nhadatgroup.forumvi.com Open in urlscan Pro
94.23.76.111  Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

• https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1851831191&t=pageview&_s=1&dl=https%3A%2F%2Fnhadatgroup.forumvi.com%2Ft304-topic&ul=en-us&de=UTF-8&dt=Novaland%20khai%20tr%C6%B0%C6%A1ng%20trung%20t%C3%A2m%20b%E1%BA%A5t%20%C4%91%E1%BB%99ng%20s%E1%BA%A3n%20%C4%90%E1%BB%93ng%20Nai&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1640279182&gjid=1578159011&cid=1656532652.1570960467&tid=UA-144347007-1&_gid=1088339134.1570960467&_r=1&gtm=2oua21&z=86272986 HTTP 302
• https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-144347007-1&cid=1656532652.1570960467&jid=1640279182&_gid=1088339134.1570960467&gjid=1578159011&_v=j79&z=86272986 HTTP 302
• https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144347007-1&cid=1656532652.1570960467&jid=1640279182&_v=j79&z=86272986 HTTP 302
• https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144347007-1&cid=1656532652.1570960467&jid=1640279182&_v=j79&z=86272986&slf_rd=1&random=499182100

Request Chain 57

• https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1570960467665&ns_c=UTF-8&cv=3.1&c8=Novaland%20khai%20tr%C6%B0%C6%A1ng%20trung%20t%C3%A2m%20b%E1%BA%A5t%20%C4%91%E1%BB%99ng%20s%E1%BA%A3n%20%C4%90%E1%BB%93ng%20Nai&c7=https%3A%2F%2Fnhadatgroup.forumvi.com%2Ft304-topic&c9= HTTP 302
• https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1570960467665&ns_c=UTF-8&cv=3.1&c8=Novaland%20khai%20tr%C6%B0%C6%A1ng%20trung%20t%C3%A2m%20b%E1%BA%A5t%20%C4%91%E1%BB%99ng%20s%E1%BA%A3n%20%C4%90%E1%BB%93ng%20Nai&c7=https%3A%2F%2Fnhadatgroup.forumvi.com%2Ft304-topic&c9=

Request Chain 79

• https://hal900021.redintelligence.net/request.php?zone=dap2i2xhbauc&nw=20&renderingType=javascript&namespace=32f5b48df2&subid=&uid=9697b6bf581ff703&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3749587579501394259%26mt_id%3D6622478%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3D6a025da2-f453-4b01-b088-9058f26face9%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F584ced0c-4df6-486a-b9cd-b3e23cd14dae%2F%26redirect%3D&documentReferer=https%3A%2F%2Fnhadatgroup.forumvi.com%2Ft304-topic&ancestorOrigins=https%3A%2F%2Fnhadatgroup.forumvi.com&random=3160627369156&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
• https://hal900021.redintelligence.net/request.php?zone=dap2i2xhbauc&nw=20&renderingType=javascript&namespace=32f5b48df2&subid=&uid=9697b6bf581ff703&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3749587579501394259%26mt_id%3D6622478%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3D6a025da2-f453-4b01-b088-9058f26face9%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F584ced0c-4df6-486a-b9cd-b3e23cd14dae%2F%26redirect%3D&documentReferer=https%3A%2F%2Fnhadatgroup.forumvi.com%2Ft304-topic&ancestorOrigins=https%3A%2F%2Fnhadatgroup.forumvi.com&random=3160627369156&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 81

• https://ad.zanox.com/tpv/?45749447C1551011213&zpar0=28825200057373900951453011015021&ULP= HTTP 302
• https://banner.congstar.de/cookie/?zxid=45749447C1551011213SV1yq54528558081963145753821036595257yb5yb7T2618401966195945473&zUserID=992431

Request Chain 82

• https://www.awin1.com/cshow.php?s=2329635&v=16160&q=356171&r=296283&pref1=28825200057373900951453011015021&pv=1 HTTP 302
• https://www.zenaps.com/cshow.php?pvr=72060190-ed9f-11e9-b5a3-692d033fc04e&v=16160&r=296283&q=356171&s=2329635&viewref=28825200057373900951453011015021&pv=1

Request Chain 84

• https://www.lduhtrp.net/image-3355671-13729876?SID=28825200057373900951453011015021 HTTP 302
• https://cj.dotomi.com/nc117h48BP/z5A/482/OQUPWVUT/QQSSTUO/N/N/N/N/N?c=xTJE%3D39936311168484A11A62564122126132%3c%3ciuuqt%3A%2F%2Fxxx.meviusq.ofu%3A91%2Fjnbhf-4466782-2483A987%3c%3cH%3ciuuqt%3A%2F%2Foibebuhspvq.gpsvnwj.dpn%2Fu415-upqjd%3c%3c2%3c2%3c1%3c1%3c HTTP 302
• https://www.emjcd.com/nh65g047N/v16/04z/KMQLSRQP/MMOOPQK/J/LJJKJMMJKRNSRQQSJJ:yxkExl9kUHFe/J/J/J?j=ueUP%3DEKKEHECCCHJFJFLCCLHDGHFCDDCDHCED%3c%3ct5514%3A%2F%2F888.xp6t531.zq5%3AKC%2Fuymsq-FFHHIJD-DFJELKJI%3c%3cS%3ct5514%3A%2F%2Fztmpm5s3061.r036y7u.o0y%2F5FCG-501uo%3cmqrrnrHD-rICq-GDCI-Lrom-rLFCIrrprmEJ%3cD%3cD%3cC%3cC%3c HTTP 302
• https://www.yceml.net/0084/13729876-1558620412167

Request Chain 95

• https://api.viglink.com/api/sync.js?key=9019de09e2fbd24ca1be00a9fededd9e HTTP 302
• https://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js

Request Chain 96

• https://api.viglink.com/api/sync.gif?key=9019de09e2fbd24ca1be00a9fededd9e HTTP 302
• https://ce.lijit.com/merge?pid=8008&3pid=d64f8b61a7b80bed9aceab6f8905c4f4

Request Chain 107

• https://www.awin1.com/cshow.php?s=2457330&v=14265&q=370223&r=296283&pref1=24430100057379100951457011015021&pv=1 HTTP 302
• https://cdn-network.medialead.eu/trck/htlp/htlp.html?campaign_id=14&utm_source=affiliate&publisher_id=14265_296283_1570960470_73587230-ed9f-11e9-9e84-692d05b6e871&ad_type=2457330&ad_number=2457330

