64

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/s/an-toan-viet-5304457
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
date: Sat, 11 May 2024 14:38:41 GMT
last-modified: Sat, 22 Aug 2020 07:24:53 GMT
server: Microsoft-IIS/10.0
etag: "1d6785553f32185"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 12549

GET
H2 200 sweetalert2.min.js Show response
raovat49.com/Content/sweetalert2/ 39 KB
16 KB 212ms
212ms Script
application/javascript 207.244.243.69
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

https://raovat49.com/Content/sweetalert2/sweetalert2.min.js

Requested by

Host: raovat49.com
URL: https://raovat49.com/s/an-toan-viet-5304457

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

cbfdba94a6787f39b486dc6f729a5bb1281f72c49334e8088b9929dbe52ffb75

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/s/an-toan-viet-5304457
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
date: Sat, 11 May 2024 14:38:40 GMT
last-modified: Fri, 11 Dec 2020 19:54:12 GMT
server: Microsoft-IIS/10.0
etag: "1d6cff76574d62d"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes

GET
H2 200 sweetalert2.min.css
raovat49.com/Content/sweetalert2/ 29 KB
6 KB 206ms
206ms Stylesheet
text/css 207.244.243.69
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

https://raovat49.com/Content/sweetalert2/sweetalert2.min.css

Requested by

Host: raovat49.com
URL: https://raovat49.com/s/an-toan-viet-5304457

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

c3871ce363f25b8c1a57eed1f9dfd033d3e3617c0729393b275fc9713f0c032c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/s/an-toan-viet-5304457
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
date: Sat, 11 May 2024 14:38:41 GMT
last-modified: Fri, 11 Dec 2020 19:54:12 GMT
server: Microsoft-IIS/10.0
etag: "1d6cff76574380b"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes

GET
H2 200 bootstrap.min.js Show response
raovat49.com/Themes/v1/assets/bootstrap/js/ 36 KB
13 KB 226ms
216ms Script
application/javascript 207.244.243.69
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

https://raovat49.com/Themes/v1/assets/bootstrap/js/bootstrap.min.js

Requested by

Host: raovat49.com
URL: https://raovat49.com/s/an-toan-viet-5304457

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/s/an-toan-viet-5304457
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
date: Sat, 11 May 2024 14:38:41 GMT
last-modified: Fri, 11 Dec 2020 19:54:15 GMT
server: Microsoft-IIS/10.0
etag: "1d6cff7673e9d84"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 12955

GET
H2 200 jquery.matchHeight-min.js Show response
raovat49.com/Themes/v1/assets/js/ 3 KB
1 KB 216ms
206ms Script
application/javascript 207.244.243.69
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

https://raovat49.com/Themes/v1/assets/js/jquery.matchHeight-min.js

Requested by

Host: raovat49.com
URL: https://raovat49.com/s/an-toan-viet-5304457

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

469c03d376ea57e7f5ed6e2dd00c36451d8545e475a49e3ac82185286f149ec8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/s/an-toan-viet-5304457
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
date: Sat, 11 May 2024 14:38:41 GMT
last-modified: Fri, 11 Dec 2020 19:54:14 GMT
server: Microsoft-IIS/10.0
etag: "1d6cff766a57d1a"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1322

GET
H2 200 hideMaxListItem.js Show response
raovat49.com/Themes/v1/assets/js/ 2 KB
905 B 237ms
227ms Script
application/javascript 207.244.243.69
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

https://raovat49.com/Themes/v1/assets/js/hideMaxListItem.js

Requested by

Host: raovat49.com
URL: https://raovat49.com/s/an-toan-viet-5304457

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

2dd993e7b649718b52837352586cf5c8ed423d5b27bb795038631533e95e4af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/s/an-toan-viet-5304457
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
date: Sat, 11 May 2024 14:38:41 GMT
last-modified: Fri, 11 Dec 2020 19:54:14 GMT
server: Microsoft-IIS/10.0
etag: "1d6cff766a5714c"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 847

GET
H2 200 layer.js Show response
raovat49.com/plugins/layer/ 34 KB
13 KB 220ms
211ms Script
application/javascript 207.244.243.69
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

https://raovat49.com/plugins/layer/layer.js

Requested by

Host: raovat49.com
URL: https://raovat49.com/s/an-toan-viet-5304457

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

9324ebf02f4919cb6c9c54e216c5594b9ed2bf16abf770b17492d66a7bc36140

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/s/an-toan-viet-5304457
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
date: Sat, 11 May 2024 14:38:41 GMT
last-modified: Sat, 27 Aug 2022 06:33:35 GMT
server: Microsoft-IIS/10.0
etag: "1d8b9deeeef41bc"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 13426