123 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request t304-topic Show response nhadatgroup.forumvi.com/	93 KB 28 KB	316ms 259ms	Document text/html	94.23.76.111 OVH
General Check archive.org Show headers Download Go to Full URL https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 94.23.76.111 , Portugal, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash f5b1829ce1d6501ba56bf75c2ccc18280e9ba19f52073e02ad10b3927d1fb670 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests X-Content-Type-Options nosniff X-Xss-Protection 0; mode=block Request headers :method GET :authority nhadatgroup.forumvi.com :scheme https :path /t304-topic pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-mode navigate sec-fetch-user ?1 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site none accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Response headers status 200 date Sun, 13 Oct 2019 09:54:27 GMT content-type text/html; charset=utf-8 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" cache-control no-cache pragma no-cache expires Sun, 13 Oct 2019 00:00:00 GMT last-modified Sun, 13 Oct 2019 09:54:27 GMT vary User-Agent set-cookie exadd=157097; expires=Sun, 13-Oct-2019 13:54:27 GMT; Max-Age=14400 content-security-policy upgrade-insecure-requests x-content-type-options nosniff x-xss-protection 0; mode=block access-control-allow-origin * x-cache-ne MISS content-encoding gzip
GET H2	200	0-ltr.css nhadatgroup.forumvi.com/	152 KB 55 KB	144ms 142ms	Stylesheet text/css	94.23.76.111 OVH
General Check archive.org Show headers Download Go to Full URL https://nhadatgroup.forumvi.com/0-ltr.css Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 94.23.76.111 , Portugal, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash 50f4cc5e9450d9957afe7ab56c4692840dc2c840f85e00d6c5ee33bd58c07e0b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT content-encoding gzip x-content-type-options nosniff last-modified Sun, 13 Oct 2019 00:00:00 GMT status 200 vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control max-age=315360000 x-cache-ne EXPIRED content-length 56281 x-xss-protection 1; mode=block expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.7.2/	93 KB 33 KB	7ms 5ms	Script text/javascript	2a00:1450:4001:81a::200a Google LLC
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 11 Oct 2019 00:09:57 GMT content-encoding gzip x-content-type-options nosniff age 207870 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 33845 x-xss-protection 0 last-modified Tue, 20 Dec 2016 18:17:03 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 10 Oct 2020 00:09:57 GMT
GET H2	200	vi.js Show response illiweb.com/rs3/52/frm/lang/	70 KB 16 KB	53ms 16ms	Script application/x-javascript	2606:4700:e2::ac40:8a18 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://illiweb.com/rs3/52/frm/lang/vi.js Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash a4542c5ce6094ffbc5d0f25ce86fa947d99391476498220916fe8823125b27fc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 330404 cf-polished origSize=71234 status 200 x-xss-protection 1; mode=block x-cache-ne EXPIRED last-modified Mon, 30 Sep 2019 15:28:01 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * expires Mon, 12 Oct 2020 09:54:27 GMT cache-control public, max-age=31536000 x-cache-pr EXPIRED cf-ray 52506ea87d2cc277-FRA cf-bgj minify
GET H2	200	invision.js Show response illiweb.com/rs3/52/frm/	2 KB 658 B	51ms 15ms	Script application/x-javascript	2606:4700:e2::ac40:8a18 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://illiweb.com/rs3/52/frm/invision.js Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash c1b0a91fd6eb5029cabacc3c14c13144f97a64d3b261082bd78bd95c71a86d49 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 337158 status 200 cf-bgj minify x-xss-protection 1; mode=block x-cache-ne MISS last-modified Tue, 27 Aug 2019 14:00:10 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-cache-pr MISS cf-ray 52506ea87d33c277-FRA expires Mon, 12 Oct 2020 09:54:27 GMT
GET H2	200	publishertag.js Show response static.criteo.net/js/ld/	86 KB 27 KB	66ms 30ms	Script text/javascript	178.250.0.130 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.js Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 34c0194deac635fd02a300e11745a72d36b67bddefe58e02de53f5ffd2f70381 Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT content-encoding gzip last-modified Thu, 10 Oct 2019 07:51:03 GMT server nginx etag W/"5d9ee2e7-159ee" status 200 content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public timing-allow-origin * expires Mon, 14 Oct 2019 09:54:27 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	70 KB 27 KB	18ms 17ms	Script application/javascript	2a00:1450:4001:814::2008 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-144347007-1 Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Google Tag Manager / Resource Hash 34dc3d11941b51dba0b095569b926c027d2bbacc216d1fb8c07e0aaf745a3ba8 Security Headers Name Value X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT content-encoding br last-modified Sun, 13 Oct 2019 09:00:00 GMT server Google Tag Manager access-control-allow-headers Cache-Control status 200 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin http://www.googletagmanager.com cache-control private, max-age=900 access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 27316 x-xss-protection 0 expires Sun, 13 Oct 2019 09:54:27 GMT
GET H2	200	jquery.cookie.js Show response illiweb.com/rs3/52/frm/jquery/cookie/	1011 B 885 B	48ms 13ms	Script application/x-javascript	2606:4700:e2::ac40:8a18 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://illiweb.com/rs3/52/frm/jquery/cookie/jquery.cookie.js Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 337174 status 200 cf-bgj minify x-xss-protection 1; mode=block x-cache-ne MISS last-modified Tue, 27 Aug 2019 14:00:14 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-cache-pr MISS cf-ray 52506ea87d36c277-FRA expires Mon, 12 Oct 2020 09:54:27 GMT
GET H2	200	FAToolbar.js Show response illiweb.com/rs3/52/frm/jquery/toolbar/	23 KB 5 KB	50ms 15ms	Script application/x-javascript	2606:4700:e2::ac40:8a18 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://illiweb.com/rs3/52/frm/jquery/toolbar/FAToolbar.js Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 53b50d936fbd0379b43181e53561a665a21e6ea1d1fd50a08b8eeaa0fee06906 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 337172 status 200 cf-bgj minify x-xss-protection 1; mode=block x-cache-ne MISS last-modified Tue, 27 Aug 2019 14:00:14 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-cache-pr MISS cf-ray 52506ea87d39c277-FRA expires Mon, 12 Oct 2020 09:54:27 GMT
GET H2	200	api.js Show response www.google.com/recaptcha/	729 B 557 B	19ms 18ms	Script text/javascript	2a00:1450:4001:81c::2004 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software GSE / Resource Hash ac2feca4963ef256b5de3dc7f92cd215fe0c5aeb9b77c9326470fdbb52b66579 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 status 200 cache-control private, max-age=300 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 465 x-xss-protection 1; mode=block expires Sun, 13 Oct 2019 09:54:27 GMT
GET H2	404	logo.png illiweb.com/fa/invision/en/	43 B 108 B	56ms 21ms	Image image/gif	2606:4700:e2::ac40:8a18 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://illiweb.com/fa/invision/en/logo.png Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT x-content-type-options nosniff cf-cache-status HIT server cloudflare age 9 status 404 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 52506ea87d3ac277-FRA content-length 43 x-xss-protection 1; mode=block expires Mon, 12 Oct 2020 09:54:27 GMT
GET H2	200	empty.gif illiweb.com/fa/	42 B 162 B	48ms 13ms	Image image/gif	2606:4700:e2::ac40:8a18 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://illiweb.com/fa/empty.gif Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT x-content-type-options nosniff cf-cache-status HIT age 20337128 status 200 content-length 42 x-xss-protection 1; mode=block last-modified Sat, 01 Jan 2005 00:00:00 GMT server cloudflare etag "41d5e800-2a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 52506ea87d3cc277-FRA expires Mon, 12 Oct 2020 09:54:27 GMT
GET H2	200	icon_mini_search.gif illiweb.com/fa/	238 B 322 B	13ms 13ms	Image image/gif	2606:4700:e2::ac40:8a18 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://illiweb.com/fa/icon_mini_search.gif Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 605183a8594eb65a3db95a7735ad7adac28b7b9814a70334837fe630bdd8d5f4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT x-content-type-options nosniff cf-cache-status HIT age 20295972 status 200 content-length 238 x-xss-protection 1; mode=block last-modified Sat, 01 Jan 2005 00:00:00 GMT server cloudflare etag "41d5e800-ee" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 52506ea8bdf9c277-FRA expires Mon, 12 Oct 2020 09:54:27 GMT
GET H2	200	jquery.marquee.min.js Show response illiweb.com/rs3/52/frm/jquery/marquee/	4 KB 2 KB	11ms 11ms	Script application/x-javascript	2606:4700:e2::ac40:8a18 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://illiweb.com/rs3/52/frm/jquery/marquee/jquery.marquee.min.js Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash dfbed761248e93343233a74b2cd5b0457d0efc8fde33faa7516625d38d8e06e6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 337171 status 200 x-xss-protection 1; mode=block x-cache-ne HIT last-modified Tue, 27 Aug 2019 14:00:14 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-cache-pr HIT cf-ray 52506ea88d87c277-FRA expires Mon, 12 Oct 2020 09:54:27 GMT
GET H2	200	icon_calendar2.gif illiweb.com/fa/prosilver_grey/	217 B 324 B	11ms 11ms	Image image/gif	2606:4700:e2::ac40:8a18 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://illiweb.com/fa/prosilver_grey/icon_calendar2.gif Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 2cbe6ddbabf28f61101c413c1956a045966b327fc9762d4379d6ad927baeceff Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT x-content-type-options nosniff cf-cache-status HIT age 21433813 status 200 content-length 217 x-xss-protection 1; mode=block last-modified Mon, 16 May 2016 11:00:39 GMT server cloudflare etag "5739a857-d9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 52506ea8ce3dc277-FRA expires Mon, 12 Oct 2020 09:54:27 GMT
GET H2	200	responsiveslides.css illiweb.com/rs3/52/frm/slideshow/	1 KB 486 B	13ms 13ms	Stylesheet text/css	2606:4700:e2::ac40:8a18 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://illiweb.com/rs3/52/frm/slideshow/responsiveslides.css Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash b17189403aaded3404f4c0d4c31a83f6906fecdbd5f678cb9c60432526f7a76b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 337141 cf-polished origSize=1149 status 200 x-xss-protection 1; mode=block x-cache-ne HIT last-modified Tue, 27 Aug 2019 14:00:11 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css;charset=UTF-8 access-control-allow-origin * expires Mon, 12 Oct 2020 09:54:27 GMT cache-control public, max-age=31536000 x-cache-pr HIT cf-ray 52506ea89db1c277-FRA cf-bgj minify
GET H2	200	responsiveslides.min.js Show response illiweb.com/rs3/52/frm/slideshow/	3 KB 1 KB	11ms 11ms	Script application/x-javascript	2606:4700:e2::ac40:8a18 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://illiweb.com/rs3/52/frm/slideshow/responsiveslides.min.js Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash dcd266ce2192e453df328f2a44e80ae67266ca84d4ac46c7876f270297ab6726 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 337141 status 200 x-xss-protection 1; mode=block x-cache-ne EXPIRED last-modified Tue, 27 Aug 2019 14:00:11 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-cache-pr EXPIRED cf-ray 52506ea89dbfc277-FRA expires Mon, 12 Oct 2020 09:54:27 GMT
GET H2	200	bar_left.gif illiweb.com/fa/invision/	159 B 244 B	13ms 13ms	Image image/gif	2606:4700:e2::ac40:8a18 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://illiweb.com/fa/invision/bar_left.gif Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 3e333b0e687955c2137249d6d89f948a372a5f17514cc747e5be8cb158f8764d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT x-content-type-options nosniff cf-cache-status HIT age 21198557 status 200 content-length 159 x-xss-protection 1; mode=block last-modified Sat, 01 Jan 2005 00:00:00 GMT server cloudflare etag "41d5e800-9f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 52506ea8de92c277-FRA expires Mon, 12 Oct 2020 09:54:27 GMT
GET H2	200	bar.gif illiweb.com/fa/invision/	50 B 134 B	10ms 10ms	Image image/gif	2606:4700:e2::ac40:8a18 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://illiweb.com/fa/invision/bar.gif Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 4fd648e423ad2aeb039e98d4d1a69a268af8a6af2a84503e4a7e77409a2e8360 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT x-content-type-options nosniff cf-cache-status HIT age 20229803 status 200 content-length 50 x-xss-protection 1; mode=block last-modified Sat, 01 Jan 2005 00:00:00 GMT server cloudflare etag "41d5e800-32" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 52506ea8eee6c277-FRA expires Mon, 12 Oct 2020 09:54:27 GMT
GET H2	200	bar_right.gif illiweb.com/fa/invision/	168 B 255 B	11ms 11ms	Image image/gif	2606:4700:e2::ac40:8a18 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://illiweb.com/fa/invision/bar_right.gif Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 253956a93598ad8b1cb4d2b6ceeb36625844057ca092d91a10af157b6cc31092 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT x-content-type-options nosniff cf-cache-status HIT age 20846763 status 200 content-length 168 x-xss-protection 1; mode=block last-modified Sat, 01 Jan 2005 00:00:00 GMT server cloudflare etag "41d5e800-a8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 52506ea8ff10c277-FRA expires Mon, 12 Oct 2020 09:54:27 GMT
GET H2	200	user-online.png illiweb.com/fa/invision/	609 B 729 B	11ms 11ms	Image image/png	2606:4700:e2::ac40:8a18 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://illiweb.com/fa/invision/user-online.png Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 3ca2f4b131f99a80fd158f2782bb8974383f06f1e32f64d23c0e7a39598dda50 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT x-content-type-options nosniff cf-cache-status HIT age 19020211 status 200 content-length 609 x-xss-protection 1; mode=block last-modified Mon, 16 May 2016 10:59:28 GMT server cloudflare etag "5739a810-261" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 52506ea90f3ac277-FRA expires Mon, 12 Oct 2020 09:54:27 GMT
GET H2	200	pp-blank-thumb.png illiweb.com/fa/invision/	9 KB 10 KB	12ms 12ms	Image image/png	2606:4700:e2::ac40:8a18 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://illiweb.com/fa/invision/pp-blank-thumb.png Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 96ecd9f62a332fa2e57b75b308c1a6756d3e549c4d4dcdd0761af12431df59db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT x-content-type-options nosniff cf-cache-status HIT age 20187422 status 200 content-length 9554 x-xss-protection 1; mode=block last-modified Mon, 16 May 2016 10:59:31 GMT server cloudflare etag "5739a813-2552" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 52506ea90f58c277-FRA expires Mon, 12 Oct 2020 09:54:27 GMT
GET H2	200	icon_contact_www.gif illiweb.com/fa/prosilver_grey/	347 B 589 B	11ms 11ms	Image image/gif	2606:4700:e2::ac40:8a18 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://illiweb.com/fa/prosilver_grey/icon_contact_www.gif Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash cb9d367d0adc97de9866d5b253c607b4498c5a7388af27209b33323e40683464 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT x-content-type-options nosniff cf-cache-status HIT age 20587501 status 200 content-length 347 x-xss-protection 1; mode=block last-modified Sat, 01 Jan 2005 00:00:00 GMT server cloudflare etag "41d5e800-15b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 52506ea91f78c277-FRA expires Mon, 12 Oct 2020 09:54:27 GMT
GET H2	200	Nghi%20thuc%20cat%20bang%20khanh%20thanh%20Le%20khai%20truong%20Trung%20tam%20BDS%20Novaland%20tai%20du%20an%20Aqua%20CIty%2C%20Dong%20Nai.JPG media1-reatimes.cdn.vccloud.vn/upload/RNyNCf85pvmMArDPs0HPdw/files/2019/10/1210/	113 KB 114 KB	996ms 195ms	Image image/webp	42.112.37.34 FPT-AS-AP The Cor...
General Check archive.org Show headers Download Go to Show image Full URL https://media1-reatimes.cdn.vccloud.vn/upload/RNyNCf85pvmMArDPs0HPdw/files/2019/10/1210/Nghi%20thuc%20cat%20bang%20khanh%20thanh%20Le%20khai%20truong%20Trung%20tam%20BDS%20Novaland%20tai%20du%20an%20Aqua%20CIty%2C%20Dong%20Nai.JPG Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 42.112.37.34 , Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN), Reverse DNS Software VCCloud CDN / 153 / Resource Hash ad9cadd541ad89eb0e5abd38a41b9ff3fdae0ed00f44449c3e7d47a9b0d3c566 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:28 GMT x-content-type-options nosniff x-original-content-length 328332 x-cache HIT from VCCloud CDN status 200 vary User-Agent,Save-Data content-length 115904 x-xss-protection 1; mode=block server VCCloud CDN / 153 etag W/"PSA-aj-ZEqOrOddOO" strict-transport-security max-age=31536000; includeSubdomains; preload access-control-allow-methods GET, HEAD, POST, OPTIONS content-type image/webp access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * access-control-allow-headers Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
GET H2	200	p_up_en.gif illiweb.com/fa/invision/	570 B 691 B	14ms 14ms	Image image/gif	2606:4700:e2::ac40:8a18 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://illiweb.com/fa/invision/p_up_en.gif Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 4b8cb40b4e9d6238f7a15669c8a73e456a63a29d9385a9d4b82f3aff1e202bcd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT x-content-type-options nosniff cf-cache-status HIT age 20587407 status 200 content-length 570 x-xss-protection 1; mode=block last-modified Sat, 01 Jan 2005 00:00:00 GMT server cloudflare etag "41d5e800-23a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 52506ea92fc0c277-FRA expires Mon, 12 Oct 2020 09:54:27 GMT
GET H2	200	addthis_widget.js Show response s7.addthis.com/js/300/	349 KB 113 KB	32ms 18ms	Script application/javascript	2.21.36.164 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://s7.addthis.com/js/300/addthis_widget.js Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-21-36-164.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash a95ebbca9b2c9a1cbd25f9b5070862c532bf98170e12f9d53b0212e2569622c2 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip last-modified Thu, 10 Oct 2019 17:01:35 GMT server nginx/1.15.8 etag "5d9f63ef-573ea" vary Accept-Encoding x-distribution 99 content-type application/javascript status 200 cache-control public, max-age=600 date Sun, 13 Oct 2019 09:54:27 GMT x-host s7.addthis.com content-length 114882
GET H2	200	analytics.js Show response www.google-analytics.com/	43 KB 17 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:80b::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-144347007-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Mon, 19 Aug 2019 17:22:41 GMT server Golfe2 age 17 date Sun, 13 Oct 2019 09:54:10 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 17803 expires Sun, 13 Oct 2019 11:54:10 GMT
GET H2	200	loader.js Show response cdn.taboola.com/libtrc/forforumotion-vi/	64 KB 18 KB	119ms 100ms	Script application/javascript	151.101.14.2 Fastly
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/forforumotion-vi/loader.js Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software AmazonS3 / Resource Hash de251ce8ca8abb44683937b13297c680e9e7ea49497a678407ce18499bdca70a Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-amz-version-id OwZFaBpSUsJE8zuh4DX0MeeqMh9x4AzV content-encoding gzip etag "db31fb21b135a06c70eb670f9f016eec" age 0 x-cache HIT status 200 content-length 17611 x-amz-id-2 4XwzOONOWvV7G5EZe79O1KgJvuUbq65dMVOWqBoeUI2FtWnsTixB7DIx4r9tyMIjMRwSlZOWgTI= x-served-by cache-fra19120-FRA last-modified Wed, 02 Oct 2019 12:33:20 GMT server AmazonS3 x-timer S1570960467.457730,VS0,VE93 date Sun, 13 Oct 2019 09:54:27 GMT vary Accept-Encoding x-amz-request-id E852DA95A9D7D739 via 1.1 varnish cache-control private,max-age=14401 accept-ranges bytes content-type application/javascript; charset=utf-8 abp 23 x-cache-hits 1
POST H2	204	cdb Show response bidder.criteo.com/	0 153 B	53ms 17ms	XHR text/plain	178.250.0.165 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?ptv=74&profileId=206&cb=51708529355 Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Sec-Fetch-Mode cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers status 204 date Sun, 13 Oct 2019 09:54:27 GMT access-control-allow-credentials true server Finatra access-control-allow-origin https://nhadatgroup.forumvi.com timing-allow-origin * vary Origin
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/xw1jR43fRSpRG88iDviKn3qM/	253 KB 90 KB	5ms 5ms	Script text/javascript	2a00:1450:4001:824::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/xw1jR43fRSpRG88iDviKn3qM/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 6f33adecfa8dacb04b161289c89b2930d80324d5d0baa1c0da86ed08b9c1ebda Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 09 Oct 2019 09:53:27 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 07 Oct 2019 21:23:03 GMT server sffe age 345660 vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=31536000 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 92207 x-xss-protection 0 expires Thu, 08 Oct 2020 09:53:27 GMT
GET H2	200	72_1_200.jpg redcdn.net/adphoto/10/14/34/	11 KB 12 KB	206ms 140ms	Image image/jpeg	2606:4700:30::681c:1669 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://redcdn.net/adphoto/10/14/34/72_1_200.jpg Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:1669 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 84018ebe496e3a6b3c7a51009bff6a6ae4f1ae41fc906fdccbf707a9bc5c956c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT x-content-type-options nosniff cf-cache-status MISS status 200 content-length 11360 x-xss-protection 1; mode=block last-modified Wed, 18 Jul 2018 11:56:27 GMT server cloudflare etag "5b4f2aeb-2c60" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=315360000 accept-ranges bytes cf-ray 52506eaa1f235a12-VIE expires Wed, 10 Oct 2029 09:54:27 GMT
GET H2	200	ga-audiences www.google.de/ads/ Redirect Chain https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1851831191&t=pageview&_s=1&dl=https%3A%2F%2Fnhadatgroup.forumvi.com%2Ft304-topic&ul=en-us&de=UTF-8&dt=Novaland%20khai%20tr%C6%B0%C6%A1ng%20tr... https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-144347007-1&cid=1656532652.1570960467&jid=1640279182&_gid=1088339134.1570960467&gjid=1578159011&_v=j79&z=86272986 https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144347007-1&cid=1656532652.1570960467&jid=1640279182&_v=j79&z=86272986 https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144347007-1&cid=1656532652.1570960467&jid=1640279182&_v=j79&z=86272986&slf_rd=1&random=499182100	42 B 109 B	29ms 29ms	Image image/gif	2a00:1450:4001:819::2003 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144347007-1&cid=1656532652.1570960467&jid=1640279182&_v=j79&z=86272986&slf_rd=1&random=499182100 Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Sun, 13 Oct 2019 09:54:27 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate content-type image/gif alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 13 Oct 2019 09:54:27 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 302 content-type text/html; charset=UTF-8 location https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144347007-1&cid=1656532652.1570960467&jid=1640279182&_v=j79&z=86272986&slf_rd=1&random=499182100 cache-control no-cache, no-store, must-revalidate timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel.gif static.criteo.net/images/	43 B 260 B	15ms 15ms	Image image/gif	178.250.0.130 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/images/pixel.gif?ch=1 Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT last-modified Tue, 09 Dec 2008 16:52:36 GMT server nginx etag "493ea254-2b" status 200 content-type image/gif access-control-allow-origin * cache-control max-age=31104000, public accept-ranges bytes timing-allow-origin * content-length 43 expires Wed, 07 Oct 2020 09:54:27 GMT
GET H2	200	pixel.gif static.criteo.net/images/	43 B 260 B	16ms 15ms	Image image/gif	178.250.0.130 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/images/pixel.gif?ch=2 Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT last-modified Tue, 09 Dec 2008 16:52:36 GMT server nginx etag "493ea254-2b" status 200 content-type image/gif access-control-allow-origin * cache-control max-age=31104000, public accept-ranges bytes timing-allow-origin * content-length 43 expires Wed, 07 Oct 2020 09:54:27 GMT
GET H2	200	nav.gif illiweb.com/fa/invision/	158 B 242 B	10ms 9ms	Image image/gif	2606:4700:e2::ac40:8a18 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://illiweb.com/fa/invision/nav.gif Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 16bd0b41944c9e99eb13a384cc608888ba4fbed6cb9232136d5491affee57435 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/0-ltr.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT x-content-type-options nosniff cf-cache-status HIT age 2906630 status 200 content-length 158 x-xss-protection 1; mode=block last-modified Sat, 01 Jan 2005 00:00:00 GMT server cloudflare etag "41d5e800-9e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 52506ea9d9f0c277-FRA expires Mon, 12 Oct 2020 09:54:27 GMT
GET H2	200	breadcrumb-arrow.gif illiweb.com/fa/invision/	81 B 165 B	13ms 11ms	Image image/gif	2606:4700:e2::ac40:8a18 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://illiweb.com/fa/invision/breadcrumb-arrow.gif Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 68e6860418db02970d06063f13acba5a706d75d397c8c6415e8f4aefd0f93cec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/0-ltr.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT x-content-type-options nosniff cf-cache-status HIT age 20287997 status 200 content-length 81 x-xss-protection 1; mode=block last-modified Sat, 01 Jan 2005 00:00:00 GMT server cloudflare etag "41d5e800-51" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 52506ea9d9f1c277-FRA expires Mon, 12 Oct 2020 09:54:27 GMT
GET H2	200	menu_action_down.gif illiweb.com/fa/invision/	100 B 184 B	12ms 10ms	Image image/gif	2606:4700:e2::ac40:8a18 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://illiweb.com/fa/invision/menu_action_down.gif Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash ecdf0f1659c4a9bda33367bcd3117a5809054113fd53cef3ba937f012191cad2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/0-ltr.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT x-content-type-options nosniff cf-cache-status HIT age 21433849 status 200 content-length 100 x-xss-protection 1; mode=block last-modified Sat, 01 Jan 2005 00:00:00 GMT server cloudflare etag "41d5e800-64" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 52506ea9d9f3c277-FRA expires Mon, 12 Oct 2020 09:54:27 GMT
GET H2	200	sprite_icons.png illiweb.com/fa/	1 KB 2 KB	12ms 11ms	Image image/png	2606:4700:e2::ac40:8a18 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://illiweb.com/fa/sprite_icons.png Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash b621467f74054e2999a7e213edf26895f9639e255f7c11b2047509fd0879f6c8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/0-ltr.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT x-content-type-options nosniff cf-cache-status HIT age 7714596 status 200 content-length 1459 x-xss-protection 1; mode=block last-modified Mon, 16 May 2016 11:01:49 GMT server cloudflare etag "5739a89d-5b3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 52506ea9d9f4c277-FRA expires Mon, 12 Oct 2020 09:54:27 GMT
GET H/1.1	200 OK	11662.js Show response ads.rubiconproject.com/ad/ Frame 6C1E	26 KB 8 KB	25ms 8ms	Script text/javascript	23.8.3.174 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ads.rubiconproject.com/ad/11662.js Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.8.3.174 , Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-8-3-174.deploy.static.akamaitechnologies.com Software Apache / PHP/5.3.3 Resource Hash d02197080b9680999381b5f5337fedd92674e5a1550ddfcc0c70612d3170a5e3 Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 13 Oct 2019 09:54:27 GMT Content-Encoding gzip Server Apache X-Powered-By PHP/5.3.3 Vary Accept-Encoding Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control max-age=1316 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 7558 Expires Sun, 13 Oct 2019 10:16:23 GMT
GET H/1.1	200 OK	11662.js Show response ads.rubiconproject.com/ad/ Frame 334C	26 KB 8 KB	8ms 8ms	Script text/javascript	23.8.3.174 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ads.rubiconproject.com/ad/11662.js Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.8.3.174 , Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-8-3-174.deploy.static.akamaitechnologies.com Software Apache / PHP/5.3.3 Resource Hash d02197080b9680999381b5f5337fedd92674e5a1550ddfcc0c70612d3170a5e3 Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 13 Oct 2019 09:54:27 GMT Content-Encoding gzip Server Apache X-Powered-By PHP/5.3.3 Vary Accept-Encoding Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control max-age=14292 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 7558 Expires Sun, 13 Oct 2019 13:52:39 GMT
GET H/1.1	200 OK	11662.js Show response ads.rubiconproject.com/ad/ Frame 10CB	26 KB 8 KB	12ms 8ms	Script text/javascript	23.8.3.174 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ads.rubiconproject.com/ad/11662.js Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.8.3.174 , Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-8-3-174.deploy.static.akamaitechnologies.com Software Apache / PHP/5.3.3 Resource Hash d02197080b9680999381b5f5337fedd92674e5a1550ddfcc0c70612d3170a5e3 Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 13 Oct 2019 09:54:27 GMT Content-Encoding gzip Server Apache X-Powered-By PHP/5.3.3 Vary Accept-Encoding Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control max-age=14292 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 7558 Expires Sun, 13 Oct 2019 13:52:39 GMT
GET H2	200	vglnk.js Show response cdn.viglink.com/api/	78 KB 28 KB	58ms 24ms	Script text/javascript	2606:4700::6810:a20d Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdn.viglink.com/api/vglnk.js Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:a20d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash b1e3d2c14e73d02c96b42ade56dfbb0535e4cf0537161c2b5bce2e149a09384b Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT content-encoding gzip cf-cache-status HIT age 2299136 cf-ray 52506eaa7d2e8c62-VIE status 200 content-length 27719 x-amz-id-2 HNEV4caKoOdziBrXGZIDp4CzG6boiBMb4TLu65nU6otYm4+p2OQwr1vWix1CX0FBodMy916W6w4= last-modified Mon, 16 Sep 2019 19:15:01 GMT server cloudflare etag "1545d811432c0074356408ee8f6c1e23" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id FB54A2C70C0BB866 cache-control public, max-age=1800 accept-ranges bytes content-type text/javascript expires Sun, 13 Oct 2019 10:24:27 GMT
GET H2	200	css fonts.googleapis.com/	3 KB 882 B	31ms 16ms	Font text/css	2a00:1450:4001:817::200a Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto+Condensed Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software ESF / Resource Hash 2b7caf43d9c84f7b05243a68e7bc41555f0b873a115a1e1c691f86bed97dd4d9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Sec-Fetch-Mode cors Referer https://nhadatgroup.forumvi.com/t304-topic Origin https://nhadatgroup.forumvi.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Sun, 13 Oct 2019 09:54:27 GMT server ESF link <https://fonts.gstatic.com>; rel=preconnect; crossorigin status 200 date Sun, 13 Oct 2019 09:54:27 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 expires Sun, 13 Oct 2019 09:54:27 GMT
GET H/1.1	200 OK	apu.php Show response deloplen.com/	2 KB 2 KB	62ms 17ms	XHR application/json	88.85.66.195 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://deloplen.com/apu.php?zoneid=2827263&oo=1 Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 88.85.66.195 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash c19e69b87794eff2c5b11efef37210ec57f04746eeb1ec63a929eb3e1f6e0a09 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Sec-Fetch-Mode cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 13 Oct 2019 09:54:27 GMT Content-Encoding gzip X-Content-Type-Options nosniff Transfer-Encoding chunked Connection keep-alive X-Trace-Id 315f1faefc72c2ef2e5536c2d9948b58 Pragma no-cache Server nginx Strict-Transport-Security max-age=1 Access-Control-Allow-Methods POST, GET, OPTIONS, PUT, DELETE Content-Type application/json Access-Control-Allow-Origin * Access-Control-Expose-Headers Authorization Cache-Control no-transform, no-store, no-cache, must-revalidate, max-age=0 Access-Control-Allow-Credentials true Timing-Allow-Origin *, * Access-Control-Allow-Headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token Expires Tue, 11 Jan 1994 10:00:00 GMT
GET H/1.1	200 OK	tag.min.js Show response deloplen.com/	65 KB 23 KB	72ms 26ms	Script application/javascript	88.85.66.195 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://deloplen.com/tag.min.js Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 88.85.66.195 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash ac1962338639e1fdf0c1babb466cabda3aef1e1c1b736ba4b54c17dafd98da4e Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 13 Oct 2019 09:54:27 GMT Content-Encoding gzip X-Content-Type-Options nosniff Connection keep-alive Content-Length 22928 X-Trace-Id 679f3c477fc17c9f2c896399f1cdac89 Pragma no-cache Last-Modified Fri, 11 Oct 2019 13:31:57 GMT Server nginx Strict-Transport-Security max-age=1 Access-Control-Allow-Methods POST, GET, OPTIONS, PUT, DELETE Content-Type application/javascript Access-Control-Allow-Origin Cache-Control max-age=86400 Access-Control-Allow-Credentials true Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers Accept, Content-Type, Content-Length, Accept-Encoding Expires Tue, 11 Jan 1994 10:00:00 GMT
GET H/1.1	200 OK	ntfc.php Show response pushmono.com/	14 KB 6 KB	93ms 14ms	Script application/javascript	206.54.165.248 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://pushmono.com/ntfc.php?p=2308013 Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 206.54.165.248 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash a494bc9bb1d9d5fc19352fbbaf9fc2b2acfe368d8a3298bf1868bb7435f43f93 Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Sun, 13 Oct 2019 09:54:27 GMT Content-Encoding gzip Last-Modified Wed, 09 Oct 2019 13:40:08 GMT Server nginx ETag W/"5d9de338-38ec" Transfer-Encoding chunked Content-Type application/javascript Cache-Control no-cache Access-Control-Allow-Credentials true Connection keep-alive
GET H2	200	toolbar.png illiweb.com/fa/i/toolbar/	11 KB 11 KB	13ms 13ms	Image image/png	2606:4700:e2::ac40:8a18 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://illiweb.com/fa/i/toolbar/toolbar.png Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 075cc698968c8fabdc079e0f5a8bf11ed379ddb445d0d7caa5085cf67ff12b57 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/0-ltr.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT x-content-type-options nosniff cf-cache-status HIT age 20588325 status 200 content-length 11066 x-xss-protection 1; mode=block last-modified Mon, 16 May 2016 08:34:44 GMT server cloudflare etag "57398624-2b3a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 52506eaa8c08c277-FRA expires Mon, 12 Oct 2020 09:54:27 GMT
GET H2	200	pa0.png illiweb.com/fa/i/toolbar/	1 KB 1 KB	11ms 11ms	Image image/png	2606:4700:e2::ac40:8a18 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://illiweb.com/fa/i/toolbar/pa0.png Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8a18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash f5b862705def8b10b9a2f6e2d285ace98b47d499942ad23d492820a6a04341dc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/0-ltr.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT x-content-type-options nosniff cf-cache-status HIT age 20306701 status 200 content-length 1087 x-xss-protection 1; mode=block last-modified Mon, 16 May 2016 08:34:43 GMT server cloudflare etag "57398623-43f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 52506eaa8c0ac277-FRA expires Mon, 12 Oct 2020 09:54:27 GMT