GET
H2 200 cffunction.js Show response
raovat49.com/Content/ 24 KB
8 KB 231ms
222ms Script
application/javascript 207.244.243.69
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

https://raovat49.com/Content/cffunction.js?v=638510603204608463

Requested by

Host: raovat49.com
URL: https://raovat49.com/s/an-toan-viet-5304457

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

f0a0ca7e30ab6dfb777ab7acd971ef0a1bc89592130a4a80c94af5df97aa4962

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/s/an-toan-viet-5304457
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
date: Sat, 11 May 2024 14:38:41 GMT
last-modified: Sun, 18 Sep 2022 14:25:10 GMT
server: Microsoft-IIS/10.0
etag: "1d8cb6a7528f992"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 8349

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 284 KB
96 KB 385ms
134ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XY9GFQ0EKD

Requested by

Host: raovat49.com
URL: https://raovat49.com/s/an-toan-viet-5304457

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

392b4ecde2dc5e27839035ae7173191d023479610ceb1e2e5cf6efe62b5a656e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 11 May 2024 14:38:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98395
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 11 May 2024 14:38:41 GMT

GET
H3 200 jquery.lazy.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.9/ 5 KB
3 KB 140ms
71ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.9/jquery.lazy.min.js

Requested by

Host: raovat49.com
URL: https://raovat49.com/s/an-toan-viet-5304457

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecf4a6176a23634e19ed80b01b9c30bc7f9b754c55d4f3c220e46fbd3607a3b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 11 May 2024 14:38:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 322678
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2090
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-139e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=88aEYRJ0s06HawLDmtXFl0j35%2FvugbOnysHPGlWpI%2BDU86gHm1azDCHa%2BsW9nPyCDGa6RO4v2SmkLwXmfIni05JNW9ZifMKjF3hpPUC0Zh3qz76w1agEALXwK57rstFPrH%2FJN7hA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8822ea046cc2e3cf-TLV
expires: Thu, 01 May 2025 14:38:41 GMT

GET
H3 200 jquery.lazy.plugins.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.9/ 4 KB
2 KB 157ms
88ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.9/jquery.lazy.plugins.min.js

Requested by

Host: raovat49.com
URL: https://raovat49.com/s/an-toan-viet-5304457

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35ecbd48276f3dec75c9f9c8f9f638ad2aeb5b74c387a731cefade25466e9ffb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 11 May 2024 14:38:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 257591
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1296
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-113c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o%2FMM7ZeiMgbrf1twDFP5erEbQn4GlxUNxbHlN1n3m7uIU314tZu2rYOKWaFkOeg9E6q66atZAYwZre8EbRf0hbJFYC2n1TiSPk%2FZvOABYFvSkx9iUueSyAB2uInnkhOScm6bRMiF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8822ea046cc4e3cf-TLV
expires: Thu, 01 May 2025 14:38:41 GMT

GET
H2 200 jquery.bxslider.css
raovat49.com/Themes/v1/assets/plugins/bxslider/ 3 KB
1 KB 225ms
217ms Stylesheet
text/css 207.244.243.69
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

https://raovat49.com/Themes/v1/assets/plugins/bxslider/jquery.bxslider.css

Requested by

Host: raovat49.com
URL: https://raovat49.com/s/an-toan-viet-5304457

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

1251477cdf2883026b816ec85a39fb436e0a10e49ddb32e605e43c45c58c8e51

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/s/an-toan-viet-5304457
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
date: Sat, 11 May 2024 14:38:41 GMT
last-modified: Fri, 11 Dec 2020 19:54:15 GMT
server: Microsoft-IIS/10.0
etag: "1d6cff7673e077c"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 992

GET
H2 200 jquery.bxslider.min.js Show response
raovat49.com/Themes/v1/assets/plugins/bxslider/ 19 KB
6 KB 226ms
219ms Script
application/javascript 207.244.243.69
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

https://raovat49.com/Themes/v1/assets/plugins/bxslider/jquery.bxslider.min.js

Requested by

Host: raovat49.com
URL: https://raovat49.com/s/an-toan-viet-5304457

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/s/an-toan-viet-5304457
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
date: Sat, 11 May 2024 14:38:41 GMT
last-modified: Fri, 11 Dec 2020 19:54:15 GMT
server: Microsoft-IIS/10.0
etag: "1d6cff7673e461f"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 6506

GET
H2 200 fontello.css
raovat49.com/Themes/v1/assets/css/ 21 KB
4 KB 210ms
210ms Stylesheet
text/css 207.244.243.69
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

https://raovat49.com/Themes/v1/assets/css/fontello.css

Requested by

Host: raovat49.com
URL: https://raovat49.com/Themes/v1/assets/css/style.css?v=12052021

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

302cb8f9f9bfca19a556095a13a4f252cb28d681b563dfbe59ddead4f0d81ef1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/Themes/v1/assets/css/style.css?v=12052021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
date: Sat, 11 May 2024 14:38:40 GMT
last-modified: Fri, 11 Dec 2020 19:54:14 GMT
server: Microsoft-IIS/10.0
etag: "1d6cff766a52274"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 4231

GET
H2 200 fileinput.min.css
raovat49.com/Themes/v1/assets/css/ 2 KB
1 KB 212ms
212ms Stylesheet
text/css 207.244.243.69
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

https://raovat49.com/Themes/v1/assets/css/fileinput.min.css

Requested by

Host: raovat49.com
URL: https://raovat49.com/Themes/v1/assets/css/style.css?v=12052021

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

bf2b6a99a621afb4daa71438c81d20df647021a8856c82d31e97dbbeb3cd8dca

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/Themes/v1/assets/css/style.css?v=12052021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
date: Sat, 11 May 2024 14:38:40 GMT
last-modified: Fri, 11 Dec 2020 19:54:14 GMT
server: Microsoft-IIS/10.0
etag: "1d6cff766a57fcb"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1140

GET
H2 200 noimage.jpg
raovat49.com/img/ 8 KB
0 0ms
0ms Image
image/jpeg 207.244.243.69
NL-811-40021

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://raovat49.com/img/noimage.jpg
Requested by: Host: raovat49.com
URL: https://raovat49.com/s/an-toan-viet-5304457
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US),
Reverse DNS: vmi395580.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: be06c1b8199376db1040e89f3f0835df9cd17647a05513b8820e257db4fcb291

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/s/an-toan-viet-5304457
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 11 May 2024 14:38:40 GMT
last-modified: Fri, 11 Dec 2020 19:54:20 GMT
server: Microsoft-IIS/10.0
etag: "1d6cff76a38df6f"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 8559

GET
H2 200 c2c_ad_image.jpg
raovat49.com/Themes/v1/assets/img/ 12 KB
12 KB 217ms
217ms Image
image/jpeg 207.244.243.69
NL-811-40021

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raovat49.com/Themes/v1/assets/img/c2c_ad_image.jpg

Requested by

Host: raovat49.com
URL: https://raovat49.com/Themes/v1/assets/css/style.css?v=12052021

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

275a0ec88d109d6f36bec793bcaae6490a0995e833d1c9c5aed09583b0cb9d64

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/Themes/v1/assets/css/style.css?v=12052021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
date: Sat, 11 May 2024 14:38:41 GMT
last-modified: Sat, 22 Aug 2020 07:24:53 GMT
server: Microsoft-IIS/10.0
etag: "1d6785553f32185"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 12549

GET
H2 200 camera.svg
raovat49.com/Themes/v1/assets/img/ 2 KB
2 KB 218ms
218ms Image
image/svg+xml 207.244.243.69
NL-811-40021

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raovat49.com/Themes/v1/assets/img/camera.svg

Requested by

Host: raovat49.com
URL: https://raovat49.com/Themes/v1/assets/css/style.css?v=12052021

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

61656efe30c04dc51e8913c0a773cecbf30d32975c057abcb2678b3da49149e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/Themes/v1/assets/css/style.css?v=12052021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
date: Sat, 11 May 2024 14:38:41 GMT
last-modified: Fri, 21 Aug 2020 06:14:52 GMT
server: Microsoft-IIS/10.0
etag: "1d67782618b9edc"
x-powered-by: ASP.NET
content-type: image/svg+xml
accept-ranges: bytes
content-length: 2268

GET
H2 200 fontello03a0.woff
raovat49.com/Themes/v1/assets/fonts/fontello/ 58 KB
58 KB 225ms
225ms Font
application/font-woff 207.244.243.69
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

https://raovat49.com/Themes/v1/assets/fonts/fontello/fontello03a0.woff

Requested by

Host: raovat49.com
URL: https://raovat49.com/Themes/v1/assets/css/fontello.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