GET H2	200	connect.js Show response connect.topicit.net/scripts/	3 KB 2 KB	90ms 24ms	Script application/javascript	2606:4700:30::6812:3fe8 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://connect.topicit.net/scripts/connect.js Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6812:3fe8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 39ce845fc0203d4cb00559dff89d9448765e0ebd65ebbaf76623cc9850827542 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 1399 cf-polished origSize=5437 status 200 last-modified Tue, 27 Aug 2019 14:04:48 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-xss-protection 1; mode=block cf-bgj minify server cloudflare etag W/"5d653880-153d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=86400 cf-ray 52506eaaf82b595e-VIE expires Mon, 14 Oct 2019 09:54:27 GMT
GET H2	200	_ate.track.config_resp Show response v1.addthisedge.com/live/boost/forumotion/	166 B 373 B	27ms 27ms	Script application/javascript	2.21.36.164 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://v1.addthisedge.com/live/boost/forumotion/_ate.track.config_resp Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-21-36-164.deploy.static.akamaitechnologies.com Software Jetty(9.4.8.v20180619) / Resource Hash 4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028 Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT surrogate-key forumotion server Jetty(9.4.8.v20180619) etag 659743217 cache-tag forumotion status 200 cache-control public, max-age=27, s-maxage=86400 content-disposition attachment; filename=1.txt content-type application/javascript;charset=utf-8 content-length 166
GET H/1.1	200 OK	151376-2.js Show response optimized-by.rubiconproject.com/a/11662/36514/ Frame 6C1E	4 KB 3 KB	118ms 81ms	Script text/javascript	69.173.144.140 The Rubicon Project
General Check archive.org Show headers Download Go to Full URL https://optimized-by.rubiconproject.com/a/11662/36514/151376-2.js?&cb=0.7207090870636939&tk_st=1&rf=https%3A//nhadatgroup.forumvi.com/t304-topic&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=36514_2&rp_secure=1 Requested by Host: ads.rubiconproject.com URL: https://ads.rubiconproject.com/ad/11662.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US), Reverse DNS Software RAS 2.4 / Resource Hash 180cab03f3f41b61e49063e3e602a1869c080a75f39ebf30d0a0f7364ae7e3a8 Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Sun, 13 Oct 2019 09:54:27 GMT Content-Encoding gzip Server RAS 2.4 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Cache-Control no-cache, no-store, max-age=0, must-revalidate Connection Keep-Alive Content-Type text/javascript Keep-Alive timeout=5, max=76 Content-Length 2160 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H/1.1	200 OK	151378-15.js Show response optimized-by.rubiconproject.com/a/11662/36514/ Frame 334C	2 KB 2 KB	79ms 52ms	Script text/javascript	69.173.144.140 The Rubicon Project
General Check archive.org Show headers Download Go to Full URL https://optimized-by.rubiconproject.com/a/11662/36514/151378-15.js?&cb=0.05119983362549463&tk_st=1&rf=https%3A//nhadatgroup.forumvi.com/t304-topic&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=36514_15&rp_secure=1 Requested by Host: ads.rubiconproject.com URL: https://ads.rubiconproject.com/ad/11662.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US), Reverse DNS Software RAS 2.4 / Resource Hash 6d8fe5cffcc8b1108ef949775ec76280801087523c57244566281297cd663e36 Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Sun, 13 Oct 2019 09:54:27 GMT Content-Encoding gzip Server RAS 2.4 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Cache-Control no-cache, no-store, max-age=0, must-revalidate Connection Keep-Alive Content-Type text/javascript Keep-Alive timeout=5, max=347 Content-Length 932 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H/1.1	200 OK	151378-15.js Show response optimized-by.rubiconproject.com/a/11662/36514/ Frame 10CB	3 KB 3 KB	154ms 124ms	Script text/javascript	69.173.144.140 The Rubicon Project
General Check archive.org Show headers Download Go to Full URL https://optimized-by.rubiconproject.com/a/11662/36514/151378-15.js?&cb=0.8151669713955014&tk_st=1&rf=https%3A//nhadatgroup.forumvi.com/t304-topic&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=36514_15&rp_secure=1 Requested by Host: ads.rubiconproject.com URL: https://ads.rubiconproject.com/ad/11662.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US), Reverse DNS Software RAS 2.4 / Resource Hash b929cfd8669d21ad03a43a41a7889932d5a03283f13a16162818fff2a78545e0 Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Sun, 13 Oct 2019 09:54:27 GMT Content-Encoding gzip Server RAS 2.4 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Cache-Control no-cache, no-store, max-age=0, must-revalidate Connection Keep-Alive Content-Type text/javascript Keep-Alive timeout=5, max=434 Content-Length 1926 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H2	200	impl.20191002-10-RELEASE.js Show response cdn.taboola.com/libtrc/	394 KB 112 KB	9ms 8ms	Script application/javascript	151.101.14.2 Fastly
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/impl.20191002-10-RELEASE.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/forforumotion-vi/loader.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software AmazonS3 / Resource Hash 0cae80c9382e2b3e8045ba09797fd66d1a65a936d70af2eed09897be81ea436e Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-amz-version-id MWFHdpWI_mQOMXUM8TI1gLlg0gl1K5pN content-encoding gzip etag "c863c8ea08069847bb5c761bac45dda6" age 11 x-cache HIT status 200 x-amz-replication-status COMPLETED content-length 113914 x-amz-id-2 i8xSEXl3lQK2NjFG/Brn+z0xma8NjL8FplV4Af6bErUYSt2J0fxHQWqzwNN6i1RtifadwaJLw/I= x-served-by cache-fra19120-FRA last-modified Wed, 02 Oct 2019 22:32:20 GMT server AmazonS3 x-timer S1570960468.649036,VS0,VE0 date Sun, 13 Oct 2019 09:54:27 GMT vary Accept-Encoding x-amz-request-id 53D89C2CE8799238 via 1.1 varnish cache-control private,max-age=31536000 accept-ranges bytes content-type application/javascript; charset=utf-8 abp 44 x-cache-hits 34
GET H/1.1	200 OK	beacon.js Show response sb.scorecardresearch.com/	1 KB 1 KB	18ms 18ms	Script application/x-javascript	23.43.115.95 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://sb.scorecardresearch.com/beacon.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/forforumotion-vi/loader.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.43.115.95 , Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-43-115-95.deploy.static.akamaitechnologies.com Software / Resource Hash d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912 Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 13 Oct 2019 09:54:27 GMT Content-Encoding gzip Vary Accept-Encoding Content-Type application/x-javascript Cache-Control private, no-transform, max-age=86400 Connection keep-alive Content-Length 901 Expires Mon, 14 Oct 2019 09:54:27 GMT
GET H2	200	pixel.gif cdn.viglink.com/images/	43 B 103 B	25ms 25ms	Image image/gif	2606:4700::6810:a20d Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.viglink.com/images/pixel.gif?ch=1&rn=6.082314235050307 Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:a20d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7 Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT cf-cache-status HIT age 14 cf-ray 52506eaaed8c8c62-VIE status 200 content-length 43 x-amz-id-2 1mZ+cxwNG2syWohCFYvUscOgm4ABp6ZJYPPWOCCIpQflvsVnwWQdkXtJzi6TPlQTEBsCyHcJleQ= last-modified Tue, 10 Feb 2015 03:29:39 GMT server cloudflare etag "221d8352905f2c38b3cb2bd191d630b0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id 398DB255F765F8AE cache-control max-age=15, must-revalidate accept-ranges bytes content-type image/gif
GET H2	200	pixel.gif cdn.viglink.com/images/	43 B 266 B	25ms 25ms	Image image/gif	2606:4700::6810:a20d Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.viglink.com/images/pixel.gif?ch=2&rn=6.082314235050307 Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:a20d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7 Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT cf-cache-status HIT age 14 cf-ray 52506eaaed8d8c62-VIE status 200 content-length 43 x-amz-id-2 1mZ+cxwNG2syWohCFYvUscOgm4ABp6ZJYPPWOCCIpQflvsVnwWQdkXtJzi6TPlQTEBsCyHcJleQ= last-modified Tue, 10 Feb 2015 03:29:39 GMT server cloudflare etag "221d8352905f2c38b3cb2bd191d630b0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id 398DB255F765F8AE cache-control max-age=15, must-revalidate accept-ranges bytes content-type image/gif
GET H2	200	client.vi.min.json Show response s7.addthis.com/l10n/	4 KB 2 KB	21ms 10ms	XHR application/json	2.21.36.164 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://s7.addthis.com/l10n/client.vi.min.json Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-21-36-164.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash 177956c92b2e1a8845baa7dd3f06d8ae1f1b5181563566710e6eef565888028a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Sec-Fetch-Mode cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip last-modified Tue, 20 Aug 2019 19:33:54 GMT server nginx/1.15.8 status 200 etag W/"5d5c4b22-e76" vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control public, s-maxage=604800 date Sun, 13 Oct 2019 09:54:27 GMT x-host s7.addthis.com timing-allow-origin * content-length 1664
GET H/1.1	204 No Content	b2 sb.scorecardresearch.com/ Redirect Chain https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1570960467665&ns_c=UTF-8&cv=3.1&c8=Novaland%20khai%20tr%C6%B0%C6%A1ng%20trung%20t%C3%A2m%20b%E1%BA%A5t%20%C4%91%E1%BB%99ng%2... https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1570960467665&ns_c=UTF-8&cv=3.1&c8=Novaland%20khai%20tr%C6%B0%C6%A1ng%20trung%20t%C3%A2m%20b%E1%BA%A5t%20%C4%91%E1%BB%99ng%...	0 248 B	8ms 8ms	Image text/plain	23.43.115.95 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1570960467665&ns_c=UTF-8&cv=3.1&c8=Novaland%20khai%20tr%C6%B0%C6%A1ng%20trung%20t%C3%A2m%20b%E1%BA%A5t%20%C4%91%E1%BB%99ng%20s%E1%BA%A3n%20%C4%90%E1%BB%93ng%20Nai&c7=https%3A%2F%2Fnhadatgroup.forumvi.com%2Ft304-topic&c9= Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.43.115.95 , Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-43-115-95.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Sun, 13 Oct 2019 09:54:27 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Length 0 Expires Mon, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1570960467665&ns_c=UTF-8&cv=3.1&c8=Novaland%20khai%20tr%C6%B0%C6%A1ng%20trung%20t%C3%A2m%20b%E1%BA%A5t%20%C4%91%E1%BB%99ng%20s%E1%BA%A3n%20%C4%90%E1%BB%93ng%20Nai&c7=https%3A%2F%2Fnhadatgroup.forumvi.com%2Ft304-topic&c9= Pragma no-cache Date Sun, 13 Oct 2019 09:54:27 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Length 0 Expires Mon, 01 Jan 1990 00:00:00 GMT
GET H/1.1	204 No Content	fac.php deloplen.com/ Frame 920B	0 0	14ms 14ms	Document text/html	88.85.66.195 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://deloplen.com/fac.php Requested by Host: deloplen.com URL: https://deloplen.com/tag.min.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 88.85.66.195 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Host deloplen.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode nested-navigate Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site cross-site Referer https://nhadatgroup.forumvi.com/t304-topic Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode nested-navigate Referer https://nhadatgroup.forumvi.com/t304-topic Response headers Server nginx Date Sun, 13 Oct 2019 09:54:27 GMT Content-Type text/html; charset=utf8 Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Origin Access-Control-Allow-Methods POST, GET, OPTIONS, PUT, DELETE Access-Control-Allow-Headers Accept, Content-Type, Content-Length, Accept-Encoding Pragma no-cache Cache-Control no-transform, no-store, no-cache, must-revalidate, max-age=0 Expires Tue, 11 Jan 1994 10:00:00 GMT X-Trace-Id 74cf3a924ce5880c018eeea83913daf0 Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Timing-Allow-Origin *
GET H2	200	fingerprint2.min.js Show response cdn.jsdelivr.net/npm/fingerprintjs2@2.1.0/dist/	29 KB 11 KB	7ms 7ms	Script application/javascript	2a04:4e42:1b::621 Fastly
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/fingerprintjs2@2.1.0/dist/fingerprint2.min.js Requested by Host: deloplen.com URL: https://deloplen.com/tag.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash b6c65ab685234e744044e9b94c2a52db31b84c54ff3a00044aa188012ad61365 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff x-cache HIT, HIT status 200 content-length 10721 etag W/"73a6-07rMMn60HlMYw5/xZY35iYfesNs" x-served-by cache-ams21036-AMS, cache-hhn4066-HHN date Sun, 13 Oct 2019 09:54:27 GMT vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H/1.1	200 OK	zone Show response pushmono.com/	674 B 1 KB	16ms 15ms	Fetch application/json	206.54.165.248 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://pushmono.com/zone?pub=0&zone_id=2308013&is_mobile=false&domain=nhadatgroup.forumvi.com&var=&ymid= Requested by Host: pushmono.com URL: https://pushmono.com/ntfc.php?p=2308013 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 206.54.165.248 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash a04dc887f8771a8a47f1b7298765a4ad9765c311facfb5aa413640517a0121b8 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Sec-Fetch-Mode cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers X-Trace-Id bc0b7544ded27bb32c5d2c944b1c6207 Date Sun, 13 Oct 2019 09:54:27 GMT X-Content-Type-Options nosniff Server nginx Strict-Transport-Security max-age=1 Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://nhadatgroup.forumvi.com Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 674
GET H/1.1	200 OK	universal.min.js Show response pushmono.com/pfe/current/	115 KB 35 KB	66ms 28ms	Fetch application/javascript	206.54.165.248 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://pushmono.com/pfe/current/universal.min.js?v=3.1.127 Requested by Host: pushmono.com URL: https://pushmono.com/ntfc.php?p=2308013 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 206.54.165.248 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash 77edbbe07beb7a6d9ac5ed94737382d71fc3140abb4c83f011fea6d776b6debc Request headers Sec-Fetch-Mode cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Sun, 13 Oct 2019 09:54:27 GMT Content-Encoding gzip Last-Modified Wed, 09 Oct 2019 13:40:08 GMT Server nginx ETag W/"5d9de338-1cafd" Transfer-Encoding chunked Content-Type application/javascript Access-Control-Allow-Origin https://nhadatgroup.forumvi.com Cache-Control no-cache Access-Control-Allow-Credentials true Connection keep-alive
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/ Frame 334C	44 KB 14 KB	42ms 40ms	Script text/javascript	2a00:1450:4001:806::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: optimized-by.rubiconproject.com URL: https://optimized-by.rubiconproject.com/a/11662/36514/151378-15.js?&cb=0.05119983362549463&tk_st=1&rf=https%3A//nhadatgroup.forumvi.com/t304-topic&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=36514_15&rp_secure=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash ef95ce2969cec0d47b6ace1c44eeea2a69a1da135aba966c3e83621b5cf15c8c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "305 / 857 of 1000 / last-modified: 1570730339" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 14512 x-xss-protection 0 expires Sun, 13 Oct 2019 09:54:27 GMT
GET H/1.1	200 OK	72b7ad3f-27fb-4e52-9679-1eedd06729ba beacon-eu2.rubiconproject.com/beacon/d/ Frame 334C	43 B 268 B	47ms 17ms	Image image/webp	69.173.144.152 The Rubicon Project
General Check archive.org Show headers Download Go to Show image Full URL https://beacon-eu2.rubiconproject.com/beacon/d/72b7ad3f-27fb-4e52-9679-1eedd06729ba?oo=0&accountId=11662&siteId=36514&zoneId=151378&sizeId=15&e=6A1E40E384DA563BE04431EA2B3C9CF4A60EA04956D3EDF1AE7F3DD40B63FCA4B0D058611C3E0317D55D6394E7114068172DB22D3B21A9B54CE80EC6842220402C48BF33326D55368B765CD22D582F4FAC237D6FA0EBFC9A6240B348FC26EBCF273E89EF556FDA82E55469B52D43C056A5E0A430587CF9DF83009FDB9DE7981633F8630F2FDB6069 Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.152 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US), Reverse DNS Software Rubicon Project / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Sun, 13 Oct 2019 09:54:27 GMT Cache-Control private, max-age=0, no-cache Server Rubicon Project Content-Type image/webp Content-Length 43 Expires 01 Jan 1970 10:00:00 GMT
GET H/1.1	200 OK	js Show response tags.mathtag.com/notify/ Frame 6C1E	2 KB 2 KB	108ms 26ms	Script application/x-javascript	185.29.133.223 MediaMath Inc
General Check archive.org Show headers Download Go to Full URL https://tags.mathtag.com/notify/js?id=5aW95q2jLzIwLyAvWVRZd1pqQTFaakF0TURNeE1TMHdNMlJtTFRBd01EQXRNREF3TURBd01EQXdNREF3LzM3NDk1ODc1Nzk1MDEzOTQyNTkvNjYyMjQ3OC80NTYyMzU1LzkvODB2X0hyWWIwVHJNeG9UMVNVbm5sWVpNYzBYWWFoX214S2YxT3RxWlZxWS8xLzkvMC8wLzk1NjgwMy8yNDIwOTI3Nzc0LzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8zNzQ5NTg3NTc5NTAxMzk0MjU5L3pyaC8wLzQ2OS80OS85OTkvNDAvMTQ0Ljc2LjEwOS4wLzAuMDAwLzE1NzA5NjA0Njcv/3y0HyUtj9vw1SvgRyTY9Oxtxw4E&nodeid=720&auctionid=3749587579501394259&exch=ruc&sid=4562355&cid=6622478&price=5B54C3091C36AE39&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&group=eu&bp=a_aceaaa&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F584ced0c-4df6-486a-b9cd-b3e23cd14dae%2F Requested by Host: optimized-by.rubiconproject.com URL: https://optimized-by.rubiconproject.com/a/11662/36514/151376-2.js?&cb=0.7207090870636939&tk_st=1&rf=https%3A//nhadatgroup.forumvi.com/t304-topic&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=36514_2&rp_secure=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.29.133.223 , United Kingdom, ASN30419 (MEDIAMATH-INC - MediaMath Inc, US), Reverse DNS Software MMBD/3.156.1 / Resource Hash 08ef0e298a604863b6d4d317f8b60ca2551c26b95b374825b09089e70797698c Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 13 Oct 2019 09:54:27 GMT Content-Encoding gzip x-mm-bid-request-time 1570960467 Last-Modified Sun, 13 Oct 2019 09:54:27 GMT Server MMBD/3.156.1 x-mm-latency 2 (0) P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" x-mm-dbg count Cache-Control no-cache x-mm-host zrh-router-x41, zrh-bidder-x73 Connection close Content-Type application/x-javascript; charset=UTF-8 Expires Sun, 13 Oct 2019 09:54:26 GMT