53aa8b90b07993a22709e908a884ff9f53976bfd1f32de290d136dadd45c49e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://raovat49.com/Themes/v1/assets/css/fontello.css
Origin: https://raovat49.com
Accept-Language: he-IL,he;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
date: Sat, 11 May 2024 14:38:41 GMT
last-modified: Fri, 11 Dec 2020 19:54:15 GMT
server: Microsoft-IIS/10.0
etag: "1d6cff7673ee5dc"
x-powered-by: ASP.NET
content-type: application/font-woff
accept-ranges: bytes
content-length: 59484

GET
H2 200 AGSKWxU_TF9FJzt42tsxK1QBRpbuqFPzDBGjDsCI2evbOpol3rrUNncQ5TORThPycr7KtgJaZAsgMtIR8I0Xkw6_uoyolMHiGKrvOwou7zb6w90lJLScvFAp3IhKgnuL6-PzTcjtdFI3_w== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 137ms
136ms Script
application/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU_TF9FJzt42tsxK1QBRpbuqFPzDBGjDsCI2evbOpol3rrUNncQ5TORThPycr7KtgJaZAsgMtIR8I0Xkw6_uoyolMHiGKrvOwou7zb6w90lJLScvFAp3IhKgnuL6-PzTcjtdFI3_w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE1NDM4MzIxLDgwMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9yYW92YXQ0OS5jb20vcy9hbi10b2FuLXZpZXQtNTMwNDQ1NyIsbnVsbCxbWzgsImFVZG1hSWpEM2pVIl0sWzksIml3Il0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.aUdmaIjD3jU.es5.O/am=BgM/d=1/rs=AJlcJMxGQRg8JFLcfzD2GhslQc8m_N5yAQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5076d0fc82f054a6324521aca1dcc14541a0bc668e1dff49bbf3639afa4f38d1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Izi0sjOpBhy1N13RQg-zow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 11 May 2024 14:38:41 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Izi0sjOpBhy1N13RQg-zow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw15BiOO90h-k6EBtoPGeyAGKJry-ZNIA45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUCc9O88axEId19grQLinYsvsB4E4lVHLrBuAuL2zxdYpwPxN_aLrP-AWIiH42Prv41sAjcmdSxiVtJIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDIxMDWw1DMwji8wAADf8UdE"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405020101/ 411 KB
139 KB 408ms
171ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405020101/show_ads_impl_fy2021.js?bust=31083473

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9837065932233532

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

655ce374d22a9521b8b0e15f2d192be8ac2f8c085772e601af42e46a51a5a07e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 11 May 2024 14:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142518
x-xss-protection: 0
server: cafe
etag: 14108128019074508277
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 May 2024 14:38:42 GMT

GET
H3 200 raovat49.com.1380009.es6.js Show response
jsc.mgid.com/r/a/ 321 KB
97 KB 1220ms
1099ms Script
text/javascript 104.19.129.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/r/a/raovat49.com.1380009.es6.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/a/raovat49.com.1380009.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

938dd087246bc8795ec6a6cc45121e6ce80bae8b85a46e7e5915f16328e21c1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://raovat49.com/
Origin: https://raovat49.com
Accept-Language: he-IL,he;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 11 May 2024 14:38:43 GMT
x-amz-version-id: izMcA.vGKtE6exqb8XbA3.KYyRr6e6Ju
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 6F34GP1FKFMG6SNE
cf-polished: origSize=328401
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ec0l452oHqknJTmjpqID3jGko6kiVGXA3J6TJmKH0+QsuY2MmTisiR+1kdLNaZbCFh1wS8Ga/6E=
cf-bgj: minify
last-modified: Fri, 26 Apr 2024 11:07:18 GMT
server: cloudflare
etag: W/"3f02d8229085cd6c8a8392e05b00e47d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 8822ea09bed68ec4-FRA
expires: Sat, 11 May 2024 17:38:43 GMT

GET
H3 200 raovat49.com.1380001.es6.js Show response
jsc.mgid.com/r/a/ 322 KB
97 KB 576ms
484ms Script
text/javascript 104.19.129.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/r/a/raovat49.com.1380001.es6.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/a/raovat49.com.1380001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4f7d2a46f2ec951a04acee7c72f5e9bd56548a702bcd87afafa272a2d15ea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://raovat49.com/
Origin: https://raovat49.com
Accept-Language: he-IL,he;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 11 May 2024 14:38:42 GMT
x-amz-version-id: srna9Wg1ZbxAzRuJtBQ8Mbvng0UboWCW
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 6F35E5YKYFFQ2FD7
cf-polished: origSize=329650
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: VfDbdzgSJ5JaF2kfjBIGwrt+GWnpVXpUcPlZGRDMWk6pAJH4GIbxdCnJQv83tLhazf4VnII2Lqw=
cf-bgj: minify
last-modified: Fri, 26 Apr 2024 11:07:17 GMT
server: cloudflare
etag: W/"34455e5f15558f3267df41c62bbb4ec4"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 8822ea09bed88ec4-FRA
expires: Sat, 11 May 2024 17:38:42 GMT