GET H/1.1	200 OK	584ced0c-4df6-486a-b9cd-b3e23cd14dae beacon-eu2.rubiconproject.com/beacon/d/ Frame 6C1E	43 B 268 B	51ms 18ms	Image image/webp	69.173.144.152 The Rubicon Project
General Check archive.org Show headers Download Go to Show image Full URL https://beacon-eu2.rubiconproject.com/beacon/d/584ced0c-4df6-486a-b9cd-b3e23cd14dae?oo=0&accountId=11662&siteId=36514&zoneId=151376&sizeId=2&e=6A1E40E384DA563B134C4E01B58C7E0E7E66EB82C4F35D56E07EFFA7173E9CA6AB9916EC7CBE027C3605C53EE261F2D8172DB22D3B21A9B5FAD4DB66791D32A42C48BF33326D553620384A4CE700BB9BE581C7278562D885FD99DAC33F078020E95362172CF2D9E6105B6FD3C1154DAAE560235C16D28456EB99E3B68779AEDE4CC436C1E7E62D6E7FFBD390CCCF1A14D8E45BEB5CCD5D86D8D6E1A8B2E8E57FEBFBA2EDED8F9B87CD9402BEA942F0B6D764D6E758DE676E6DF793CA9C15E11736D4E70FE24B7C5AD8EFC9095A1DF1FB4620ACDF9CB6A8C8412EC3192328D16787564BED1DE5902D38940D47094D2BDD95FB8E54DFD88A11E8516CDCC6F6F0561E4998BE9623D18589EF71FE44E1F1647FB8304BA4F730A8D2CCCB654BF023C2938C2B94BEF689F9046B1611E548DAD769F906FDD2F4FC6D69686FE89A90D1B30F984D56C8361623D888BD58682889188D1A1EDD315617F4E82C8DC099D34DAF7A4512289792C6D4D412D919DB7561D6D035A83E6F4D25F75F80E4DB370AA1A59B82BB21B430064CE82C8DC099D34DAF11EA0C268307A5A84BE0469B4098C398F564392DF702867A362F6CE729C34E72FD9665F4609E8B00F890928F9709F8EF3E18C15FA2A590F7017FBCE380FBBBE3BA760B22302EE83AE794E30949E5EBFD7D70377DD4EFD393C77669D7327B77ACA3D71F43F8BEE02DD412EF9F0B0BA83DBC0D2A0A7E8992643D2E4EB734EC90EAB0642753BC0A4F5E64CEC1804495133B63079072695207B87694E0C38993E20F1C362F03437742283C3A193DA7BBA3B160E934C1AB1C192C90E385F9572B9DD587896EBB540A3F03A655FC84C51AE01DAFCA7D82C1918CEEFB821DBD3F467E278CD919C3C8FF815847AC68B4A0E43124 Requested by Host: optimized-by.rubiconproject.com URL: https://optimized-by.rubiconproject.com/a/11662/36514/151376-2.js?&cb=0.7207090870636939&tk_st=1&rf=https%3A//nhadatgroup.forumvi.com/t304-topic&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=36514_2&rp_secure=1 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.152 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US), Reverse DNS Software Rubicon Project / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Sun, 13 Oct 2019 09:54:27 GMT Cache-Control private, max-age=0, no-cache Server Rubicon Project Content-Type image/webp Content-Length 43 Expires 01 Jan 1970 10:00:00 GMT
GET H2	200	pubads_impl_modern_2019100301.js Show response securepubads.g.doubleclick.net/gpt/ Frame 334C	145 KB 56 KB	57ms 39ms	Script text/javascript	172.217.16.162 Google LLC
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019100301.js?21064579 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s11-in-f2.1e100.net Software sffe / Resource Hash df9504754d592b8d76e897236d749bbf896e26edae92c2f669fa46946624e3c6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 03 Oct 2019 13:06:21 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 56672 x-xss-protection 0 expires Sun, 13 Oct 2019 09:54:27 GMT
GET H2	200	integrator.sync.js Show response adservice.google.de/adsid/ Frame 334C	113 B 660 B	34ms 16ms	Script application/javascript	2a00:1450:4001:806::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.sync.js?domain=nhadatgroup.forumvi.com Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Sun, 13 Oct 2019 09:54:27 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 108 x-xss-protection 0
POST H/1.1	200 OK	custom Show response pushmono.com/	39 B 498 B	14ms 14ms	Fetch application/json	206.54.165.248 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://pushmono.com/custom Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 206.54.165.248 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Sec-Fetch-Mode cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/json Response headers X-Trace-Id db5712b0681d441e7f879b5ba6bc482d Date Sun, 13 Oct 2019 09:54:27 GMT X-Content-Type-Options nosniff Server nginx Strict-Transport-Security max-age=1 Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://nhadatgroup.forumvi.com Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 39
GET H2	200	sw.js Show response nhadatgroup.forumvi.com/	5 KB 2 KB	102ms 101ms	Fetch application/javascript	94.23.76.111 OVH
General Check archive.org Show headers Download Go to Full URL https://nhadatgroup.forumvi.com/sw.js Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 94.23.76.111 , Portugal, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash c995b7be0da1c4593f871757a7951f329e0ac39c21f0bd5bc4cce4cb38b202f8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 27 Aug 2019 13:54:01 GMT etag W/"5d6535f9-1554" status 200 content-type application/javascript access-control-allow-origin * cache-control max-age=315360000 x-xss-protection 1; mode=block expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	js Show response tags.mathtag.com/notify/ Frame 10CB	2 KB 2 KB	2300ms 2253ms	Script application/x-javascript	185.29.133.223 MediaMath Inc
General Check archive.org Show headers Download Go to Full URL https://tags.mathtag.com/notify/js?id=5aW95q2jLzIwLyAvTkdZelpUWmtOelF0WmpVNE9TMDBOVGt4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzY3MDYwOTQ4NjI0MDkyMTkzOS82NjIyNDcyLzQ1NjIzNTUvOS84MHZfSHJZYjBUck14b1QxU1Vubmxmc0tkdmJSWEpzSmVNZHNPdnBHazA4LzEvOS8wLzAvOTU2ODAzLzI0MjA5Mjc3NzQvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzY3MDYwOTQ4NjI0MDkyMTkzOS96cmgvMC85MDYvNDkvOTk5LzQwLzE0NC43Ni4xMDkuMC8wLjAwMC8xNTcwOTYwNDY3Lw/OLiTMxzemPdKgQdZC_94diCS2_U&nodeid=37&auctionid=670609486240921939&exch=ruc&sid=4562355&cid=6622472&price=7FF00CD929E26837&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&group=eu&bp=a_aceaaa&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F52d6066a-8c5b-44a3-9577-63174a230aec%2F Requested by Host: optimized-by.rubiconproject.com URL: https://optimized-by.rubiconproject.com/a/11662/36514/151378-15.js?&cb=0.8151669713955014&tk_st=1&rf=https%3A//nhadatgroup.forumvi.com/t304-topic&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=36514_15&rp_secure=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.29.133.223 , United Kingdom, ASN30419 (MEDIAMATH-INC - MediaMath Inc, US), Reverse DNS Software MMBD/3.156.1 / Resource Hash c9e0070a2e269bbf2f82f1dd1d2036873002db192ae92f41fd9290f534989780 Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 13 Oct 2019 09:54:30 GMT Content-Encoding gzip x-mm-bid-request-time 1570960467 Last-Modified Sun, 13 Oct 2019 09:54:27 GMT Server MMBD/3.156.1 x-mm-latency 1 (1) P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" x-mm-dbg count Cache-Control no-cache x-mm-host zrh-router-x38, zrh-bidder-x5 Connection close Content-Type application/x-javascript; charset=UTF-8 Expires Sun, 13 Oct 2019 09:54:29 GMT
GET H/1.1	200 OK	52d6066a-8c5b-44a3-9577-63174a230aec beacon-eu2.rubiconproject.com/beacon/d/ Frame 10CB	43 B 268 B	19ms 18ms	Image image/webp	69.173.144.152 The Rubicon Project
General Check archive.org Show headers Download Go to Show image Full URL https://beacon-eu2.rubiconproject.com/beacon/d/52d6066a-8c5b-44a3-9577-63174a230aec?oo=0&accountId=11662&siteId=36514&zoneId=151378&sizeId=15&e=6A1E40E384DA563B617C909CB4D9E2B99CD7620453696274C581CDBDFC61A5A2E74C04F6D99F892EE261917AC12402DC172DB22D3B21A9B570D80050052746312C48BF33326D553620384A4CE700BB9BE581C7278562D885EA37445C5DECFC9BE95362172CF2D9E640E7418E00076B17977903609E3CCCB43C0F9254ED25AEA5912278E2B387AEF50CF98B20C19C038FD8E45BEB5CCD5D86D8D6E1A8B2E8E57FEBFBA2EDED8F9B873002BD9861291DFC5B3B85D66FE65879960F96BC7383C2FE0BDF0DCACCF91347CDA17732A3DEBEADF79CE6C73C0EB43F9669B7A6D17A698657DD384B2D3426A912F55D6BABCF30C6555ED6EE6164A31C8A1E4421699FCEC82E52358DC3A92A65823855A2ED7006B8705F553754E0ACEB77FA2313D0E981172DADC66AEE78831D8BB71F2BEFBBF2212EF83A790071256DB041BDD660F6557E0BBAB45E8E899FD03B4A794C085C98197F245B0254DCA400D8D6E1A8B2E8E57FD8E45BEB5CCD5D86F044319AE02BC87F0BD9FCCCD90FC04B5566EE343E868EC6443D77EFA924F81BD8D6E1A8B2E8E57F5A1FF84E53476907718E34C61F7CB1ECAFD7B2863899CCC05B3B85D66FE65879960F96BC7383C2FED09A38168D1BEB995477DFCB564AFDAA4B6E06CE49B9A6E81D82AC88DB64E17903A11DC3C9346CAF468DA30F2934E53DF43DE558903DC1DDDBFC65D8DDB427EAEC46CF86C254EFCC66CDC616F078E1A73E6B6F99E0D728E8704412F0B85EE9DE68780E117338945FFB35BC5EDCAD0DAC5AB9426A039B027830918076DAA86F4BA6862BE8F157535E1C52916D8DFD5EA906ED968E868084357508CAE1E84D07675F57C6155022180978EBF1380DC1B667F69A75AED9CBDEACAD33A9DEDA4EA9AD6F1E1C85F06970F6 Requested by Host: optimized-by.rubiconproject.com URL: https://optimized-by.rubiconproject.com/a/11662/36514/151378-15.js?&cb=0.8151669713955014&tk_st=1&rf=https%3A//nhadatgroup.forumvi.com/t304-topic&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=36514_15&rp_secure=1 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.152 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US), Reverse DNS Software Rubicon Project / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Sun, 13 Oct 2019 09:54:27 GMT Cache-Control private, max-age=0, no-cache Server Rubicon Project Content-Type image/webp Content-Length 43 Expires 01 Jan 1970 10:00:00 GMT
GET H/1.1	200 OK	dap2i2xhbauc Show response hal9000.redintelligence.net/zone/ Frame 6C1E	10 KB 3 KB	5ms 1ms	Script text/html	138.201.63.164 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal9000.redintelligence.net/zone/dap2i2xhbauc?subid=&rnd=3749587579501394259&extVar[]=DOUBLEBORDER:1&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3749587579501394259%26mt_id%3D6622478%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3D6a025da2-f453-4b01-b088-9058f26face9%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F584ced0c-4df6-486a-b9cd-b3e23cd14dae%2F%26redirect%3D Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 138.201.63.164 Heppenheim an der Bergstrasse, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.164.63.201.138.clients.your-server.de Software Apache / Resource Hash 2faf618b1fd59cfba6b53371f437a32bb8cbb549066d2215fa21b287500fab8c Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 13 Oct 2019 09:54:27 GMT Content-Encoding gzip Server Apache Connection close Content-Length 2818 Vary Accept-Encoding Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	img pixel.mathtag.com/event/ Frame 6C1E	43 B 359 B	39ms 27ms	Image image/gif	2.18.233.201 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=9&v2=3749587579501394259&v3=651871&v4=4562355&v5=6622478&mt_nsync=1&no_attr=1 Requested by Host: tags.mathtag.com URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIwLyAvWVRZd1pqQTFaakF0TURNeE1TMHdNMlJtTFRBd01EQXRNREF3TURBd01EQXdNREF3LzM3NDk1ODc1Nzk1MDEzOTQyNTkvNjYyMjQ3OC80NTYyMzU1LzkvODB2X0hyWWIwVHJNeG9UMVNVbm5sWVpNYzBYWWFoX214S2YxT3RxWlZxWS8xLzkvMC8wLzk1NjgwMy8yNDIwOTI3Nzc0LzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8zNzQ5NTg3NTc5NTAxMzk0MjU5L3pyaC8wLzQ2OS80OS85OTkvNDAvMTQ0Ljc2LjEwOS4wLzAuMDAwLzE1NzA5NjA0Njcv/3y0HyUtj9vw1SvgRyTY9Oxtxw4E&nodeid=720&auctionid=3749587579501394259&exch=ruc&sid=4562355&cid=6622478&price=5B54C3091C36AE39&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&group=eu&bp=a_aceaaa&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F584ced0c-4df6-486a-b9cd-b3e23cd14dae%2F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-18-233-201.deploy.static.akamaitechnologies.com Software MT3 1734 ed2a032 master zrh-pixel-x5 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 13 Oct 2019 09:54:27 GMT Server MT3 1734 ed2a032 master zrh-pixel-x5 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Expires Sun, 13 Oct 2019 09:54:26 GMT
GET H/1.1	200 OK	img tags.mathtag.com/event/ Frame 6C1E	49 B 329 B	75ms 25ms	Image image/gif	185.29.133.223 MediaMath Inc
General Check archive.org Show headers Download Go to Show image Full URL https://tags.mathtag.com/event/img?type=mmImpTrack&exch=ruc&bid=3749587579501394259&st=4562355&time=1570960467&nodeid=720 Requested by Host: tags.mathtag.com URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIwLyAvWVRZd1pqQTFaakF0TURNeE1TMHdNMlJtTFRBd01EQXRNREF3TURBd01EQXdNREF3LzM3NDk1ODc1Nzk1MDEzOTQyNTkvNjYyMjQ3OC80NTYyMzU1LzkvODB2X0hyWWIwVHJNeG9UMVNVbm5sWVpNYzBYWWFoX214S2YxT3RxWlZxWS8xLzkvMC8wLzk1NjgwMy8yNDIwOTI3Nzc0LzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8zNzQ5NTg3NTc5NTAxMzk0MjU5L3pyaC8wLzQ2OS80OS85OTkvNDAvMTQ0Ljc2LjEwOS4wLzAuMDAwLzE1NzA5NjA0Njcv/3y0HyUtj9vw1SvgRyTY9Oxtxw4E&nodeid=720&auctionid=3749587579501394259&exch=ruc&sid=4562355&cid=6622478&price=5B54C3091C36AE39&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&group=eu&bp=a_aceaaa&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F584ced0c-4df6-486a-b9cd-b3e23cd14dae%2F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.29.133.223 , United Kingdom, ASN30419 (MEDIAMATH-INC - MediaMath Inc, US), Reverse DNS Software MMBD/3.156.1 / Resource Hash 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944 Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 13 Oct 2019 09:54:27 GMT Server MMBD/3.156.1 Content-Type image/gif Cache-Control no-cache x-mm-host zrh-router-x43, zrh-bidder-x73 Connection keep-alive Keep-Alive timeout=360 Content-Length 49 Expires Sun, 13 Oct 2019 09:54:26 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame 334C	4 KB 2 KB	206ms 205ms	XHR text/plain	172.217.16.162 Google LLC
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=122186463668750&correlator=1020748686888378&output=ldjh&impl=fif&eid=21064579%2C21064581&vrg=2019100301&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A553680904%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20191013&iu=%2F1150267%2FEtoxicSarl_2019_300x250&sz=300x250&eri=6&cookie_enabled=1&cdm=nhadatgroup.forumvi.com&bc=31&abxe=1&lmt=1570960467&dt=1570960467866&dlt=1570960467536&idt=319&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adx=551&ady=882&adk=3480591353&uci=ym5qrzfwl4f8&ifi=1&ifk=2746228192&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fnhadatgroup.forumvi.com%2Ft304-topic&top=nhadatgroup.forumvi.com&dssz=6&icsg=90&mso=1&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=1656532652.1570960467&ga_sid=1570960468&ga_hid=549276892&fws=256&ohw=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019100301.js?21064579 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s11-in-f2.1e100.net Software cafe / Resource Hash 1f05472f09650dde82761c6b98d691d73ffad785accef3e092b204838760b260 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:28 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 2013 x-xss-protection 0 google-lineitem-id 227267817 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 107686126137 content-type text/plain; charset=UTF-8 access-control-allow-origin https://nhadatgroup.forumvi.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pubads_impl_modern_rendering_2019100301.js Show response securepubads.g.doubleclick.net/gpt/ Frame 334C	59 KB 23 KB	44ms 44ms	Script text/javascript	172.217.16.162 Google LLC
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019100301.js?21064579 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s11-in-f2.1e100.net Software sffe / Resource Hash 62f9b1db55badf04718d6f76be9c0d7d5e8c86a08ab6ea2bb8dc3b73a3b21204 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:27 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 03 Oct 2019 13:06:21 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 23801 x-xss-protection 0 expires Sun, 13 Oct 2019 09:54:27 GMT
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame 334C	0 0	21ms 6ms	Other text/html	2a00:1450:4001:81f::2001 Google LLC
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019100301.js?21064579 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software / Resource Hash Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers
GET H/1.1	200 OK	usync.html eus.rubiconproject.com/ Frame C858	0 0	21ms 6ms	Document text/html	104.109.78.125 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?&geo=eu&co=de Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.109.78.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a104-109-78-125.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash Request headers Host eus.rubiconproject.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode nested-navigate Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site cross-site Referer https://nhadatgroup.forumvi.com/t304-topic Accept-Encoding gzip, deflate, br Cookie rsid=1|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxptBfrzPAh1r4H5OGjlRsLybbqMiOGkSHO3tj2oYW2peUXLM3KhKxP1tUBJlFYZ4hQ5JcvaexNK8Cn3X/UNbPWpJKXQKV6YB7vxlRF/OivwyJA1Cf1tg/Usaek=; ses15=36514^1; vis15=36514^1; ses2=36514^1; vis2=36514^1; khaos=K1OTAUOW-10-D71L; audit=1|hLZGFuTafB3zrnjYgqn/ye99qzxPzGzoonYyFRaRePl6Rj1mrx+PPT6nBc4U4EHwGmSWAglnwOnmj1555WWdsoAXuoDlYL8Aa1Atf5hwqBo= Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode nested-navigate Referer https://nhadatgroup.forumvi.com/t304-topic Response headers Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Last-Modified Wed, 09 Oct 2019 22:56:27 GMT Content-Encoding gzip Content-Length 7653 Content-Type text/html; charset=UTF-8 Cache-Control max-age=47815 Expires Sun, 13 Oct 2019 23:11:22 GMT Date Sun, 13 Oct 2019 09:54:27 GMT Connection keep-alive Vary Accept-Encoding