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240508/r20110914/ Frame E355 0
0 360ms
116ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240508/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405020101/show_ads_impl_fy2021.js?bust=31083473

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

age: 12921
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 May 2024 11:03:21 GMT
etag: 5035419970550746386
expires: Sat, 25 May 2024 11:03:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 3776 0
0 608ms
395ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9837065932233532&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1715438322&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fraovat49.com%2Fs%2Fan-toan-viet-5304457&pra=5&wgl=1&easpi=1&aihb=0&asro=0&saifgks=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1715438321817&bpp=6&bdt=1255&idt=685&shv=r20240508&mjsv=m202405020101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=2455669263800&frm=20&pv=2&ga_vid=2075155037.1715438323&ga_sid=1715438323&ga_hid=1423442708&ga_fc=0&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95329718%2C95329831%2C95331696%2C95331982%2C31083473%2C95330889%2C95331043%2C95331712%2C95332403%2C95332416&oid=2&pvsid=2650062599359414&tmod=1781486174&uas=0&nvt=1&fsapi=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=724

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405020101/show_ads_impl_fy2021.js?bust=31083473

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 5983
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 May 2024 14:38:43 GMT
expires: Sat, 11 May 2024 14:38:43 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 150ms
150ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=navbar%20navbar-site%20navbar-default&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: raovat49.com
URL: https://raovat49.com/s/an-toan-viet-5304457

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 May 2024 14:38:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 init Show response
fundingchoicesmessages.google.com/f/AGSKWxV8ldRE5fINp6PWrCup8mp0bUW0enK8L5d0WNeas9c-JpyTbrJS3ze6KnB_fhJk98w7kGjiA2-echbGcTCF7X1ACU-wOaMOEAhh9WugnuQXN-oHF5wGn5tvjiM4iWJtTAcgMzja80oiE-0b3ENbtErBng-hm... 54 B
110 B 136ms
135ms Script
application/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV8ldRE5fINp6PWrCup8mp0bUW0enK8L5d0WNeas9c-JpyTbrJS3ze6KnB_fhJk98w7kGjiA2-echbGcTCF7X1ACU-wOaMOEAhh9WugnuQXN-oHF5wGn5tvjiM4iWJtTAcgMzja80oiE-0b3ENbtErBng-hmpbA7w87K52pFpNsYSGkm3NZ4svbRx3t/_&ad_height=/ads300x250px./data/init?site_id=_images/ad_/adslug-

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.aUdmaIjD3jU.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxPg6XI_UYYhKFSc3Cq9Hpx-mcA9A/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e81f8a475678a5da8b63bd0e266a79996d95f7683b01591ea333807b3ab2cd34

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-qz0KX3MYokypcfrclkqeYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 11 May 2024 14:38:42 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-qz0KX3MYokypcfrclkqeYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmLw15BiOO90h-k6EBtoPGeyAGKJry-ZNIA45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUCc9O88axEId19grQLinYsvsB4E4lVHLrBuAuL2zxdYpwPxN_aLrP-AuMzxImsdEAvxcHxq_beRTeDDvEUrmJQ0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDEwNLPUMjOMLDABH0kqy"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 85 KB
30 KB 119ms
118ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87ef4be5f593f23f6a2c064185251923d9bc397cdfcb9eab38c0b4429d125bc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 11 May 2024 14:03:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30705
x-xss-protection: 0
server: cafe
etag: 11611672620318507410
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sat, 11 May 2024 15:03:21 GMT

POST
H3 204 AGSKWxXnEGMXTEYo991qJBaEMPxKlWbOHdIu-y8gT5U2_3PGUOuAXi9YTRzlYE35u1a7Old-V6BubjNwtfZOrpHTMn0BEPNLvNG5r0FE_5dvhLBbECGkyzS-hyQ-KhR_6Bd9ydlOW33S9w== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 361ms
127ms XHR
text/html 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXnEGMXTEYo991qJBaEMPxKlWbOHdIu-y8gT5U2_3PGUOuAXi9YTRzlYE35u1a7Old-V6BubjNwtfZOrpHTMn0BEPNLvNG5r0FE_5dvhLBbECGkyzS-hyQ-KhR_6Bd9ydlOW33S9w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kedFYFBFcXzkJlw8SDLzog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://raovat49.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 11 May 2024 14:38:42 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kedFYFBFcXzkJlw8SDLzog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw1JBicEqfwRoCxEI8HJ9a_21kE5hw-9NUZiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBqYKlnYB5fYAAA3QUjDA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://raovat49.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXnEGMXTEYo991qJBaEMPxKlWbOHdIu-y8gT5U2_3PGUOuAXi9YTRzlYE35u1a7Old-V6BubjNwtfZOrpHTMn0BEPNLvNG5r0FE_5dvhLBbECGkyzS-hyQ-KhR_6Bd9ydlOW33S9w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-S7V5nEDFnIWrLyIp4iAgww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://raovat49.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 11 May 2024 14:38:42 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-S7V5nEDFnIWrLyIp4iAgww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw15BicEqfwRoCxEI8HJ9a_21kE5jQuX0as5JLUn5hfHJ-XklqXoluYkqxLohdlJlUWpJfhMJOLQOpyMlPT8_MS483MjAyMTA1sNQzMI8vMAAAtAYifg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://raovat49.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXnEGMXTEYo991qJBaEMPxKlWbOHdIu-y8gT5U2_3PGUOuAXi9YTRzlYE35u1a7Old-V6BubjNwtfZOrpHTMn0BEPNLvNG5r0FE_5dvhLBbECGkyzS-hyQ-KhR_6Bd9ydlOW33S9w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tw2vlvlRRd7NDIXaPE4f1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://raovat49.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 11 May 2024 14:38:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-tw2vlvlRRd7NDIXaPE4f1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw05BicEqfwRoCxEI8HJ9a_21kEzjx7cg0ZiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBqYKlnYB5fYAAA6kUjNw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://raovat49.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXnEGMXTEYo991qJBaEMPxKlWbOHdIu-y8gT5U2_3PGUOuAXi9YTRzlYE35u1a7Old-V6BubjNwtfZOrpHTMn0BEPNLvNG5r0FE_5dvhLBbECGkyzS-hyQ-KhR_6Bd9ydlOW33S9w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-exf7jpzb2bGo3grfMjSwVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://raovat49.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 11 May 2024 14:38:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-exf7jpzb2bGo3grfMjSwVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmII1pBicEqfwRoCxEI8HJ9a_21kE5hwZN9sZiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBqYKlnYB5fYAAAzPsi0Q"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://raovat49.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUi1pTTnKovMemRPSpa47ASanbybZTfqszkaxu88hKzTHDHIfijwtHtIk9g7dpnIS3wspOnr-D4qCNKnqEoNDjfhWStuEjJ9uKIyIUxVhA3RclKViY4FQfu9dacd8yWasot9Avqbw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
1 KB 142ms
142ms Script
application/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUi1pTTnKovMemRPSpa47ASanbybZTfqszkaxu88hKzTHDHIfijwtHtIk9g7dpnIS3wspOnr-D4qCNKnqEoNDjfhWStuEjJ9uKIyIUxVhA3RclKViY4FQfu9dacd8yWasot9Avqbw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE1NDM4MzIyLDcwOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vcmFvdmF0NDkuY29tL3MvYW4tdG9hbi12aWV0LTUzMDQ0NTciLG51bGwsW1s4LCJhVWRtYUlqRDNqVSJdLFs5LCJpdyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

95987dfa9375cc402a57e0b147b3dfdc933bca4133b2f84fb19c5639eb03fff5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bDnhAL2WfmcuLjawXkC88w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 11 May 2024 14:38:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-bDnhAL2WfmcuLjawXkC88w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmJw0ZBiOHnrNtNFID7vdIfpOhAbaDxnsgBiia8vmTSAOOb5dNYUIHZKn8EaBMQ-9TNYY4C49eY51qlAnPTvPGsRCHdfYK0C4p2LL7AeBOJVRy6wbgLi9s8XWKcD8Tf2i6z_gFiIh-NT67-NbAIXzk79zqSkkZRfGJ-cn1dSlJlUWpJflJacllqcWlSWWhRvZGBkYmBqYKlnYBxfYAAAQSZM3g"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 raovat49.com.1379964.es6.js Show response
jsc.mgid.com/r/a/ 323 KB
97 KB 1103ms
1102ms Script
text/javascript 104.19.129.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/r/a/raovat49.com.1379964.es6.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/a/raovat49.com.1379964.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9e886ec6d175b6f2a5cdb6c2350b9667013b2082e8d50dff17c46923b266cc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://raovat49.com/
Origin: https://raovat49.com
Accept-Language: he-IL,he;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 11 May 2024 14:38:43 GMT
x-amz-version-id: 1hm4uvSLnD7vf9e6BHnHEOx4mlz9FPhL
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 6F3EAQR16M2QEA96
cf-polished: origSize=331232
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: kaTmsKnsa52AFt00ziYdCU7KEG9/bKLmEmVk3TtBWE4YwX956N7QEgRel7iARhdBwRblfpKlOWEjkjszeo8tFtkOofg3C/DNDeQp6/3QBvc=
cf-bgj: minify
last-modified: Fri, 26 Apr 2024 11:07:10 GMT
server: cloudflare
etag: W/"fb9ec66a5c426dc202c8954499368530"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 8822ea0dfd678ec4-FRA
expires: Sat, 11 May 2024 17:38:43 GMT