GET H/1.1	200 OK	request.php Show response hal900021.redintelligence.net/ Frame 6C1E Redirect Chain https://hal900021.redintelligence.net/request.php?zone=dap2i2xhbauc&nw=20&renderingType=javascript&namespace=32f5b48df2&subid=&uid=9697b6bf581ff703&screenSize=1600x1200&screenSizeAvail=1600x1200&cl... https://hal900021.redintelligence.net/request.php?zone=dap2i2xhbauc&nw=20&renderingType=javascript&namespace=32f5b48df2&subid=&uid=9697b6bf581ff703&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...	2 KB 1 KB	50ms 48ms	Script application/x-javascript	138.201.84.253 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900021.redintelligence.net/request.php?zone=dap2i2xhbauc&nw=20&renderingType=javascript&namespace=32f5b48df2&subid=&uid=9697b6bf581ff703&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3749587579501394259%26mt_id%3D6622478%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3D6a025da2-f453-4b01-b088-9058f26face9%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F584ced0c-4df6-486a-b9cd-b3e23cd14dae%2F%26redirect%3D&documentReferer=https%3A%2F%2Fnhadatgroup.forumvi.com%2Ft304-topic&ancestorOrigins=https%3A%2F%2Fnhadatgroup.forumvi.com&random=3160627369156&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 138.201.84.253 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.253.84.201.138.clients.your-server.de Software Apache / Resource Hash 4d0049e14c202e4a1d6121577bf1fd3ca3b881f2c1698470956fc0f37702dd65 Request headers Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Sun, 13 Oct 2019 09:54:27 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-store, no-cache, must-revalidate, max-age=0 X-NEORY-SubId 28825200057373900951453011015021 Connection close Content-Type application/x-javascript; charset=utf-8 Content-Length 836 Expires Sun, 13 Oct 2019 10:54:27 +0200 Redirect headers Pragma no-cache Date Sun, 13 Oct 2019 09:54:27 GMT Server Apache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Location request.php?zone=dap2i2xhbauc&nw=20&renderingType=javascript&namespace=32f5b48df2&subid=&uid=9697b6bf581ff703&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3749587579501394259%26mt_id%3D6622478%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3D6a025da2-f453-4b01-b088-9058f26face9%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F584ced0c-4df6-486a-b9cd-b3e23cd14dae%2F%26redirect%3D&documentReferer=https%3A%2F%2Fnhadatgroup.forumvi.com%2Ft304-topic&ancestorOrigins=https%3A%2F%2Fnhadatgroup.forumvi.com&random=3160627369156&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Type text/html; charset=UTF-8 Content-Length 0 Expires Sun, 13 Oct 2019 10:54:27 +0200
POST H/1.1	200 OK	custom Show response pushmono.com/	39 B 498 B	15ms 14ms	Fetch application/json	206.54.165.248 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://pushmono.com/custom Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 206.54.165.248 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Sec-Fetch-Mode cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/json Response headers X-Trace-Id c6e39c8798333379a1c23517e242fd4e Date Sun, 13 Oct 2019 09:54:27 GMT X-Content-Type-Options nosniff Server nginx Strict-Transport-Security max-age=1 Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://nhadatgroup.forumvi.com Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 39
GET H/1.1	200 200	Cookie set / banner.congstar.de/cookie/ Frame BF41 Redirect Chain https://ad.zanox.com/tpv/?45749447C1551011213&zpar0=28825200057373900951453011015021&ULP= https://banner.congstar.de/cookie/?zxid=45749447C1551011213SV1yq54528558081963145753821036595257yb5yb7T2618401966195945473&zUserID=992431	0 0	76ms 18ms	Document text/html	85.214.124.106 STRATO STRATO AG
General Check archive.org Show headers Download Go to Full URL https://banner.congstar.de/cookie/?zxid=45749447C1551011213SV1yq54528558081963145753821036595257yb5yb7T2618401966195945473&zUserID=992431 Requested by Host: hal900021.redintelligence.net URL: https://hal900021.redintelligence.net/request.php?zone=dap2i2xhbauc&nw=20&renderingType=javascript&namespace=32f5b48df2&subid=&uid=9697b6bf581ff703&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3749587579501394259%26mt_id%3D6622478%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3D6a025da2-f453-4b01-b088-9058f26face9%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F584ced0c-4df6-486a-b9cd-b3e23cd14dae%2F%26redirect%3D&documentReferer=https%3A%2F%2Fnhadatgroup.forumvi.com%2Ft304-topic&ancestorOrigins=https%3A%2F%2Fnhadatgroup.forumvi.com&random=3160627369156&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 85.214.124.106 Berlin, Germany, ASN6724 (STRATO STRATO AG, DE), Reverse DNS h2491987.stratoserver.net Software / Resource Hash Request headers Host banner.congstar.de Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode nested-navigate Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site cross-site Referer https://nhadatgroup.forumvi.com/t304-topic Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode nested-navigate Referer https://nhadatgroup.forumvi.com/t304-topic Response headers Date Sun, 13 Oct 2019 09:54:28 GMT Set-Cookie staticentry=%7B%22zxid%22%3A%2245749447C1551011213SV1yq54528558081963145753821036595257yb5yb7T2618401966195945473%22%2C%22zUserID%22%3A%22992431%22%7D; Domain=.congstar.de; Expires=Sun, 20-Oct-2019 09:54:28 GMT; Path=/ Content-Length 0 P3P CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Cache-Control no-cache, no-store, must-revalidate Pragma no-cache Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html Redirect headers Cache-Control no-store Pragma no-cache Content-Length 0 Location https://banner.congstar.de/cookie/?zxid=45749447C1551011213SV1yq54528558081963145753821036595257yb5yb7T2618401966195945473&zUserID=992431 Server Microsoft-IIS/7.5 Set-Cookie zttpvc=5C22222S2618401966195945473T0II5C71894S2618401966195945472T0II45749447C0SV1yq54528558081963145753821036595257yb5yb7T2618401966195945473; domain=.zanox.com; path=/ zptpvc=5C22222S2618401966195945473T0II5C71894S2618401966195945472T0II45749447C0SV1yq54528558081963145753821036595257yb5yb7T2618401966195945473; expires=Sat, 11-Jan-2020 09:54:36 GMT; domain=.zanox.com; path=/ X-Powered-By ASP.NET P3P policyref="http://ad.zanox.com/w3c/p3p.xml", CP="NOI CUR OUR STP" jobs-at-zanox https://www.zanox.com/jobs/international Date Sun, 13 Oct 2019 09:54:36 GMT Connection close Via 10.30.3.50%1
GET H/1.1	200 OK	Cookie set cshow.php www.zenaps.com/ Frame B5E6 Redirect Chain https://www.awin1.com/cshow.php?s=2329635&v=16160&q=356171&r=296283&pref1=28825200057373900951453011015021&pv=1 https://www.zenaps.com/cshow.php?pvr=72060190-ed9f-11e9-b5a3-692d033fc04e&v=16160&r=296283&q=356171&s=2329635&viewref=28825200057373900951453011015021&pv=1	0 0	41ms 26ms	Document image/gif	104.109.83.210 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.zenaps.com/cshow.php?pvr=72060190-ed9f-11e9-b5a3-692d033fc04e&v=16160&r=296283&q=356171&s=2329635&viewref=28825200057373900951453011015021&pv=1 Requested by Host: hal900021.redintelligence.net URL: https://hal900021.redintelligence.net/request.php?zone=dap2i2xhbauc&nw=20&renderingType=javascript&namespace=32f5b48df2&subid=&uid=9697b6bf581ff703&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3749587579501394259%26mt_id%3D6622478%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3D6a025da2-f453-4b01-b088-9058f26face9%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F584ced0c-4df6-486a-b9cd-b3e23cd14dae%2F%26redirect%3D&documentReferer=https%3A%2F%2Fnhadatgroup.forumvi.com%2Ft304-topic&ancestorOrigins=https%3A%2F%2Fnhadatgroup.forumvi.com&random=3160627369156&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.109.83.210 , Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a104-109-83-210.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Host www.zenaps.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode nested-navigate Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site cross-site Referer https://nhadatgroup.forumvi.com/t304-topic Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode nested-navigate Referer https://nhadatgroup.forumvi.com/t304-topic Response headers Cache-Control no-store, no-cache, max-age=0, must-revalidate Content-Type image/gif Expires 0 Node Helix P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Pragma no-cache Content-Length 43 Date Sun, 13 Oct 2019 09:54:28 GMT Connection keep-alive Set-Cookie awpv16160=296283|1570960468|72060190-ed9f-11e9-b5a3-692d033fc04e;domain=.zenaps.com;path=/;expires=Tuesday, 15-Oct-2019 09:54:28 UTC; AWSESS=356171:2329635;domain=.zenaps.com;path=/; Awin-Akamai-Rule-Set default Redirect headers Location https://www.zenaps.com/cshow.php?pvr=72060190-ed9f-11e9-b5a3-692d033fc04e&v=16160&r=296283&q=356171&s=2329635&viewref=28825200057373900951453011015021&pv=1 Node Helix P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Content-Length 0 Date Sun, 13 Oct 2019 09:54:28 GMT Connection keep-alive Set-Cookie awpv16160=296283|1570960468|72060190-ed9f-11e9-b5a3-692d033fc04e;domain=.awin1.com;path=/;expires=Tuesday, 15-Oct-2019 09:54:28 UTC; AWSESS=356171:2329635;domain=.awin1.com;path=/; Awin-Akamai-Rule-Set default
GET H/1.1	200 OK	request_content.php hal900021.redintelligence.net/ Frame 421C	0 0	6ms 1ms	Document text/html	138.201.84.253 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900021.redintelligence.net/request_content.php?s=28825200057373900951453011015021&a=06532274 Requested by Host: hal900021.redintelligence.net URL: https://hal900021.redintelligence.net/request.php?zone=dap2i2xhbauc&nw=20&renderingType=javascript&namespace=32f5b48df2&subid=&uid=9697b6bf581ff703&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3749587579501394259%26mt_id%3D6622478%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3D6a025da2-f453-4b01-b088-9058f26face9%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F584ced0c-4df6-486a-b9cd-b3e23cd14dae%2F%26redirect%3D&documentReferer=https%3A%2F%2Fnhadatgroup.forumvi.com%2Ft304-topic&ancestorOrigins=https%3A%2F%2Fnhadatgroup.forumvi.com&random=3160627369156&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 138.201.84.253 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.253.84.201.138.clients.your-server.de Software Apache / Resource Hash Request headers Host hal900021.redintelligence.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode nested-navigate Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site cross-site Referer https://nhadatgroup.forumvi.com/t304-topic Accept-Encoding gzip, deflate, br Cookie 8lcfmzhxc8d6_uid=b821ac298497dfca Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode nested-navigate Referer https://nhadatgroup.forumvi.com/t304-topic Response headers Date Sun, 13 Oct 2019 09:54:27 GMT Server Apache Cache-Control no-store, no-cache, must-revalidate, max-age=0 Expires Sun, 13 Oct 2019 10:54:27 +0200 Pragma no-cache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Vary Accept-Encoding Content-Encoding gzip Content-Length 1400 Connection close Content-Type text/html; charset=utf-8
GET H/1.1	200 OK	13729876-1558620412167 www.yceml.net/0084/ Frame 6C1E Redirect Chain https://www.lduhtrp.net/image-3355671-13729876?SID=28825200057373900951453011015021 https://cj.dotomi.com/nc117h48BP/z5A/482/OQUPWVUT/QQSSTUO/N/N/N/N/N?c=xTJE%3D39936311168484A11A62564122126132%3c%3ciuuqt%3A%2F%2Fxxx.meviusq.ofu%3A91%2Fjnbhf-4466782-2483A987%3c%3cH%3ciuuqt%3A%2F%2... https://www.emjcd.com/nh65g047N/v16/04z/KMQLSRQP/MMOOPQK/J/LJJKJMMJKRNSRQQSJJ:yxkExl9kUHFe/J/J/J?j=ueUP%3DEKKEHECCCHJFJFLCCLHDGHFCDDCDHCED%3c%3ct5514%3A%2F%2F888.xp6t531.zq5%3AKC%2Fuymsq-FFHHIJD-DF... https://www.yceml.net/0084/13729876-1558620412167	28 KB 29 KB	18ms 6ms	Image image/jpeg	23.45.238.30 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.yceml.net/0084/13729876-1558620412167 Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.45.238.30 , United States, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-45-238-30.deploy.static.akamaitechnologies.com Software Resin/3.1.14 / Resource Hash 2f88dd16569520e16d9b13296a4534992d75cc97bdac95b40084ddc5a9b2fcd2 Request headers Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 13 Oct 2019 09:54:28 GMT Cache-Control max-age=517763 Server Resin/3.1.14 Connection keep-alive Content-Length 29143 Expires Sat, 19 Oct 2019 09:43:51 GMT Redirect headers Pragma no-cache Date Sun, 13 Oct 2019 09:54:27 GMT Server Resin/3.1.14 P3P policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT" Location https://www.yceml.net/0084/13729876-1558620412167 Cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection close Content-Type text/html; charset=UTF-8 Content-Length 87 Expires Sun, 13 Oct 2019 09:54:28 GMT
GET H/1.1	200 OK	id.js Show response mathid.mathtag.com/device/ Frame 6C1E	54 KB 19 KB	76ms 34ms	Script text/javascript	185.29.135.48 MediaMath Inc
General Check archive.org Show headers Download Go to Full URL https://mathid.mathtag.com/device/id.js Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.29.135.48 , United Kingdom, ASN30419 (MEDIAMATH-INC - MediaMath Inc, US), Reverse DNS Software / Express Resource Hash b08fefb255b40cd18b0f7db8ec21c6f0c79d16aa828d7ed9157da12a38538682 Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 13 Oct 2019 09:54:28 GMT Content-Encoding gzip X-Powered-By Express Vary Accept-Encoding Access-Control-Allow-Methods GET,PUT,POST,DELETE Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control public, max-age=3600 Transfer-Encoding chunked X-MM-Host cdg-mathid-x1 Connection keep-alive Access-Control-Allow-Headers Content-type, X-Optout Keep-Alive timeout=360 Expires Sun, 13 Oct 2019 10:54:28 GMT
GET H/1.1	200 OK	analytics.js Show response s.update.rubiconproject.com/2/873648/ Frame 6C1E	4 KB 2 KB	3402ms 28ms	Script application/javascript	18.203.197.143 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://s.update.rubiconproject.com/2/873648/analytics.js?si=36514&di=nhadatgroup.forumvi.com&ap=&dm=2&pi=151376&ti=584ced0c-4df6-486a-b9cd-b3e23cd14dae&r5=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&dt=8736481428691810142000 Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 18.203.197.143 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-18-203-197-143.eu-west-1.compute.amazonaws.com Software / Resource Hash 984899ca8c04bc96c508c3afea8b25f0c67b83ca0cad9d11c4784ccc9008019d Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Sun, 13 Oct 2019 09:54:30 GMT Content-Encoding gzip Vary * Content-Type application/javascript Cache-Control no-cache, no-store, must-revalidate, no-transform, private, max-age=0 Timing-Allow-Origin * Content-Length 2111 Expires 0
GET H/1.1	200 OK	usync.html eus.rubiconproject.com/ Frame FDFC	0 0	7ms 6ms	Document text/html	104.109.78.125 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?&geo=eu&co=de Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.109.78.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a104-109-78-125.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash Request headers Host eus.rubiconproject.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode nested-navigate Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site cross-site Referer https://nhadatgroup.forumvi.com/t304-topic Accept-Encoding gzip, deflate, br Cookie rsid=1|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxptBfrzPAh1r4H5OGjlRsLybbqMiOGkSHO3tj2oYW2peUXLM3KhKxP1tUBJlFYZ4hQ5JcvaexNK8Cn3X/UNbPWpJKXQKV6YB7vxlRF/OivwyJA1Cf1tg/Usaek=; ses15=36514^1; vis15=36514^1; ses2=36514^1; vis2=36514^1; khaos=K1OTAUOW-10-D71L; audit=1|hLZGFuTafB3zrnjYgqn/ye99qzxPzGzoonYyFRaRePl6Rj1mrx+PPT6nBc4U4EHwGmSWAglnwOnmj1555WWdsoAXuoDlYL8Aa1Atf5hwqBo= Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode nested-navigate Referer https://nhadatgroup.forumvi.com/t304-topic Response headers Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Last-Modified Wed, 09 Oct 2019 22:56:27 GMT Content-Encoding gzip Content-Length 7653 Content-Type text/html; charset=UTF-8 Cache-Control max-age=47815 Expires Sun, 13 Oct 2019 23:11:22 GMT Date Sun, 13 Oct 2019 09:54:27 GMT Connection keep-alive Vary Accept-Encoding
GET H2	200	view Show response securepubads.g.doubleclick.net/pcs/ Frame C49C	0 286 B	17ms 17ms	Fetch image/gif	172.217.16.162 Google LLC
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssavXEgOl9oY9Uk9z7Jxd5FaWWYph2yk3uxAK7h0n0JP5KD-DCOltaC3X_y3AkpAYvFr4v-oD5lpnzRr2HDOsmUnAzQ_DYZ6XiSTK7WD9xHpJs8fDxrBQ2gqb7G8BuXJJnN9Q9wU7wKaLCZk7MguLaXRde5JvIsQoc8xAWbf_YtB3M6HutfNsGbxEjbpoBkeevSgVKdFHwWTmUng86nnhUCt5PhopudhWPFxQQzH_kiudTWNLIguifMmVvgDQtJveiCxOSis9jhXIuZNlSqi_pRsrgh74kC&sai=AMfl-YQvlECQ8QVsV4To-Fkc2l2gG6a377CbLZ6zTRjzVJO1gyFxKPeh_cYw1JU-pn9OXKw5WHmeDZR7-XH3Y3q_122MJAYlR1s79khBdKD-&sig=Cg0ArKJSzAODBSJeOWE1EAE&urlfix=1&adurl= Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s11-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Sun, 13 Oct 2019 09:54:28 GMT x-content-type-options nosniff server cafe status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private content-type image/gif alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sun, 13 Oct 2019 09:54:28 GMT
GET H/1.1	200 OK	banner b.a2gw.com/ Frame DEEF	0 0	137ms 28ms	Document text/html	34.249.204.108 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://b.a2gw.com/banner?dfp=21773486844&cw=300&ch=250&_cb=1542475143 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.249.204.108 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-34-249-204-108.eu-west-1.compute.amazonaws.com Software nginx/1.14.1 / Resource Hash Request headers Host b.a2gw.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode nested-navigate Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site cross-site Referer https://nhadatgroup.forumvi.com/t304-topic Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode nested-navigate Referer https://nhadatgroup.forumvi.com/t304-topic Response headers Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Sun, 13 Oct 2019 09:54:28 GMT Expires 0 Server nginx/1.14.1 Content-Length 281 Connection keep-alive
GET H2	200	osd_listener.js Show response www.googletagservices.com/activeview/js/current/ Frame C49C	77 KB 29 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:806::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019100301.js?21064579 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash b9ff1458bf3b7fc93c0312feca098dc18a387d52f9ee4b59fd426eee59789809 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:28 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1570792838566027" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 29542 x-xss-protection 0 expires Sun, 13 Oct 2019 09:54:28 GMT
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/ Frame 334C	77 KB 28 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:806::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019100301.js?21064579 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 128869a25131fc642133dda16f4e88b723e1623e20234a39d260a1f0267c518f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:28 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1570792838566027" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 29055 x-xss-protection 0 expires Sun, 13 Oct 2019 09:54:28 GMT