GET
H3 200 AGSKWxXq8l0c5J6nb1ZnTBcjrm2BOt54C4dYlbz5lpW9OtI84_dnbeIolWMkQU9_OSCl7FPlzfN_ITvwoUQ3qeKzljm6qMcJlQ9duKmagP3_-yxltROlqR-bEpCHs22ZF6Ul6gFXi0f6wA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 150ms
148ms Script
application/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXq8l0c5J6nb1ZnTBcjrm2BOt54C4dYlbz5lpW9OtI84_dnbeIolWMkQU9_OSCl7FPlzfN_ITvwoUQ3qeKzljm6qMcJlQ9duKmagP3_-yxltROlqR-bEpCHs22ZF6Ul6gFXi0f6wA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE1NDM4MzIyLDg2ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9yYW92YXQ0OS5jb20vcy9hbi10b2FuLXZpZXQtNTMwNDQ1NyIsbnVsbCxbWzgsImFVZG1hSWpEM2pVIl0sWzksIml3Il0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4408bdf95acbffcb8976318da20c9fd6b6029c637d9feb6f55c3e9ff60ad365c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-716tUxs8CBRRznIQtQFmMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 11 May 2024 14:38:42 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-716tUxs8CBRRznIQtQFmMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw05BiOO90h-k6EBtoPGeyAGKJry-ZNIA45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUCc9O88axEId19grQLinYsvsB4E4lVHLrBuAuL2zxdYpwPxd_aLrP-BWIiH41Prv41sAhNu7jzCrKSRlF8Yn5yfV1KUmVRakl-UlpyWWpxaVJZaFG9kYGRiYGpgqWdgHF9gAADt_UeY"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK d6c9f39b-d381-4130-826d-e337e8cc6196
https://raovat49.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://raovat49.com/d6c9f39b-d381-4130-826d-e337e8cc6196
Requested by: Host: raovat49.com
URL: https://raovat49.com/s/an-toan-viet-5304457
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK e631f35c-a373-4e5f-86ce-7adfd3a00dc1
https://raovat49.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://raovat49.com/e631f35c-a373-4e5f-86ce-7adfd3a00dc1
Requested by: Host: raovat49.com
URL: https://raovat49.com/s/an-toan-viet-5304457
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
BLOB 206
Partial Content c1a6fb61-f0d4-4f64-ae2e-d1d3d7314c30
https://raovat49.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://raovat49.com/c1a6fb61-f0d4-4f64-ae2e-d1d3d7314c30
Requested by: Host: raovat49.com
URL: https://raovat49.com/s/an-toan-viet-5304457
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: he-IL,he;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H3 200 /
c.mgid.com/pv/ 43 B
188 B 143ms
134ms Image
image/gif 104.19.129.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.mgid.com/pv/?lu=https%3A%2F%2Fraovat49.com%2Fs%2Fan-toan-viet-5304457&cbuster=1715438323009337903786&pvid=18f68178541b0d1020e&implVersion=11&cxurl=https%3A%2F%2Fraovat49.com%2Fs%2Fan-toan-viet-5304457&site=290563&i=1&scum=%3F0&scuw=%3F0

Requested by

Host: raovat49.com
URL: https://raovat49.com/s/an-toan-viet-5304457

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 11 May 2024 14:38:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 8822ea0f3ef99290-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43