GET H/1.1	200 OK	ck-confirm tags.mathtag.com/ Frame 6C1E	49 B 329 B	29ms 29ms	Image image/gif	185.29.133.223 MediaMath Inc
General Check archive.org Show headers Download Go to Show image Full URL https://tags.mathtag.com/ck-confirm?bid_id=3749587579501394259&node_id=720&exch_id=9&mathid_data=%7B%22dv1%22%3A%22TW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzc0LjAuMzcyOS4xNjkgU2FmYXJpLzUzNy4zNg%3D%3D%22%2C%22dv2%22%3A%22NWI2NjgwZjU1ZmFiYmMxM2YxMGMwMDgyNTM4NjQ0OTk%3D%22%2C%22dv3%22%3A%22%22%2C%22dv4%22%3A%22MTYwMHwxMjAwfDE2MDB8MTIwMHwyNHx8%22%2C%22dv5%22%3A%22RXVyb3BlL0Jlcmxpbg%3D%3D%22%2C%22dv6%22%3A%22%22%2C%22dv7%22%3A%22MA%3D%3D%22%2C%22dv8%22%3A%22ZmFsc2V8dHJ1ZXx0cnVl%22%2C%22dv9%22%3A%22fGVuLVVTfA%3D%3D%22%2C%22dv10%22%3A%22TW96aWxsYXxOZXRzY2FwZXxMaW51eCB4ODZfNjR8%22%7D Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.29.133.223 , United Kingdom, ASN30419 (MEDIAMATH-INC - MediaMath Inc, US), Reverse DNS Software MMBD/3.156.1 / Resource Hash 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944 Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 13 Oct 2019 09:54:28 GMT Server MMBD/3.156.1 Content-Type image/gif Cache-Control no-cache x-mm-host zrh-router-x42, zrh-bidder-x73 Connection keep-alive Keep-Alive timeout=360 Content-Length 49 Expires Sun, 13 Oct 2019 09:54:27 GMT
GET DATA	200 OK	truncated / Frame C49C	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d35b8dc5ad66867b494f11febf9397a2901357be72767b18fc16e0771ff9674c Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
POST H/1.1	200 OK	ping Show response api.viglink.com/api/	341 B 1 KB	142ms 39ms	XHR text/javascript	34.246.252.247 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://api.viglink.com/api/ping Requested by Host: cdn.viglink.com URL: https://cdn.viglink.com/api/vglnk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.246.252.247 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-34-246-252-247.eu-west-1.compute.amazonaws.com Software Apache-Coyote/1.1 / Resource Hash 9879513d047e0903a3a892d1efe80ca61743a63101c2c8f59ae459b85592501e Request headers Sec-Fetch-Mode cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers Pragma no-cache Date Sun, 13 Oct 2019 09:54:28 GMT Server Apache-Coyote/1.1 P3P CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI" Access-Control-Allow-Origin https://nhadatgroup.forumvi.com Cache-Control no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/javascript;charset=UTF-8 Content-Length 341 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	tag.min.js Show response get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/ Redirect Chain https://api.viglink.com/api/sync.js?key=9019de09e2fbd24ca1be00a9fededd9e https://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js	43 KB 14 KB	35ms 7ms	Script text/javascript	2600:9000:20eb:8200:1f:287:d20a:ce1 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:20eb:8200:1f:287:d20a:ce1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software AmazonS3 / Resource Hash 4581a8ee1f3b5103458e5ad88a90c847bacce216bb021fc8a21d9d9f9e0e3d1b Request headers Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-amz-version-id ZHambxBZf8oDBVbsA2eKvhosoGHeIUKy content-encoding gzip last-modified Fri, 06 Sep 2019 22:23:21 GMT server AmazonS3 age 1557 date Sun, 13 Oct 2019 09:30:02 GMT vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript status 200 cache-control max-age=3600 x-amz-cf-pop FRA2-C1 x-amz-cf-id loCh6r1l9JN75_O2aXFBgVlWLIOcVMppehfs_zaNQRfeqS6G3pMhhw== via 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront) Redirect headers Pragma no-cache Date Sun, 13 Oct 2019 09:54:28 GMT Server Apache-Coyote/1.1 P3P CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI" Location https://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js Cache-Control no-cache, no-store Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	204 No Content	merge ce.lijit.com/ Redirect Chain https://api.viglink.com/api/sync.gif?key=9019de09e2fbd24ca1be00a9fededd9e https://ce.lijit.com/merge?pid=8008&3pid=d64f8b61a7b80bed9aceab6f8905c4f4	0 532 B	56ms 13ms	Image text/html	216.52.2.48 Internap Corporation
General Check archive.org Show headers Download Go to Show image Full URL https://ce.lijit.com/merge?pid=8008&3pid=d64f8b61a7b80bed9aceab6f8905c4f4 Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US), Reverse DNS Software nginx / raptor Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Sun, 13 Oct 2019 09:54:28 GMT Server nginx X-Powered-By raptor P3P CP="CUR ADM OUR NOR STA NID" Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 X-Sovrn-Pod ap5ams1 Content-Type text/html;charset=utf-8 X-Application-Context application:prod:9080 Expires Fri, 20 Mar 2009 00:00:00 GMT Redirect headers Pragma no-cache Date Sun, 13 Oct 2019 09:54:28 GMT Server Apache-Coyote/1.1 P3P CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI" Location https://ce.lijit.com/merge?pid=8008&3pid=d64f8b61a7b80bed9aceab6f8905c4f4 Cache-Control no-cache, no-store Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
POST H/1.1	200 OK	domains Show response api.viglink.com/api/	42 B 497 B	54ms 30ms	XHR text/javascript	34.246.252.247 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://api.viglink.com/api/domains Requested by Host: cdn.viglink.com URL: https://cdn.viglink.com/api/vglnk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.246.252.247 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-34-246-252-247.eu-west-1.compute.amazonaws.com Software Apache-Coyote/1.1 / Resource Hash 0402450bffe78f7d1dd844639522c99ad807f5d5d380dc7baa742ae2d90088d4 Request headers Sec-Fetch-Mode cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers Pragma no-cache Date Sun, 13 Oct 2019 09:54:27 GMT Server Apache-Coyote/1.1 P3P CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI" Access-Control-Allow-Origin https://nhadatgroup.forumvi.com Cache-Control no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/javascript;charset=UTF-8 Content-Length 42 Expires Thu, 01 Jan 1970 00:00:00 GMT
POST H/1.1	200 OK	insert Show response api.viglink.com/api/	117 B 573 B	85ms 32ms	XHR text/javascript	34.246.252.247 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://api.viglink.com/api/insert Requested by Host: cdn.viglink.com URL: https://cdn.viglink.com/api/vglnk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.246.252.247 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-34-246-252-247.eu-west-1.compute.amazonaws.com Software Apache-Coyote/1.1 / Resource Hash f49f8014b81d85a32ba9a45bd4f0ce9e5245fa09d4ddb371bb7b5ac585d02d18 Request headers Sec-Fetch-Mode cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers Pragma no-cache Date Sun, 13 Oct 2019 09:54:28 GMT Server Apache-Coyote/1.1 P3P CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI" Access-Control-Allow-Origin https://nhadatgroup.forumvi.com Cache-Control no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/javascript;charset=UTF-8 Content-Length 117 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	/ Show response onetag-geo.s-onetag.com/	23 B 421 B	472ms 456ms	XHR application/json	2600:9000:200d:8000:5:ae3a:ba00:93a1 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://onetag-geo.s-onetag.com/ Requested by Host: get.s-onetag.com URL: https://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:200d:8000:5:ae3a:ba00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software / Resource Hash 0e050f9a5bf10df9f61597a26488064c02aeb24324ee6ef873c3681ed05663ef Request headers Sec-Fetch-Mode cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:28 GMT via 1.1 b7f7970e9c911e165d4cb9f70deac42a.cloudfront.net (CloudFront), 1.1 96c175ce63da79b249fc4597809077cc.cloudfront.net (CloudFront) x-amz-cf-pop FRA53, FRA50 x-amzn-requestid 31bc0588-9777-4aad-b143-832f3060b8a9 status 200 x-cache Miss from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=3600 x-amz-apigw-id BfsdQHZ6SK4FlFg= content-length 23 x-amz-cf-id ExCf1DG2fWB9gQw6S04QPgmBRlNZbzgDRKwe6KVTuiEAws_h3s73Sw==
GET H2	200	beacon.min.js Show response beacon.s-onetag.com/	18 KB 6 KB	30ms 7ms	Script application/javascript	2600:9000:200d:1e00:5:9a4c:9b00:93a1 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://beacon.s-onetag.com/beacon.min.js Requested by Host: get.s-onetag.com URL: https://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:200d:1e00:5:9a4c:9b00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software AmazonS3 / Resource Hash 662fa6bcdf71d8f92e29010d3e2e270e0071e5d19b1d14ce205654a78aa0a7a9 Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-amz-version-id dQ2IPgbwW_sArXQW0CBb3eN5W57SqoQ0 content-encoding gzip last-modified Thu, 04 Apr 2019 09:35:05 GMT server AmazonS3 age 3168 date Sun, 13 Oct 2019 09:01:40 GMT vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript status 200 cache-control max-age=3600 x-amz-cf-pop FRA50 x-amz-cf-id Cv8r0pMl6Hr84x6hs79xfOJ6HBXeWxd5pegTR5eyK1dCvdMjEpn-bA== via 1.1 029f15a661be82d29f31e88713b71d65.cloudfront.net (CloudFront)
POST H/1.1	400 Bad Request	optimize Show response api.viglink.com/api/	986 B 1 KB	31ms 31ms	XHR text/html	34.246.252.247 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://api.viglink.com/api/optimize Requested by Host: cdn.viglink.com URL: https://cdn.viglink.com/api/vglnk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.246.252.247 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-34-246-252-247.eu-west-1.compute.amazonaws.com Software Apache-Coyote/1.1 / Resource Hash 4192f7a925a86b25b87e422c509071dc6d5222fef92358406b627882ee2c22af Request headers Sec-Fetch-Mode cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers Pragma no-cache Date Sun, 13 Oct 2019 09:54:27 GMT Server Apache-Coyote/1.1 Content-Language en P3P CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI" Access-Control-Allow-Origin https://nhadatgroup.forumvi.com Cache-Control no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html;charset=utf-8 Content-Length 986 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	zrti13rjdl37 Show response hal9000.redintelligence.net/zone/ Frame 10CB	10 KB 3 KB	9ms 3ms	Script text/html	138.201.63.164 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal9000.redintelligence.net/zone/zrti13rjdl37?subid=&rnd=670609486240921939&extVar[]=DOUBLEBORDER:1&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D670609486240921939%26mt_id%3D6622472%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3Da4b85da2-f455-4101-9ccd-e9c2ad28f2c2%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F52d6066a-8c5b-44a3-9577-63174a230aec%2F%26redirect%3D Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 138.201.63.164 Heppenheim an der Bergstrasse, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.164.63.201.138.clients.your-server.de Software Apache / Resource Hash 46a6ccbaf8c2c7574046d68c26aa65602832a3a37167d2b6bc489a48a3ab097c Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 13 Oct 2019 09:54:30 GMT Content-Encoding gzip Server Apache Connection close Content-Length 2815 Vary Accept-Encoding Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	img pixel.mathtag.com/event/ Frame 10CB	43 B 360 B	19ms 19ms	Image image/gif	2.18.233.201 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=9&v2=670609486240921939&v3=651871&v4=4562355&v5=6622472&mt_nsync=1&no_attr=1 Requested by Host: tags.mathtag.com URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIwLyAvTkdZelpUWmtOelF0WmpVNE9TMDBOVGt4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzY3MDYwOTQ4NjI0MDkyMTkzOS82NjIyNDcyLzQ1NjIzNTUvOS84MHZfSHJZYjBUck14b1QxU1Vubmxmc0tkdmJSWEpzSmVNZHNPdnBHazA4LzEvOS8wLzAvOTU2ODAzLzI0MjA5Mjc3NzQvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzY3MDYwOTQ4NjI0MDkyMTkzOS96cmgvMC85MDYvNDkvOTk5LzQwLzE0NC43Ni4xMDkuMC8wLjAwMC8xNTcwOTYwNDY3Lw/OLiTMxzemPdKgQdZC_94diCS2_U&nodeid=37&auctionid=670609486240921939&exch=ruc&sid=4562355&cid=6622472&price=7FF00CD929E26837&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&group=eu&bp=a_aceaaa&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F52d6066a-8c5b-44a3-9577-63174a230aec%2F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-18-233-201.deploy.static.akamaitechnologies.com Software MT3 1734 ed2a032 master zrh-pixel-x20 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 13 Oct 2019 09:54:30 GMT Server MT3 1734 ed2a032 master zrh-pixel-x20 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Expires Sun, 13 Oct 2019 09:54:29 GMT
GET H/1.1	200 OK	img tags.mathtag.com/event/ Frame 10CB	49 B 328 B	26ms 26ms	Image image/gif	185.29.133.223 MediaMath Inc
General Check archive.org Show headers Download Go to Show image Full URL https://tags.mathtag.com/event/img?type=mmImpTrack&exch=ruc&bid=670609486240921939&st=4562355&time=1570960469&nodeid=37 Requested by Host: tags.mathtag.com URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIwLyAvTkdZelpUWmtOelF0WmpVNE9TMDBOVGt4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzY3MDYwOTQ4NjI0MDkyMTkzOS82NjIyNDcyLzQ1NjIzNTUvOS84MHZfSHJZYjBUck14b1QxU1Vubmxmc0tkdmJSWEpzSmVNZHNPdnBHazA4LzEvOS8wLzAvOTU2ODAzLzI0MjA5Mjc3NzQvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzY3MDYwOTQ4NjI0MDkyMTkzOS96cmgvMC85MDYvNDkvOTk5LzQwLzE0NC43Ni4xMDkuMC8wLjAwMC8xNTcwOTYwNDY3Lw/OLiTMxzemPdKgQdZC_94diCS2_U&nodeid=37&auctionid=670609486240921939&exch=ruc&sid=4562355&cid=6622472&price=7FF00CD929E26837&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&group=eu&bp=a_aceaaa&3pck=http%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F52d6066a-8c5b-44a3-9577-63174a230aec%2F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.29.133.223 , United Kingdom, ASN30419 (MEDIAMATH-INC - MediaMath Inc, US), Reverse DNS Software MMBD/3.156.1 / Resource Hash 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944 Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 13 Oct 2019 09:54:30 GMT Server MMBD/3.156.1 Content-Type image/gif Cache-Control no-cache x-mm-host zrh-router-x23, zrh-bidder-x5 Connection keep-alive Keep-Alive timeout=360 Content-Length 49 Expires Sun, 13 Oct 2019 09:54:29 GMT
GET H/1.1	200 OK	request.php Show response hal900021.redintelligence.net/ Frame 10CB	2 KB 1 KB	52ms 46ms	Script application/x-javascript	138.201.84.253 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900021.redintelligence.net/request.php?zone=zrti13rjdl37&nw=20&renderingType=javascript&namespace=a01c102124&subid=&uid=d746a4eab05efa8b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D670609486240921939%26mt_id%3D6622472%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3Da4b85da2-f455-4101-9ccd-e9c2ad28f2c2%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F52d6066a-8c5b-44a3-9577-63174a230aec%2F%26redirect%3D&documentReferer=https%3A%2F%2Fnhadatgroup.forumvi.com%2Ft304-topic&ancestorOrigins=https%3A%2F%2Fnhadatgroup.forumvi.com&random=6265646937664&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Requested by Host: hal9000.redintelligence.net URL: https://hal9000.redintelligence.net/zone/zrti13rjdl37?subid=&rnd=670609486240921939&extVar[]=DOUBLEBORDER:1&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D670609486240921939%26mt_id%3D6622472%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3Da4b85da2-f455-4101-9ccd-e9c2ad28f2c2%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F52d6066a-8c5b-44a3-9577-63174a230aec%2F%26redirect%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 138.201.84.253 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.253.84.201.138.clients.your-server.de Software Apache / Resource Hash fbb2234c47c3873ebbb9bbb3a06146a70a5c6c0ce7855492be008b4db26c9214 Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Sun, 13 Oct 2019 09:54:30 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-store, no-cache, must-revalidate, max-age=0 X-NEORY-SubId 24430100057379100951457011015021 Connection close Content-Type application/x-javascript; charset=utf-8 Content-Length 722 Expires Sun, 13 Oct 2019 10:54:30 +0200
GET H/1.1	200 OK	request_content.php hal900021.redintelligence.net/ Frame 531D	0 0	3ms 1ms	Document text/html	138.201.84.253 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900021.redintelligence.net/request_content.php?s=24430100057379100951457011015021&a=8d8d54a8 Requested by Host: hal900021.redintelligence.net URL: https://hal900021.redintelligence.net/request.php?zone=zrti13rjdl37&nw=20&renderingType=javascript&namespace=a01c102124&subid=&uid=d746a4eab05efa8b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D670609486240921939%26mt_id%3D6622472%26mt_adid%3D216536%26mt_sid%3D4562355%26mt_exid%3D9%26mt_inapp%3D0%26mt_uuid%3Da4b85da2-f455-4101-9ccd-e9c2ad28f2c2%26mt_3pck%3Dhttp%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F52d6066a-8c5b-44a3-9577-63174a230aec%2F%26redirect%3D&documentReferer=https%3A%2F%2Fnhadatgroup.forumvi.com%2Ft304-topic&ancestorOrigins=https%3A%2F%2Fnhadatgroup.forumvi.com&random=6265646937664&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 138.201.84.253 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.253.84.201.138.clients.your-server.de Software Apache / Resource Hash Request headers Host hal900021.redintelligence.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode nested-navigate Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site cross-site Referer https://nhadatgroup.forumvi.com/t304-topic Accept-Encoding gzip, deflate, br Cookie 8lcfmzhxc8d6_uid=b821ac298497dfca Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode nested-navigate Referer https://nhadatgroup.forumvi.com/t304-topic Response headers Date Sun, 13 Oct 2019 09:54:30 GMT Server Apache Cache-Control no-store, no-cache, must-revalidate, max-age=0 Expires Sun, 13 Oct 2019 10:54:30 +0200 Pragma no-cache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Vary Accept-Encoding Content-Encoding gzip Content-Length 893 Connection close Content-Type text/html; charset=utf-8
GET H2	200	htlp.html cdn-network.medialead.eu/trck/htlp/ Frame 10CB Redirect Chain https://www.awin1.com/cshow.php?s=2457330&v=14265&q=370223&r=296283&pref1=24430100057379100951457011015021&pv=1 https://cdn-network.medialead.eu/trck/htlp/htlp.html?campaign_id=14&utm_source=affiliate&publisher_id=14265_296283_1570960470_73587230-ed9f-11e9-9e84-692d05b6e871&ad_type=2457330&ad_number=2457330	0 742 B	99ms 64ms	Image text/html	46.105.200.138 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-network.medialead.eu/trck/htlp/htlp.html?campaign_id=14&utm_source=affiliate&publisher_id=14265_296283_1570960470_73587230-ed9f-11e9-9e84-692d05b6e871&ad_type=2457330&ad_number=2457330 Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 46.105.200.138 , France, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:30 GMT content-encoding br x-cacheable Cacheable status 200 x-cdn-pop sbg content-length 1 x-request-id 7189fbf4d4a372c90776ca2f12b91c82 pragma no-cache x-cdn-pop-ip 137.74.120.32/27 vary Accept-Encoding access-control-allow-methods GET,PUT,POST,DELETE,OPTIONS content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control no-store, no-cache, must-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization expires Thu, 19 Nov 1981 08:52:00 GMT Redirect headers Location https://cdn-network.medialead.eu/trck/htlp/htlp.html?campaign_id=14&utm_source=affiliate&publisher_id=14265_296283_1570960470_73587230-ed9f-11e9-9e84-692d05b6e871&ad_type=2457330&ad_number=2457330 Date Sun, 13 Oct 2019 09:54:30 GMT Awin-Akamai-Rule-Set default Connection keep-alive Content-Length 0 Node Helix P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
GET H/1.1	200 OK	id.js Show response mathid.mathtag.com/device/ Frame 10CB	54 KB 19 KB	29ms 29ms	Script text/javascript	185.29.135.48 MediaMath Inc
General Check archive.org Show headers Download Go to Full URL https://mathid.mathtag.com/device/id.js Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.29.135.48 , United Kingdom, ASN30419 (MEDIAMATH-INC - MediaMath Inc, US), Reverse DNS Software / Express Resource Hash b08fefb255b40cd18b0f7db8ec21c6f0c79d16aa828d7ed9157da12a38538682 Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 13 Oct 2019 09:54:30 GMT Content-Encoding gzip X-Powered-By Express Vary Accept-Encoding Access-Control-Allow-Methods GET,PUT,POST,DELETE Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control public, max-age=3600 Transfer-Encoding chunked X-MM-Host cdg-mathid-x1 Connection keep-alive Access-Control-Allow-Headers Content-type, X-Optout Keep-Alive timeout=360 Expires Sun, 13 Oct 2019 10:54:30 GMT
GET H/1.1	200 OK	usync.html eus.rubiconproject.com/ Frame FB9B	0 0	6ms 6ms	Document text/html	104.109.78.125 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?&geo=eu&co=de Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.109.78.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a104-109-78-125.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash Request headers Host eus.rubiconproject.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode nested-navigate Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site cross-site Referer https://nhadatgroup.forumvi.com/t304-topic Accept-Encoding gzip, deflate, br Cookie rsid=1|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxptBfrzPAh1r4H5OGjlRsLybbqMiOGkSHO3tj2oYW2peUXLM3KhKxP1tUBJlFYZ4hQ5JcvaexNK8Cn3X/UNbPWpJKXQKV6YB7vxlRF/OivwyJA1Cf1tg/Usaek=; ses15=36514^1; vis15=36514^1; ses2=36514^1; vis2=36514^1; khaos=K1OTAUOW-10-D71L; audit=1|hLZGFuTafB3zrnjYgqn/ye99qzxPzGzoonYyFRaRePl6Rj1mrx+PPT6nBc4U4EHwGmSWAglnwOnmj1555WWdsoAXuoDlYL8Aa1Atf5hwqBo=; pux=1512%3D85738%262249%3D85738%262307%3D85738%262974%3D85738%263778%3D85738%26goog%3D85738%26brx%3D85738%26idl%3D85738%26 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode nested-navigate Referer https://nhadatgroup.forumvi.com/t304-topic Response headers Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Last-Modified Wed, 09 Oct 2019 22:56:27 GMT Content-Encoding gzip Content-Length 7653 Content-Type text/html; charset=UTF-8 Cache-Control max-age=47812 Expires Sun, 13 Oct 2019 23:11:22 GMT Date Sun, 13 Oct 2019 09:54:30 GMT Connection keep-alive Vary Accept-Encoding
GET H/1.1	200 OK	ck-confirm tags.mathtag.com/ Frame 10CB	49 B 328 B	37ms 37ms	Image image/gif	185.29.133.223 MediaMath Inc
General Check archive.org Show headers Download Go to Show image Full URL https://tags.mathtag.com/ck-confirm?bid_id=670609486240921939&node_id=37&exch_id=9&mathid_data=%7B%22dv1%22%3A%22TW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzc0LjAuMzcyOS4xNjkgU2FmYXJpLzUzNy4zNg%3D%3D%22%2C%22dv2%22%3A%22NWI2NjgwZjU1ZmFiYmMxM2YxMGMwMDgyNTM4NjQ0OTk%3D%22%2C%22dv3%22%3A%22%22%2C%22dv4%22%3A%22MTYwMHwxMjAwfDE2MDB8MTIwMHwyNHx8%22%2C%22dv5%22%3A%22RXVyb3BlL0Jlcmxpbg%3D%3D%22%2C%22dv6%22%3A%22%22%2C%22dv7%22%3A%22MA%3D%3D%22%2C%22dv8%22%3A%22ZmFsc2V8dHJ1ZXx0cnVl%22%2C%22dv9%22%3A%22fGVuLVVTfA%3D%3D%22%2C%22dv10%22%3A%22TW96aWxsYXxOZXRzY2FwZXxMaW51eCB4ODZfNjR8%22%7D Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.29.133.223 , United Kingdom, ASN30419 (MEDIAMATH-INC - MediaMath Inc, US), Reverse DNS Software MMBD/3.156.1 / Resource Hash 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944 Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 13 Oct 2019 09:54:30 GMT Server MMBD/3.156.1 Content-Type image/gif Cache-Control no-cache x-mm-host zrh-router-x24, zrh-bidder-x5 Connection keep-alive Keep-Alive timeout=360 Content-Length 49 Expires Sun, 13 Oct 2019 09:54:29 GMT
POST H/1.1	200 OK	postback Show response s.update.rubiconproject.com/2/4.49.0/873648/Y_RTXU2oePadzLdZadFjrJXiQtiUi4vv/ Frame 6C1E	2 B 159 B	183ms 27ms	XHR text/plain	18.203.197.143 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://s.update.rubiconproject.com/2/4.49.0/873648/Y_RTXU2oePadzLdZadFjrJXiQtiUi4vv/postback?oz_pl=1&si=36514&di=nhadatgroup.forumvi.com&pi=151376&ti=584ced0c-4df6-486a-b9cd-b3e23cd14dae&ap=&r5=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&dm=2&dt=8736481428691810142000&ci=873648 Requested by Host: s.update.rubiconproject.com URL: https://s.update.rubiconproject.com/2/873648/analytics.js?si=36514&di=nhadatgroup.forumvi.com&ap=&dm=2&pi=151376&ti=584ced0c-4df6-486a-b9cd-b3e23cd14dae&r5=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&dt=8736481428691810142000 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 18.203.197.143 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-18-203-197-143.eu-west-1.compute.amazonaws.com Software / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Sec-Fetch-Mode cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Sun, 13 Oct 2019 09:54:31 GMT Timing-Allow-Origin * Content-Length 2 Content-Type text/plain
GET H/1.1	200 OK	main.js Show response s.update.rubiconproject.com/2/4.49.0/ Frame 6C1E	114 KB 34 KB	28ms 27ms	Script application/javascript	18.203.197.143 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://s.update.rubiconproject.com/2/4.49.0/main.js Requested by Host: s.update.rubiconproject.com URL: https://s.update.rubiconproject.com/2/873648/analytics.js?si=36514&di=nhadatgroup.forumvi.com&ap=&dm=2&pi=151376&ti=584ced0c-4df6-486a-b9cd-b3e23cd14dae&r5=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&dt=8736481428691810142000 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 18.203.197.143 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-18-203-197-143.eu-west-1.compute.amazonaws.com Software / Resource Hash 3df99a88c494f55ff3f61337c4a9d72d2b75f6c4f5c0cf98c56bab46d51bf04c Request headers Sec-Fetch-Mode no-cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 13 Oct 2019 09:54:30 GMT Content-Encoding br Vary Accept-Encoding Content-Type application/javascript Cache-Control public, no-transform, immutable, max-age=9999999 Timing-Allow-Origin * Content-Length 34041 Expires Wed, 01 Jan 2020 00:00:00 GMT
POST H/1.1	200 OK	postback Show response s.update.rubiconproject.com/2/4.49.0/873648/Y_RTXU2oePadzLdZadFjrJXiQtiUi4vv/ Frame 6C1E	2 B 159 B	139ms 27ms	XHR text/plain	18.203.197.143 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://s.update.rubiconproject.com/2/4.49.0/873648/Y_RTXU2oePadzLdZadFjrJXiQtiUi4vv/postback?si=36514&di=nhadatgroup.forumvi.com&pi=151376&ti=584ced0c-4df6-486a-b9cd-b3e23cd14dae&ap=&r5=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&dm=2&dt=8736481428691810142000&ci=873648&oz_tc=Y_RTXU2oePadzLdZadFjrJXiQtiUi4vv&oz_sc=287fbe2207fecc7d0316cdcf&oz_st=1570960471375&oz_v=4.49.0&dp=nhadatgroup.forumvi.com&oz_df=73&oz_l=5013&cv=3 Requested by Host: s.update.rubiconproject.com URL: https://s.update.rubiconproject.com/2/4.49.0/main.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 18.203.197.143 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-18-203-197-143.eu-west-1.compute.amazonaws.com Software / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Sec-Fetch-Mode cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Sun, 13 Oct 2019 09:54:31 GMT Timing-Allow-Origin * Content-Length 2 Content-Type text/plain
POST H/1.1	200 OK	postback Show response s.update.rubiconproject.com/2/4.49.0/873648/Y_RTXU2oePadzLdZadFjrJXiQtiUi4vv/ Frame 6C1E	2 B 159 B	169ms 27ms	XHR text/plain	18.203.197.143 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://s.update.rubiconproject.com/2/4.49.0/873648/Y_RTXU2oePadzLdZadFjrJXiQtiUi4vv/postback?oz_pl=1&si=36514&di=nhadatgroup.forumvi.com&pi=151376&ti=584ced0c-4df6-486a-b9cd-b3e23cd14dae&ap=&r5=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&dm=2&dt=8736481428691810142000&ci=873648 Requested by Host: s.update.rubiconproject.com URL: https://s.update.rubiconproject.com/2/873648/analytics.js?si=36514&di=nhadatgroup.forumvi.com&ap=&dm=2&pi=151376&ti=584ced0c-4df6-486a-b9cd-b3e23cd14dae&r5=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&dt=8736481428691810142000 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 18.203.197.143 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-18-203-197-143.eu-west-1.compute.amazonaws.com Software / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Sec-Fetch-Mode cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Sun, 13 Oct 2019 09:54:31 GMT Timing-Allow-Origin * Content-Length 2 Content-Type text/plain
GET BLOB	200 OK	95140617-cfd1-433f-8f29-0cc9e9060203 https://nhadatgroup.forumvi.com/ Frame 6C1E	476 B 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://nhadatgroup.forumvi.com/95140617-cfd1-433f-8f29-0cc9e9060203 Requested by Host: s.update.rubiconproject.com URL: https://s.update.rubiconproject.com/2/4.49.0/main.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 3e811b97dc60cf37a74f0bffee4222c2697e409c2cc78548e47b3384926c4338 Request headers Sec-Fetch-Mode same-origin User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Length 476
POST H/1.1	200 OK	postback Show response s.update.rubiconproject.com/2/4.49.0/873648/Y_RTXU2oePadzLdZadFjrJXiQtiUi4vv/ Frame 6C1E	2 B 159 B	161ms 27ms	XHR text/plain	18.203.197.143 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://s.update.rubiconproject.com/2/4.49.0/873648/Y_RTXU2oePadzLdZadFjrJXiQtiUi4vv/postback?si=36514&di=nhadatgroup.forumvi.com&pi=151376&ti=584ced0c-4df6-486a-b9cd-b3e23cd14dae&ap=&r5=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&dm=2&dt=8736481428691810142000&ci=873648&oz_tc=Y_RTXU2oePadzLdZadFjrJXiQtiUi4vv&oz_sc=287fbe2207fecc7d0316cdcf&oz_st=1570960471375&oz_v=4.49.0&dp=nhadatgroup.forumvi.com&oz_df=111&oz_l=4769&cv=3 Requested by Host: s.update.rubiconproject.com URL: https://s.update.rubiconproject.com/2/4.49.0/main.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 18.203.197.143 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-18-203-197-143.eu-west-1.compute.amazonaws.com Software / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Sec-Fetch-Mode cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Sun, 13 Oct 2019 09:54:31 GMT Timing-Allow-Origin * Content-Length 2 Content-Type text/plain
POST H/1.1	200 OK	custom Show response pushmono.com/	39 B 498 B	13ms 13ms	Fetch application/json	206.54.165.248 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://pushmono.com/custom Requested by Host: nhadatgroup.forumvi.com URL: https://nhadatgroup.forumvi.com/t304-topic Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 206.54.165.248 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Sec-Fetch-Mode cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/json Response headers X-Trace-Id 04eff280147432c6919004a4a413422e Date Sun, 13 Oct 2019 09:54:31 GMT X-Content-Type-Options nosniff Server nginx Strict-Transport-Security max-age=1 Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://nhadatgroup.forumvi.com Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 39
POST H/1.1	200 OK	postback Show response s.update.rubiconproject.com/2/4.49.0/873648/Y_RTXU2oePadzLdZadFjrJXiQtiUi4vv/ Frame 6C1E	2 B 159 B	87ms 27ms	XHR text/plain	18.203.197.143 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://s.update.rubiconproject.com/2/4.49.0/873648/Y_RTXU2oePadzLdZadFjrJXiQtiUi4vv/postback?si=36514&di=nhadatgroup.forumvi.com&pi=151376&ti=584ced0c-4df6-486a-b9cd-b3e23cd14dae&ap=&r5=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&dm=2&dt=8736481428691810142000&ci=873648&oz_tc=Y_RTXU2oePadzLdZadFjrJXiQtiUi4vv&oz_sc=287fbe2207fecc7d0316cdcf&oz_st=1570960471375&oz_v=4.49.0&dp=nhadatgroup.forumvi.com&oz_df=212&oz_l=19&cv=3 Requested by Host: s.update.rubiconproject.com URL: https://s.update.rubiconproject.com/2/4.49.0/main.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 18.203.197.143 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-18-203-197-143.eu-west-1.compute.amazonaws.com Software / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Sec-Fetch-Mode cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Sun, 13 Oct 2019 09:54:31 GMT Timing-Allow-Origin * Content-Length 2 Content-Type text/plain
POST H/1.1	200 OK	postback Show response s.update.rubiconproject.com/2/4.49.0/873648/Y_RTXU2oePadzLdZadFjrJXiQtiUi4vv/ Frame 6C1E	2 B 159 B	28ms 27ms	XHR text/plain	18.203.197.143 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://s.update.rubiconproject.com/2/4.49.0/873648/Y_RTXU2oePadzLdZadFjrJXiQtiUi4vv/postback?si=36514&di=nhadatgroup.forumvi.com&pi=151376&ti=584ced0c-4df6-486a-b9cd-b3e23cd14dae&ap=&r5=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&dm=2&dt=8736481428691810142000&ci=873648&oz_tc=Y_RTXU2oePadzLdZadFjrJXiQtiUi4vv&oz_sc=287fbe2207fecc7d0316cdcf&oz_st=1570960471375&oz_v=4.49.0&dp=nhadatgroup.forumvi.com&oz_df=412&oz_l=83&cv=3 Requested by Host: s.update.rubiconproject.com URL: https://s.update.rubiconproject.com/2/4.49.0/main.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 18.203.197.143 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-18-203-197-143.eu-west-1.compute.amazonaws.com Software / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Sec-Fetch-Mode cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Sun, 13 Oct 2019 09:54:31 GMT Timing-Allow-Origin * Content-Length 2 Content-Type text/plain
POST H/1.1	200 OK	postback Show response s.update.rubiconproject.com/2/4.49.0/873648/Y_RTXU2oePadzLdZadFjrJXiQtiUi4vv/ Frame 6C1E	2 B 159 B	28ms 27ms	XHR text/plain	18.203.197.143 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://s.update.rubiconproject.com/2/4.49.0/873648/Y_RTXU2oePadzLdZadFjrJXiQtiUi4vv/postback?si=36514&di=nhadatgroup.forumvi.com&pi=151376&ti=584ced0c-4df6-486a-b9cd-b3e23cd14dae&ap=&r5=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&dm=2&dt=8736481428691810142000&ci=873648&oz_tc=Y_RTXU2oePadzLdZadFjrJXiQtiUi4vv&oz_sc=287fbe2207fecc7d0316cdcf&oz_st=1570960471375&oz_v=4.49.0&dp=nhadatgroup.forumvi.com&oz_df=5111&oz_l=34&cv=3 Requested by Host: s.update.rubiconproject.com URL: https://s.update.rubiconproject.com/2/4.49.0/main.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 18.203.197.143 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-18-203-197-143.eu-west-1.compute.amazonaws.com Software / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Sec-Fetch-Mode cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Sun, 13 Oct 2019 09:54:36 GMT Timing-Allow-Origin * Content-Length 2 Content-Type text/plain
POST H/1.1	200 OK	postback Show response s.update.rubiconproject.com/2/4.49.0/873648/Y_RTXU2oePadzLdZadFjrJXiQtiUi4vv/ Frame 6C1E	2 B 159 B	29ms 29ms	XHR text/plain	18.203.197.143 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://s.update.rubiconproject.com/2/4.49.0/873648/Y_RTXU2oePadzLdZadFjrJXiQtiUi4vv/postback?si=36514&di=nhadatgroup.forumvi.com&pi=151376&ti=584ced0c-4df6-486a-b9cd-b3e23cd14dae&ap=&r5=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&dm=2&dt=8736481428691810142000&ci=873648&oz_tc=Y_RTXU2oePadzLdZadFjrJXiQtiUi4vv&oz_sc=287fbe2207fecc7d0316cdcf&oz_st=1570960471375&oz_v=4.49.0&dp=nhadatgroup.forumvi.com&oz_df=6111&oz_l=90&cv=3 Requested by Host: s.update.rubiconproject.com URL: https://s.update.rubiconproject.com/2/4.49.0/main.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 18.203.197.143 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-18-203-197-143.eu-west-1.compute.amazonaws.com Software / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Sec-Fetch-Mode cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin * Date Sun, 13 Oct 2019 09:54:37 GMT Timing-Allow-Origin * Content-Length 2 Content-Type text/plain
GET H2	200	/ Show response onetag-geo.s-onetag.com/	23 B 421 B	27ms 27ms	XHR application/json	2600:9000:200d:8000:5:ae3a:ba00:93a1 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://onetag-geo.s-onetag.com/ Requested by Host: beacon.s-onetag.com URL: https://beacon.s-onetag.com/beacon.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:200d:8000:5:ae3a:ba00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software / Resource Hash 0e050f9a5bf10df9f61597a26488064c02aeb24324ee6ef873c3681ed05663ef Request headers Sec-Fetch-Mode cors Referer https://nhadatgroup.forumvi.com/t304-topic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 13 Oct 2019 09:54:28 GMT via 1.1 b7f7970e9c911e165d4cb9f70deac42a.cloudfront.net (CloudFront), 1.1 96c175ce63da79b249fc4597809077cc.cloudfront.net (CloudFront) x-amz-cf-pop FRA53, FRA50 x-amzn-requestid 31bc0588-9777-4aad-b143-832f3060b8a9 status 200 x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=3600 x-amz-apigw-id BfsdQHZ6SK4FlFg= content-length 23 x-amz-cf-id 4O_xnwGn8V3HrbNNSC7QrEB6Y_TsFXlETGp1LdN6cujB1k3HbAgUrQ==