POST
H3 204 AGSKWxUnpBfnsgeVyfnKsWbNHe7_Gxl4B41wJbji0trf0rbazCKjiF6-LfxSlDc5Jvc1JDb2DlPhl-Zj0HSKlX2LaDGP7Y3zFuuhD1FTDEOt4-Kq9Gj0qnbrbevCB_eJK0bLKn_plBYGig== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 137ms
136ms XHR
text/html 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUnpBfnsgeVyfnKsWbNHe7_Gxl4B41wJbji0trf0rbazCKjiF6-LfxSlDc5Jvc1JDb2DlPhl-Zj0HSKlX2LaDGP7Y3zFuuhD1FTDEOt4-Kq9Gj0qnbrbevCB_eJK0bLKn_plBYGig==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iNtKjjutbkEb8Ie8BNJMlA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://raovat49.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 11 May 2024 14:38:43 GMT
content-security-policy: script-src 'report-sample' 'nonce-iNtKjjutbkEb8Ie8BNJMlA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw0JBicEqfwRoCxELcHJ9b_21kE1gw64SekktSfmF8cn5eSWpeiW5iSrEuiF2UmVRakl-Ewk4tA6nIyU9Pz8xLjzcyMDIxMDWw1DMwjy8wAACbnyJG"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://raovat49.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 steepto_logo_mini_45.png
cdn.steepto.com/images/steepto/ 3 KB
3 KB 403ms
144ms Image
image/png 104.19.128.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.steepto.com/images/steepto/steepto_logo_mini_45.png
Requested by: Host: raovat49.com
URL: https://raovat49.com/s/an-toan-viet-5304457
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.128.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a25a570158e49fe829d9c77d2e0400d0c822ef464d40f55eba7ef71b98f98745

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 11 May 2024 14:38:43 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: W0V21XRQJGCSHTKP
age: 3768
content-length: 2745
x-amz-id-2: IrJdZpDECmgrsz206e5snrbS5bmDOP+9d8GygfujWoFU4VI7G8Yq2YK32hfNo5qdEKcMYCHbYRqA14dJMMcmkNnDa6tXoZmKMmmQ9y43C0U=
last-modified: Mon, 04 May 2020 12:16:55 GMT
server: cloudflare
etag: "7e16c555b09abddb8088e5bfca7a1cde"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8822ea110b4f30d5-FRA
expires: Sat, 11 May 2024 18:38:43 GMT

GET
H3 200 1 Show response
servicer.mgid.com/1380001/ 4 KB
2 KB 171ms
162ms Script
application/x-javascript 104.19.129.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicer.mgid.com/1380001/1?tcfV2=1&w=678&h=240&sz=163x205&szp=1,2,3,4&szl=1,2,3,4&cols=4&sessionId=663f82f3-17610&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fraovat49.com%2Fs%2Fan-toan-viet-5304457&cbuster=1715438323116751729081&pvid=18f68178541b0d1020e&implVersion=11&cxurl=https%3A%2F%2Fraovat49.com%2Fs%2Fan-toan-viet-5304457&scum=%3F0&scuw=%3F0&mp4=1&ap=1&consentStrLen=0&niet=4g&nisd=false&pv=5&lct=1714089600&jsv=es6&pageView=1&dpr=1&ref=&hashCommit=281c8ff2&tfre=2550

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/a/raovat49.com.1380001.es6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c69e3e1a1edcd7a3266a88f745598dbcb953142418f9d544e16bcc5e690f9259

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: he-IL,he;q=0.9;q=0.9
Referer: https://raovat49.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 11 May 2024 14:38:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 8822ea0fef849290-FRA
alt-svc: h3=":443"; ma=86400

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXnEGMXTEYo991qJBaEMPxKlWbOHdIu-y8gT5U2_3PGUOuAXi9YTRzlYE35u1a7Old-V6BubjNwtfZOrpHTMn0BEPNLvNG5r0FE_5dvhLBbECGkyzS-hyQ-KhR_6Bd9ydlOW33S9w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-BkgcWKLsAW7BlP3-5LfaJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://raovat49.com/
Accept-Language: he-IL,he;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 11 May 2024 14:38:43 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-BkgcWKLsAW7BlP3-5LfaJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw15BicEqfwRoCxELcHJ9b_21kE3hw-E6tkktSfmF8cn5eSWpeiW5iSrEuiF2UmVRakl-Ewk4tA6nIyU9Pz8xLjzcyMDIxMDWw1DMwjy8wAADU-iMR"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://raovat49.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ca-pub-9837065932233532 Show response
fundingchoicesmessages.google.com/i/ 182 KB
60 KB 157ms
156ms Script
application/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-9837065932233532?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405020101/show_ads_impl_fy2021.js?bust=31083473

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS