raovat.4umer.com Open in urlscan Pro
188.165.2.137 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://raovat.4umer.com/t138860-topic
Submission: On May 02 via manual (May 2nd 2019, 2:53:58 pm UTC) from VN

Summary HTTP 104 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 35 IPs in 4 countries across 28 domains to perform 104 HTTP transactions. The main IP is 188.165.2.137, located in France and belongs to OVH, FR. The main domain is raovat.4umer.com.

This is the only time raovat.4umer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	188.165.2.137 188.165.2.137	16276 (OVH) (OVH)
1	151.139.237.11 151.139.237.11	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
1	205.185.208.52 205.185.208.52	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
12	2606:4700:30:... 2606:4700:30::681f:566a	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	178.250.2.130 178.250.2.130	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
5	151.101.120.193 151.101.120.193	54113 (FASTLY) (FASTLY - Fastly)
1	178.33.44.177 178.33.44.177	16276 (OVH) (OVH)
8	2606:4700:30:... 2606:4700:30::6812:3907	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700:30:... 2606:4700:30::681b:850d	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700:30:... 2606:4700:30::681c:1c04	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	151.139.242.29 151.139.242.29	12989 (HWNG) (HWNG)
2	94.23.73.212 94.23.73.212	16276 (OVH) (OVH)
2	209.197.3.15 209.197.3.15	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
2	2a00:1450:400... 2a00:1450:4001:81b::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	151.101.2.2 151.101.2.2	54113 (FASTLY) (FASTLY - Fastly)
1	178.250.2.152 178.250.2.152	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:824::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
7	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700:30:... 2606:4700:30::6812:3807	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
10	216.58.207.34 216.58.207.34	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700::68... 2606:4700::6810:a10d	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	52.30.76.113 52.30.76.113	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2606:4700::68... 2606:4700::6810:a40d	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	151.101.194.2 151.101.194.2	54113 (FASTLY) (FASTLY - Fastly)
1 3	2.16.186.51 2.16.186.51	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	54.154.175.204 54.154.175.204	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
104	35

5 188.165.2.137 (France)

ASN16276 (OVH, FR)

raovat.4umer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.237.11 (Dallas, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

cdn.rawgit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.208.52 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip052.ssl.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:30::681f:566a (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

illiweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.120.193 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.33.44.177 (France)

ASN16276 (OVH, FR)

raovat.tuoitrevn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:30::6812:3907 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

i.servimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681b:850d (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

hitsk.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681c:1c04 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

crrepo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.242.29 (Dallas, United States)

ASN12989 (HWNG, NL)

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.23.73.212 (France)

ASN16276 (OVH, FR)

raovat.4umer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.2 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.152 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:825::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::6812:3807 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

i97.servimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:825::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 216.58.207.34 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s24-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:818::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81d::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a10d (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.76.113 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-30-76-113.eu-west-1.compute.amazonaws.com

b.a2gw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81e::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:a40d (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.2 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.186.51 (European Union) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-51.deploy.static.akamaitechnologies.com

b.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.154.175.204 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-154-175-204.eu-west-1.compute.amazonaws.com

api.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	illiweb.com illiweb.com	43 KB
10	viglink.com cdn.viglink.com api.viglink.com	33 KB
10	doubleclick.net securepubads.g.doubleclick.net	262 KB
9	servimg.com i.servimg.com i97.servimg.com	52 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	147 KB
7	googletagservices.com www.googletagservices.com	145 KB
7	4umer.com raovat.4umer.com	161 KB
6	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	110 B
5	imgur.com i.imgur.com	61 KB
3	scorecardresearch.com 1 redirects b.scorecardresearch.com	2 KB
3	google.de adservice.google.de	528 B
3	criteo.net static.criteo.net	26 KB
2	facebook.net connect.facebook.net	60 KB
2	google-analytics.com www.google-analytics.com	17 KB
2	taboola.com cdn.taboola.com	122 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	83 KB
2	dmca.com images.dmca.com	5 KB
1	a2gw.com b.a2gw.com
1	facebook.com staticxx.facebook.com
1	youtube.com www.youtube.com
1	criteo.com bidder.criteo.com	213 B
1	crrepo.com crrepo.com	138 KB
1	hitsk.in hitsk.in	1013 B
1	tuoitrevn.net raovat.tuoitrevn.net	27 KB
1	google.com www.google.com	546 B
1	jquery.com code.jquery.com	32 KB
1	rawgit.com cdn.rawgit.com	7 KB
104	28

	Domain	Requested by
12	illiweb.com	raovat.4umer.com code.jquery.com
10	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net raovat.4umer.com
8	i.servimg.com	raovat.4umer.com
7	api.viglink.com	cdn.viglink.com raovat.4umer.com
7	www.googletagservices.com	raovat.4umer.com securepubads.g.doubleclick.net
7	fonts.gstatic.com	static.criteo.net raovat.4umer.com
7	raovat.4umer.com	raovat.4umer.com code.jquery.com
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net
5	i.imgur.com	raovat.4umer.com static.criteo.net
3	b.scorecardresearch.com	1 redirects cdn.taboola.com raovat.4umer.com
3	cdn.viglink.com	raovat.4umer.com
3	adservice.google.de	www.googletagservices.com
3	static.criteo.net	raovat.4umer.com
2	connect.facebook.net	raovat.4umer.com connect.facebook.net
2	www.google-analytics.com	raovat.4umer.com
2	cdn.taboola.com	raovat.4umer.com cdn.taboola.com
2	fonts.googleapis.com	raovat.4umer.com code.jquery.com
2	maxcdn.bootstrapcdn.com	raovat.4umer.com
2	images.dmca.com	raovat.4umer.com
1	pagead2.googlesyndication.com	raovat.4umer.com
1	b.a2gw.com	securepubads.g.doubleclick.net
1	staticxx.facebook.com	connect.facebook.net
1	www.youtube.com	raovat.4umer.com
1	i97.servimg.com	raovat.4umer.com
1	www.gstatic.com	www.google.com
1	bidder.criteo.com	static.criteo.net
1	crrepo.com	raovat.4umer.com
1	hitsk.in	raovat.4umer.com
1	raovat.tuoitrevn.net	raovat.4umer.com
1	www.google.com	raovat.4umer.com
1	code.jquery.com	raovat.4umer.com
1	cdn.rawgit.com	raovat.4umer.com
104	32

This site contains links to these domains. Also see Links.

Domain
www.forumotion.com
raovat.tuoitrevn.net
www.tapatalk.com
hocluat.vn
www.nhadatdongnai.co
www.bandatnenbaria.vn
goo.gl
www.meovatcs.com
www.tuoitrevn.net
www.dmca.com
www.thoang.net
www.forumvi.com
help.forumotion.com
www.sosblog.com

Subject Issuer	Validity	Valid
rawgit.com COMODO RSA Domain Validation Secure Server CA	`2018-12-29` - `2020-01-13`	a year	crt.sh
illiweb.com CloudFlare Inc ECC CA-2	`2018-10-18` - `2019-10-18`	a year	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2019-03-26` - `2020-03-30`	a year	crt.sh
www.google.com Google Internet Authority G3	`2019-04-16` - `2019-07-09`	3 months	crt.sh
*.imgur.com DigiCert SHA2 Secure Server CA	`2018-12-14` - `2020-02-12`	a year	crt.sh
servimg.com CloudFlare Inc ECC CA-2	`2018-10-19` - `2019-10-19`	a year	crt.sh
sni165043.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-04-12` - `2019-10-19`	6 months	crt.sh
sni110177.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-04-01` - `2019-10-08`	6 months	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-04-16` - `2019-07-09`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2019-04-16` - `2019-07-09`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-03-26` - `2019-06-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-03-08` - `2019-06-06`	3 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-03-26` - `2019-06-18`	3 months	crt.sh
*.a2gw.com Amazon	`2018-10-22` - `2019-11-22`	a year	crt.sh

This page contains 9 frames:

Primary Page: http://raovat.4umer.com/t138860-topic
Frame ID: F96D2E34DE23CA50D9DA8BA027E8966B
Requests: 75 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 90413D3F95B91EA4A20A058AFD7AA2CB
Requests: 10 HTTP requests in this frame

Frame: https://www.youtube.com/embed/RwXi0kg8Nd0
Frame ID: 6B9246787E6AF46B6B6E2023ABB0B05C
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 7F615D7B82675A99DAD22E4866F9DCFE
Requests: 7 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 61785CC05A891A930FCBB9CECEA33A80
Requests: 7 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Frame ID: 2DD05EA268D3DCB256D37060504CBF9D
Requests: 1 HTTP requests in this frame

Frame: https://b.a2gw.com/banner?dfp=21773487228&cw=728&ch=90&_cb=1949191653
Frame ID: 271F501143878F64D2EC71840EC5E207
Requests: 1 HTTP requests in this frame

Frame: http://tpc.googlesyndication.com/safeframe/1-0-33/html/container.html?n=1
Frame ID: 4B37365EBE6D30F57CA557FC990E4296
Requests: 1 HTTP requests in this frame

Frame: http://tpc.googlesyndication.com/safeframe/1-0-33/html/container.html?n=1
Frame ID: B294D70203FC62A81FC77C2D6048CCCA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /^criteo/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

VigLink (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:^[^\/]*\/\/[^\/]*viglink\.com\/api\/|vglnk\.js)/i
env /^(?:vglnk(?:$|_)|vl_(?:cB|disable)$)/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
env /^_?COMSCORE$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

env /^Recaptcha$/i

Page Statistics

104
Requests

62 %
HTTPS

54 %
IPv6

28
Domains

32
Subdomains

35
IPs

4
Countries

1426 kB
Transfer

3461 kB
Size

0
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://www.forumotion.com/

Search URL Search Domain Scan URL

URL: http://raovat.tuoitrevn.net/

Search URL Search Domain Scan URL

URL: https://www.tapatalk.com/groups/diendanraovat1/
Title: Diễn đàn đăng tin rao vặt

Search URL Search Domain Scan URL

URL: https://hocluat.vn/
Title: Học Luật Online

Search URL Search Domain Scan URL

URL: https://www.nhadatdongnai.co/

Search URL Search Domain Scan URL

URL: https://www.bandatnenbaria.vn/du-an-169/#Du-an-Phu-My-Gold-City-My-Xuan
Title: Phú Mỹ Gold City

Search URL Search Domain Scan URL

URL: https://www.bandatnenbaria.vn/du-an-169/
Title: dự án phú mỹ gold city

Search URL Search Domain Scan URL

URL: http://goo.gl/9RaOAl

Search URL Search Domain Scan URL

URL: https://hocluat.vn/wiki/phap-luat/
Title: pháp luật là gì

Search URL Search Domain Scan URL

URL: https://hocluat.vn/wiki/nganh-luat/
Title: ngành luật là gì

Search URL Search Domain Scan URL

URL: https://hocluat.vn/wiki/binh-luan-khoa-hoc-bo-luat-hinh-su-2015/
Title: bình luận khoa học Bộ luật Hình sự 2015

Search URL Search Domain Scan URL

URL: https://hocluat.vn/wiki/cac-toi-pham-ve-chuc-vu/
Title: các tội phạm về chức vụ

Search URL Search Domain Scan URL

URL: https://hocluat.vn/internet-download-manager-idm-full-crack/
Title: idm full crack

Search URL Search Domain Scan URL

URL: https://www.meovatcs.com/
Title: Mẹo vặt cuộc sống

Search URL Search Domain Scan URL

URL: http://www.tuoitrevn.net/sitemap.xml
Title: XML Sitemaps Generator

Search URL Search Domain Scan URL

URL: http://www.dmca.com/Protection/Status.aspx?ID=1ac35e80-a59b-49c5-8442-8103d887d699&refurl=http://raovat.4umer.com/t138860-topic
Title:

Search URL Search Domain Scan URL

URL: http://www.tuoitrevn.net/
Title: Tuổi trẻ Việt Nam online

Search URL Search Domain Scan URL

URL: http://www.thoang.net/
Title: Thoang Net

Search URL Search Domain Scan URL

URL: http://www.forumvi.com/
Title: Free forum

Search URL Search Domain Scan URL

URL: https://www.forumvi.com/phpbb
Title: phpBB

Search URL Search Domain Scan URL

URL: https://help.forumotion.com/
Title: Free forum support

Search URL Search Domain Scan URL

URL: http://www.sosblog.com/vi/
Title: Have a free blog with Sosblog

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 41

http://connect.facebook.net/vi_VN/sdk.js HTTP 307
https://connect.facebook.net/vi_VN/sdk.js

Request Chain 61

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1271310803&utmhn=raovat.4umer.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ph%C3%BA%20M%E1%BB%B9%20Gold%20City%20h%E1%BA%A5p%20d%E1%BA%ABn%20nh%C3%A0%20%C4%91%E1%BA%A7u%20t%C6%B0&utmhid=984175447&utmr=-&utmp=%2Ft138860-topic&utmht=1556808803845&utmac=UA-87786621-1&utmcc=__utma%3D84484378.1463190111.1556808804.1556808804.1556808804.1%3B%2B__utmz%3D84484378.1556808804.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=413459697&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1271310803&utmhn=raovat.4umer.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ph%C3%BA%20M%E1%BB%B9%20Gold%20City%20h%E1%BA%A5p%20d%E1%BA%ABn%20nh%C3%A0%20%C4%91%E1%BA%A7u%20t%C6%B0&utmhid=984175447&utmr=-&utmp=%2Ft138860-topic&utmht=1556808803845&utmac=UA-87786621-1&utmcc=__utma%3D84484378.1463190111.1556808804.1556808804.1556808804.1%3B%2B__utmz%3D84484378.1556808804.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=413459697&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 95

http://b.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1556808807073&ns_c=UTF-8&cv=3.1&c8=Ph%C3%BA%20M%E1%BB%B9%20Gold%20City%20h%E1%BA%A5p%20d%E1%BA%ABn%20nh%C3%A0%20%C4%91%E1%BA%A7u%20t%C6%B0&c7=http%3A%2F%2Fraovat.4umer.com%2Ft138860-topic&c9= HTTP 302
http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1556808807073&ns_c=UTF-8&cv=3.1&c8=Ph%C3%BA%20M%E1%BB%B9%20Gold%20City%20h%E1%BA%A5p%20d%E1%BA%ABn%20nh%C3%A0%20%C4%91%E1%BA%A7u%20t%C6%B0&c7=http%3A%2F%2Fraovat.4umer.com%2Ft138860-topic&c9=

104 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request t138860-topic Show response
raovat.4umer.com/ 75 KB
22 KB 477ms
431ms Document
text/html 188.165.2.137
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://raovat.4umer.com/t138860-topic

Protocol

HTTP/1.1

Server

188.165.2.137 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

23fa7927abb72fffbbbaaeabe4c62238ae303156d14226ae64d56d75684798aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0; mode=block

Request headers

Host: raovat.4umer.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 02 May 2019 14:53:21 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 02 May 2019 00:00:00 GMT
Last-Modified: Thu, 02 May 2019 14:53:21 GMT
Vary: User-Agent
X-Content-Type-Options: nosniff
X-XSS-Protection: 0; mode=block
Access-Control-Allow-Origin: *
X-Cache-NE: EXPIRED
Content-Encoding: gzip

GET
H/1.1 200
OK 1-ltr.css
raovat.4umer.com/ 198 KB
68 KB 90ms
70ms Stylesheet
text/css 188.165.2.137
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://raovat.4umer.com/1-ltr.css

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

HTTP/1.1

Server

188.165.2.137 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

812d081f4ee2fb711db42bc0dc1fb6ea43ab641be367c6056c7af7df84eba5b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 02 May 2019 14:53:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 02 May 2019 00:00:00 GMT
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
X-Cache-NE: EXPIRED
Content-Length: 68854
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 4rv1.05.css
cdn.rawgit.com/tuoitrevn/forum/master/ 27 KB
7 KB 93ms
17ms Stylesheet
text/css 151.139.237.11
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rawgit.com/tuoitrevn/forum/master/4rv1.05.css

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.237.11 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

NetDNA-cache/2.2 /

Resource Hash

4895ea123004a86ed0195e733b973aac213b6ef43487b706a3cda470b32d2322

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload, max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000; preload, max-age=31536000; preload
sunset: Tue, 01 Oct 2019 00:00:00 GMT
rawgit-cache-status: HIT
x-robots-tag: none
server: NetDNA-cache/2.2
etag: W/"d43d62056039bd93b90a9be0ef012667ef89e91d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 4d0ad2d1ba6d272a-FRA
link: <https://rawgit.com/>; rel="sunset"; title="RawGit will soon shut down. Please stop using it."

GET
H/1.1 200
OK jquery-1.9.1.min.js Show response
code.jquery.com/ 90 KB
32 KB 302ms
15ms Script
application/javascript 205.185.208.52
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://code.jquery.com/jquery-1.9.1.min.js
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic
Protocol: HTTP/1.1
Server: 205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip052.ssl.hwcdn.net
Software: nginx /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 02 May 2019 14:53:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Oct 2014 00:16:07 GMT
Server: nginx
ETag: W/"54499a47-169d5"
Vary: Accept-Encoding
X-HW: 1556808802.dop011.fr8.t,1556808802.cds011.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 32772

GET
H2 200 vi.js Show response
illiweb.com/rs3/44/frm/lang/ 69 KB
16 KB 91ms
23ms Script
application/x-javascript 2606:4700:30::681f:566a
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/44/frm/lang/vi.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:566a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7302ec78f40ce56d85a90fdcb2f659bac0e8bc6ba023dc1e520a58d94adec0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=70799
status: 200
cf-bgj: minify
x-xss-protection: 1; mode=block
x-cache-ne: EXPIRED
last-modified: Mon, 25 Feb 2019 09:18:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-cache-pr: EXPIRED
cf-ray: 4d0ad3055b8a2352-FRA
expires: Fri, 01 May 2020 14:53:22 GMT

GET
H/1.1 200
OK publishertag.js Show response
static.criteo.net/js/ld/ 83 KB
25 KB 1120ms
35ms Script
text/javascript 178.250.2.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b0e82f9ce6c1510f32a8e18c9581ba6573b6988dabdd3f2ed6c1ba08eff85cb9

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 02 May 2019 14:53:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Mar 2019 13:26:35 GMT
Server: nginx
ETag: W/"5c811c0b-14ca7"
Transfer-Encoding: chunked
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public
Timing-Allow-Origin: *
Expires: Fri, 03 May 2019 14:53:23 GMT

GET
H2 200 jquery.cookie.js Show response
illiweb.com/rs3/44/frm/jquery/cookie/ 1011 B
875 B 86ms
18ms Script
application/x-javascript 2606:4700:30::681f:566a
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/44/frm/jquery/cookie/jquery.cookie.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:566a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
x-xss-protection: 1; mode=block
x-cache-ne: HIT
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-cache-pr: HIT
cf-ray: 4d0ad3055b882352-FRA
expires: Fri, 01 May 2020 14:53:22 GMT

GET
H2 200 tooltipster.js Show response
illiweb.com/rs3/44/frm/mentions/ 17 KB
5 KB 86ms
18ms Script
application/x-javascript 2606:4700:30::681f:566a
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/44/frm/mentions/tooltipster.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:566a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a56d8fd2c346648167ab574f3be9f54f3a96707aeddcdd3ceabd3ac1201b8057

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
last-modified: Mon, 04 Apr 2016 09:44:06 GMT
x-xss-protection: 1; mode=block
x-cache-ne: HIT
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-cache-pr: HIT
cf-ray: 4d0ad3055b8c2352-FRA
expires: Fri, 01 May 2020 14:53:22 GMT

GET
H2 200 init.js Show response
illiweb.com/rs3/44/frm/mentions/ 668 B
404 B 88ms
21ms Script
application/x-javascript 2606:4700:30::681f:566a
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/44/frm/mentions/init.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:566a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f54301c324d81a1d069061f8932c853d1ac44fdc77298340743310ec32c4aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
last-modified: Mon, 15 Feb 2016 11:25:26 GMT
x-xss-protection: 1; mode=block
x-cache-ne: HIT
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-cache-pr: HIT
cf-ray: 4d0ad3055b872352-FRA
expires: Fri, 01 May 2020 14:53:22 GMT

GET
H2 200 FAToolbar.js Show response
illiweb.com/rs3/44/frm/jquery/toolbar/ 23 KB
5 KB 87ms
20ms Script
application/x-javascript 2606:4700:30::681f:566a
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/44/frm/jquery/toolbar/FAToolbar.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:566a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

53b50d936fbd0379b43181e53561a665a21e6ea1d1fd50a08b8eeaa0fee06906

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
last-modified: Wed, 27 Feb 2019 15:12:05 GMT
x-xss-protection: 1; mode=block
x-cache-ne: HIT
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-cache-pr: HIT
cf-ray: 4d0ad3055b8b2352-FRA
expires: Fri, 01 May 2020 14:53:22 GMT

GET
H2 200 tooltipster.css
illiweb.com/rs3/44/frm/mentions/ 6 KB
1 KB 87ms
19ms Stylesheet
text/css 2606:4700:30::681f:566a
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://illiweb.com/rs3/44/frm/mentions/tooltipster.css

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:566a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d2393ec9a6d20fc58d60f8d9140fd7ccdd709ec1ab00036dce2847901c2ba92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=6667
status: 200
cf-bgj: minify
x-xss-protection: 1; mode=block
x-cache-ne: HIT
last-modified: Tue, 09 Feb 2016 14:16:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-cache-pr: HIT
cf-ray: 4d0ad3055b862352-FRA
expires: Fri, 01 May 2020 14:53:22 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 762 B
546 B 26ms
16ms Script
text/javascript 2a00:1450:4001:81a::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

fd13440af38cdc0d0c6f12de9da5022672b69a9e7d3039e23794377cc696558f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 448
x-xss-protection: 1; mode=block
expires: Thu, 02 May 2019 14:53:22 GMT

GET
H/1.1 200
OK / Show response
raovat.4umer.com/ 166 KB
33 KB 512ms
393ms Script
text/html 188.165.2.137
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://raovat.4umer.com/

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

HTTP/1.1

Server

188.165.2.137 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

f4b71c33ac6ac5b9d76b3dd1ae788431afd678b97666ab0a817ea122e7f326fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0; mode=block

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 May 2019 14:53:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 02 May 2019 14:53:22 GMT
Vary: User-Agent
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Transfer-Encoding: chunked
X-Cache-NE: EXPIRED
Content-Type: text/html; charset=utf-8
X-XSS-Protection: 0; mode=block
Expires: Thu, 02 May 2019 00:00:00 GMT

GET
H2 200 An5Xcra.png
i.imgur.com/ 37 KB
38 KB 1490ms
46ms Image
image/png 151.101.120.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/An5Xcra.png
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.120.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 1ccb56e3c58fce6511ad69d71f3a78357043b451270ee13643a32a118899c36c

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:23 GMT
age: 1387224
x-cache: HIT, HIT
status: 200
content-length: 38276
x-served-by: cache-bwi5130-BWI, cache-cdg20733-CDG
last-modified: Sat, 31 Dec 2016 13:13:08 GMT
server: cat factory 1.0
x-timer: S1556808804.520088,VS0,VE1
etag: "46b1d7a1e07966ba4047ff809e372962"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H/1.1 200
OK Rgfgq0K.png
i.imgur.com/ 15 KB
16 KB 15106ms
22ms Image
image/png 151.101.120.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.imgur.com/Rgfgq0K.png
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic
Protocol: HTTP/1.1
Server: 151.101.120.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: f7fd8cd273315dba176575ac928c7d93c1bd685ad93a4f8e3d0a917917b0988f

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 02 May 2019 14:53:37 GMT
Age: 3915889
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 15476
X-Served-By: cache-bwi5134-BWI, cache-cdg20750-CDG
Last-Modified: Wed, 04 Jul 2018 00:59:42 GMT
Server: cat factory 1.0
X-Timer: S1556808817.159135,VS0,VE1
ETag: "69676af8e16ca3a56100e89af6b14b7c"
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
cache-control: public, max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 3, 1

GET
H2 200 empty.gif
illiweb.com/fa/ 42 B
117 B 15ms
10ms Image
image/gif 2606:4700:30::681f:566a
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/empty.gif

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:566a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
content-length: 42
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-2a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 4d0ad30c78af2352-FRA
expires: Fri, 01 May 2020 14:53:23 GMT

GET
H2 200 qMsm6Ul.gif
i.imgur.com/ 599 B
781 B 311ms
69ms Image
image/gif 151.101.120.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/qMsm6Ul.gif
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.120.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 5b9015044ce252559ccbb0cd794d03c995a50f84884b2019293782fb7fe8874f

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:23 GMT
age: 11395206
x-cache: HIT, HIT, HIT
status: 200
content-length: 599
x-served-by: cache-iad2145-IAD, cache-bwi5147-BWI, cache-cdg20733-CDG
last-modified: Tue, 10 Jan 2017 00:45:57 GMT
server: cat factory 1.0
x-timer: S1556808804.520133,VS0,VE1
etag: "52006aa92820afcff6d2236b88332f5c"
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1, 1

GET
H/1.1 200
OK avatar10.png
raovat.tuoitrevn.net/users/3517/21/16/80/avatars/gallery/ 26 KB
27 KB 811ms
74ms Image
image/png 178.33.44.177
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://raovat.tuoitrevn.net/users/3517/21/16/80/avatars/gallery/avatar10.png

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

HTTP/1.1

Server

178.33.44.177 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

690a9c5e2ba9f5cfb4bb225bf84b658d899b75825472da0851845edb636463dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 02 May 2019 14:53:24 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 02 Jan 2017 05:24:04 GMT
ETag: "5869e3f4-692c"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Content-Length: 26924
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon_www.gif
illiweb.com/fa/subsilver/ 733 B
810 B 20ms
14ms Image
image/gif 2606:4700:30::681f:566a
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/subsilver/icon_www.gif

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:566a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

02be12aef9119686fd59cb18175cb585e21e46a6aa5ec6b10074e6dd37476eef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
content-length: 733
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-2dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 4d0ad30c78b02352-FRA
expires: Fri, 01 May 2020 14:53:23 GMT

GET
H2 200 default2.gif
illiweb.com/itest/ranks/default/ 1 KB
1 KB 13ms
8ms Image
image/gif 2606:4700:30::681f:566a
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/itest/ranks/default/default2.gif

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:566a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

eea9767f3e2c171b55a01fd5da2da5ce658ae3f4e3b6c49cee0659bb38237f6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
content-length: 1176
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Jan 2005 00:00:00 GMT
server: cloudflare
etag: "41d5e800-498"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 4d0ad30c78b12352-FRA
expires: Fri, 01 May 2020 14:53:23 GMT

GET
H2 200 icon_n10.gif
i.servimg.com/u/f97/19/54/42/12/ 348 B
786 B 65ms
11ms Image
image/gif 2606:4700:30::6812:3907
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f97/19/54/42/12/icon_n10.gif

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3907 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

84193816087e802c9209355842e4d99b9dc73cea9179921c8070da4dcc139b7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
content-length: 348
x-xss-protection: 1; mode=block
last-modified: Sun, 25 Sep 2016 19:43:10 GMT
server: cloudflare
etag: "57e828ce-15c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 4d0ad30ccec4c286-FRA
expires: Fri, 01 May 2020 14:53:23 GMT

GET
H2 200 page-w10.png
i.servimg.com/u/f18/15/64/85/86/ 618 B
727 B 66ms
13ms Image
image/png 2606:4700:30::6812:3907
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f18/15/64/85/86/page-w10.png

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3907 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

da281a874974bf0c9518ccd03db9c96e1f69bfbb72ad62bee649c400d97e4899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
content-length: 618
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Jun 2015 04:03:43 GMT
server: cloudflare
etag: "5580f19f-26a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 4d0ad30ccec9c286-FRA
expires: Fri, 01 May 2020 14:53:23 GMT

GET
H2 200 ti_xui11.png
i.servimg.com/u/f97/19/54/42/12/ 368 B
469 B 13ms
8ms Image
image/png 2606:4700:30::6812:3907
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f97/19/54/42/12/ti_xui11.png

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3907 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ca20cfedac5fd9258f9f8355b713ae92a640b2ebdd2b048182e0b7eafa1a9fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
content-length: 368
x-xss-protection: 1; mode=block
last-modified: Sun, 25 Sep 2016 13:00:59 GMT
server: cloudflare
etag: "57e7ca8b-170"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 4d0ad30cdef5c286-FRA
expires: Fri, 01 May 2020 14:53:23 GMT

GET
H2 200 award-10.png
i.servimg.com/u/f18/19/08/54/77/ 743 B
844 B 11ms
6ms Image
image/png 2606:4700:30::6812:3907
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f18/19/08/54/77/award-10.png

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3907 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0035ed075d597ffa4dc9deb3f28776a1d13d337daa1f6be413f13cb51f7dd0fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
content-length: 743
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Jun 2015 03:46:13 GMT
server: cloudflare
etag: "5580ed85-2e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 4d0ad30cdef7c286-FRA
expires: Fri, 01 May 2020 14:53:23 GMT

GET
H2 200 nameic12.gif
i.servimg.com/u/f97/19/54/42/12/ 428 B
529 B 12ms
7ms Image
image/gif 2606:4700:30::6812:3907
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f97/19/54/42/12/nameic12.gif

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3907 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

90e83f9812d4235e44151847751420c1b53a05a31415446dd467c85720f6e143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
content-length: 428
x-xss-protection: 1; mode=block
last-modified: Sun, 25 Sep 2016 12:48:28 GMT
server: cloudflare
etag: "57e7c79c-1ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 4d0ad30cdef9c286-FRA
expires: Fri, 01 May 2020 14:53:23 GMT

GET
H2 200 eiopMXR.gif
i.imgur.com/ 224 B
515 B 201ms
23ms Image
image/gif 151.101.120.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/eiopMXR.gif
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.120.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 2c7a8b34d05698985a9c135034620a43a47bb11b9701867465b4909327f018a3

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:23 GMT
age: 4367760
x-cache: HIT, HIT
status: 200
content-length: 224
x-served-by: cache-bwi5121-BWI, cache-cdg20733-CDG
last-modified: Thu, 03 Sep 2015 04:53:14 GMT
server: cat factory 1.0
x-timer: S1556808804.520110,VS0,VE1
etag: "f302813cec860fbe4bf53bd77f9346d3"
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 i_icon_gender_male.gif
hitsk.in/t/13/01/69/ 575 B
1013 B 208ms
126ms Image
image/gif 2606:4700:30::681b:850d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hitsk.in/t/13/01/69/i_icon_gender_male.gif

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681b:850d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

235d503d44efda2814ec2bceae1626390f3c7c8b57bfec42531b927de266758e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:23 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
content-length: 575
x-xss-protection: 1; mode=block
last-modified: Wed, 27 Oct 2010 16:39:19 GMT
server: cloudflare
etag: "4cc855b7-23f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 4d0ad30d69059736-FRA
expires: Fri, 01 May 2020 14:53:23 GMT

GET
H2 200 nameic13.gif
i.servimg.com/u/f97/19/54/42/12/ 426 B
526 B 22ms
19ms Image
image/gif 2606:4700:30::6812:3907
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f97/19/54/42/12/nameic13.gif

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3907 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f2a88a252ab5dce2170fff4889f744b5a4943b2863b220a96fec7aa9d0bae71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
content-length: 426
x-xss-protection: 1; mode=block
last-modified: Sun, 25 Sep 2016 12:51:14 GMT
server: cloudflare
etag: "57e7c842-1aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 4d0ad30cef26c286-FRA
expires: Fri, 01 May 2020 14:53:23 GMT

GET
H2 200 house-10.gif
i.servimg.com/u/f97/19/01/75/14/ 466 B
567 B 11ms
9ms Image
image/gif 2606:4700:30::6812:3907
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f97/19/01/75/14/house-10.gif

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3907 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5384a3023793ef64f078ec77235f40a8cb0fe8aa2dfd04fbbbbaf6e292da18c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
content-length: 466
x-xss-protection: 1; mode=block
last-modified: Sun, 25 Sep 2016 13:45:43 GMT
server: cloudflare
etag: "57e7d507-1d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 4d0ad30cef27c286-FRA
expires: Fri, 01 May 2020 14:53:23 GMT

GET
H2 200 edbcd07bd1a3abcf0a449c0cac4f8ed0_2761.gif
crrepo.com/extban/110860620/creatives/22412118/ 138 KB
138 KB 374ms
256ms Image
image/gif 2606:4700:30::681c:1c04
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crrepo.com/extban/110860620/creatives/22412118/edbcd07bd1a3abcf0a449c0cac4f8ed0_2761.gif
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:1c04 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2277d479b455f41e7f14f8f2c73868eb304c6cf80cd5dcb7e54ff868fc2ce71e

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:23 GMT
via: 1.1 google
cf-cache-status: MISS
last-modified: Tue, 24 Jul 2018 11:35:47 GMT
server: cloudflare
etag: W/"5b570f13-226ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: public, max-age=14400
cf-ray: 4d0ad30d9a2a96da-FRA
expires: Thu, 02 May 2019 18:53:23 GMT

GET
H2 200 lky9lf10.jpg
i.servimg.com/u/f37/19/52/31/91/ 45 KB
45 KB 22ms
19ms Image
image/jpeg 2606:4700:30::6812:3907
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.servimg.com/u/f37/19/52/31/91/lky9lf10.jpg

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:3907 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

20ea9b0f35d57e898e1761b34d5b9d019df3201b0d027908cd02d0656c2960d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
content-length: 45626
x-xss-protection: 1; mode=block
last-modified: Fri, 06 Jan 2017 05:44:40 GMT
server: cloudflare
etag: "586f2ec8-b23a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 4d0ad30cef28c286-FRA
expires: Fri, 01 May 2020 14:53:23 GMT

GET
H/1.1 200
OK 21489.js Show response
raovat.4umer.com/ 16 KB
6 KB 70ms
65ms Script
application/x-javascript 188.165.2.137
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://raovat.4umer.com/21489.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

HTTP/1.1

Server

188.165.2.137 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

166361649cb058cd61e6f87d19a0b47a859deb79a17396c59d8dd9b1c661bc9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 02 May 2019 14:53:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 07 Jul 2017 17:28:09 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
X-Cache-NE: EXPIRED
Content-Length: 6097
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK dmca_protected_sml_120w.png
images.dmca.com/Badges/ 3 KB
3 KB 78ms
18ms Image
image/png 151.139.242.29
HWNG

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.dmca.com/Badges/dmca_protected_sml_120w.png?ID=57b6ebc2-7a41-4eae-90fc-44e5f9c3d8d2
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic
Protocol: HTTP/1.1
Server: 151.139.242.29 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software: NetDNA-cache/2.2 / ASP.NET
Resource Hash: 10dfcb598d3dd6c0f995f34de110a0612d6e68ee3f9928bcbe1f348084f0d9bf

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 02 May 2019 14:53:23 GMT
Server: NetDNA-cache/2.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Cache: HIT
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Link: <http://dmca-images.cloudapp.net/Badges/dmca_protected_sml_120w.png>; rel="canonical"
Content-Length: 3173
Expires: Sat, 01 Jun 2019 14:53:23 GMT

GET
H/1.1 200
OK DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ 852 B
1 KB 179ms
17ms Script
application/zip 151.139.242.29
HWNG

General

Check archive.org

Show headers Download Go to

Full URL: http://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic
Protocol: HTTP/1.1
Server: 151.139.242.29 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software: NetDNA-cache/2.2 / ASP.NET
Resource Hash: 8464f9a28062d00fd300538f9e93fad38faa64b9751db49b28911b9b6cceafdd

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 02 May 2019 14:52:33 GMT
Server: NetDNA-cache/2.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Cache: HIT
Content-Type: application/zip
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Link: <http://dmca-images.cloudapp.net/Badges/DMCABadgeHelper.min.js>; rel="canonical"
Content-Length: 852
Expires: Sat, 01 Jun 2019 14:52:33 GMT

GET
H/1.1 200
OK 11971.js Show response
raovat.4umer.com/ 53 KB
14 KB 127ms
89ms Script
application/x-javascript 94.23.73.212
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://raovat.4umer.com/11971.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

HTTP/1.1

Server

94.23.73.212 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

0f79bc31608a9b96c72b0ee909ff9f38bde39915d513f339cb495971aa7e440a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 02 May 2019 14:53:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 04 Jul 2017 22:06:11 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
X-Cache-NE: EXPIRED
Content-Length: 13664
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 33735.js Show response
raovat.4umer.com/ 10 KB
4 KB 127ms
62ms Script
application/x-javascript 188.165.2.137
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://raovat.4umer.com/33735.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

HTTP/1.1

Server

188.165.2.137 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

f2b57c5797018dd0ef9c1c8386ef46d1d27c13ea0615617ffd6e7012074e6948

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 02 May 2019 14:53:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 15 Apr 2019 12:52:15 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
X-Cache-NE: EXPIRED
Content-Length: 3960
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 68ms
28ms Stylesheet
text/css 209.197.3.15
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic
Protocol: HTTP/1.1
Server: 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip0x00f.map2.ssl.hwcdn.net
Software: /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 02 May 2019 14:53:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Dec 2018 18:35:20 GMT
X-Hello-Human: Say hello back! @getBootstrapCDN on Twitter
ETag: "1544639720"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
cache-control: public, max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 7050

GET
H2 200 css
fonts.googleapis.com/ 7 KB
735 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:81b::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin,vietnamese

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

2854d1a7a60eaaf973f850aa7303ac2705a26f92011281ac9b41b684796ed5c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 02 May 2019 14:53:22 GMT
server: ESF
access-control-allow-origin: *
date: Thu, 02 May 2019 14:53:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Thu, 02 May 2019 14:53:22 GMT

GET
H/1.1 200
OK loader.js Show response
cdn.taboola.com/libtrc/forforumotion-vi/ 65 KB
18 KB 1071ms
14ms Script
application/javascript 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/libtrc/forforumotion-vi/loader.js
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic
Protocol: HTTP/1.1
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 22890030f40e00ad7694aa78f140c1f08f22451838a4dad8fc2e85337f242a31

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: W8GE.fTs1Kqc3AtjlQnJ4bNzkxqA3w48
Content-Encoding: gzip
Age: 17061
X-Cache: HIT
Date: Thu, 02 May 2019 14:53:24 GMT
Connection: keep-alive
Content-Length: 17794
x-amz-id-2: C+DUUeisfXKH8EEjItANpppFhB8Ivhd5meE9k4nXZzm25Tnaxd509YmjMUf3FhQvh4uOio40kWE=
X-Served-By: cache-hhn1549-HHN
Last-Modified: Thu, 02 May 2019 09:48:01 GMT
Server: AmazonS3
X-Timer: S1556808804.475057,VS0,VE1
ETag: "f88cb980b1f7ea74af069529046c5d43"
Vary: Accept-Encoding
x-amz-request-id: 142EFC990CC19E80
Via: 1.1 varnish
Cache-Control: private,max-age=14401
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
abp: 68
X-Cache-Hits: 1

POST
H/1.1 204
No Content cdb Show response
bidder.criteo.com/ 0
213 B 64ms
28ms XHR
text/plain 178.250.2.152
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: http://bidder.criteo.com/cdb?ptv=65&profileId=206&cb=60637562514
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: HTTP/1.1
Server: 178.250.2.152 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://raovat.4umer.com/t138860-topic
Origin: http://raovat.4umer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: http://raovat.4umer.com
Date: Thu, 02 May 2019 14:53:22 GMT
Access-Control-Allow-Credentials: true
Server: Finatra
Timing-Allow-Origin: *
Vary: Origin

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/api2/v1555968629716/ 262 KB
91 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:824::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/api2/v1555968629716/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

783d5189b19fa69b9ca77a4487cf52cc8b0fb3d38762894d18efd5e31bb40fa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 17:18:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 22:45:00 GMT
server: sffe
age: 682517
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 93489
x-xss-protection: 0
expires: Thu, 23 Apr 2020 17:18:06 GMT

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

16ms
7ms

Script
text/javascript

2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 20:01:45 GMT
server: Golfe2
age: 1044
date: Thu, 02 May 2019 14:35:59 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17168
expires: Thu, 02 May 2019 16:35:59 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H2

200

sdk.js Show response
connect.facebook.net/vi_VN/
Redirect Chain

http://connect.facebook.net/vi_VN/sdk.js
https://connect.facebook.net/vi_VN/sdk.js

3 KB
2 KB

21ms
12ms

Script
application/x-javascript

2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

4265bef2c2165dc515856027e5dfd765c1a59136fe9c4e4194dee86bb7a9722b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: HtFOeEfE3Vjwy1v6mPB/hA==
status: 200
date: Thu, 02 May 2019 14:53:23 GMT
vary: Accept-Encoding
content-length: 1778
x-fb-debug: 6majuZ5FKmfP0ZBB+9BegWB8heG8mF0XBRJm0Q7YPu1PZbWyXDAR0m0CoOcI2c774P6362pWrFNxOCm5BYe4mA==
x-fb-content-md5: 55b58d7630d7f48d74fed339ae3aa861
etag: "f3a1b95dc16ebacd5e036567b6b57539"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 02 May 2019 15:00:02 GMT

Redirect headers

Location: https://connect.facebook.net/vi_VN/sdk.js#xfbml=1&version=v2.6
Non-Authoritative-Reason: HSTS

GET
H2 200 jOYlpgu.gif
i.imgur.com/ 7 KB
7 KB 107ms
24ms Image
image/gif 151.101.120.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/jOYlpgu.gif
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.120.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: b844a2bb8061f0b3382e300f63fb07d62a08cca0d9eceb0c995ddc2b118fc062

Request headers

Referer: http://raovat.4umer.com/1-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:23 GMT
age: 113111
x-cache: HIT, HIT
status: 200
content-length: 6742
x-served-by: cache-bwi5151-BWI, cache-cdg20733-CDG
last-modified: Sun, 18 Dec 2016 03:25:11 GMT
server: cat factory 1.0
x-timer: S1556808804.520061,VS0,VE1
etag: "cd76b72c9113ceddde33e39a44af1fa4"
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v19/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v19/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin,vietnamese
Origin: http://raovat.4umer.com

Response headers

date: Mon, 25 Mar 2019 20:20:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:13:33 GMT
server: sffe
age: 3263603
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 1; mode=block
expires: Tue, 24 Mar 2020 20:20:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfChc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v19/ 8 KB
8 KB 8ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmWUlfChc4AMP6lbBP.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d4a0134009f70c36d82c43c77b2a6f0ee48a57beb8d4f9e9ff7c3dd3887212bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin,vietnamese
Origin: http://raovat.4umer.com

Response headers

date: Mon, 25 Mar 2019 20:20:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:14:19 GMT
server: sffe
age: 3263581
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 7924
x-xss-protection: 1; mode=block
expires: Tue, 24 Mar 2020 20:20:22 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v19/ 8 KB
8 KB 15ms
13ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v19/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin,vietnamese
Origin: http://raovat.4umer.com

Response headers

date: Mon, 25 Mar 2019 20:22:02 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:13:43 GMT
server: sffe
age: 3263481
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 8024
x-xss-protection: 1; mode=block
expires: Tue, 24 Mar 2020 20:22:02 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ 11 KB
11 KB 18ms
13ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin,vietnamese
Origin: http://raovat.4umer.com

Response headers

date: Mon, 25 Mar 2019 20:19:52 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:14:03 GMT
server: sffe
age: 3263611
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11020
x-xss-protection: 1; mode=block
expires: Tue, 24 Mar 2020 20:19:52 GMT

GET
H/1.1 200
OK pixel.gif
static.criteo.net/images/ 43 B
400 B 3090ms
28ms Image
image/gif 178.250.2.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic
Protocol: HTTP/1.1
Server: 178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 02 May 2019 14:53:26 GMT
Last-Modified: Tue, 09 Dec 2008 16:52:36 GMT
Server: nginx
ETag: "493ea254-2b"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=31104000, public
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 43
Expires: Sun, 26 Apr 2020 14:53:26 GMT

GET
H/1.1 200
OK pixel.gif
static.criteo.net/images/ 43 B
400 B 3120ms
28ms Image
image/gif 178.250.2.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic
Protocol: HTTP/1.1
Server: 178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 02 May 2019 14:53:26 GMT
Last-Modified: Tue, 09 Dec 2008 16:52:36 GMT
Server: nginx
ETag: "493ea254-2b"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=31104000, public
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 43
Expires: Sun, 26 Apr 2020 14:53:26 GMT

GET
H/1.1 200
OK logos12.png
i97.servimg.com/u/f97/18/91/53/88/ 2 KB
3 KB 69ms
15ms Image
image/png 2606:4700:30::6812:3807
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://i97.servimg.com/u/f97/18/91/53/88/logos12.png

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

HTTP/1.1

Server

2606:4700:30::6812:3807 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe6d42f3670bd140d05899fd0bc6161882da3f9fb4173f241148836279fa5477

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 02 May 2019 14:53:23 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Connection: keep-alive
Content-Length: 2148
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 28 Sep 2016 12:33:52 GMT
Server: cloudflare
ETag: "57ebb8b0-864"
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 4d0ad30e6b2a96aa-FRA
Expires: Fri, 01 May 2020 14:53:23 GMT

GET
H2 200 icon_user_online_en.png
illiweb.com/fa/prosilver/ 354 B
463 B 35ms
10ms Image
image/png 2606:4700:30::681f:566a
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/prosilver/icon_user_online_en.png

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:566a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

afdf47418c7cc1acb6a43bf303ce2928e43f4a4269db313e55319374750ab3a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://raovat.4umer.com/1-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
content-length: 354
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 11:00:38 GMT
server: cloudflare
etag: "5739a856-162"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 4d0ad30d99842352-FRA
expires: Fri, 01 May 2020 14:53:23 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 1095ms
43ms Font
font/woff2 209.197.3.15
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic
Protocol: HTTP/1.1
Server: 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip0x00f.map2.ssl.hwcdn.net
Software: /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: http://raovat.4umer.com

Response headers

Date: Thu, 02 May 2019 14:53:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Dec 2018 18:36:18 GMT
X-Hello-Human: Say hello back! @getBootstrapCDN on Twitter
ETag: "1544639778"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: font/woff2
Access-Control-Allow-Origin: *
cache-control: public, max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 77171

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ 11 KB
11 KB 18ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin,vietnamese
Origin: http://raovat.4umer.com

Response headers

date: Mon, 25 Mar 2019 20:20:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:14:42 GMT
server: sffe
age: 3263583
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11180
x-xss-protection: 1; mode=block
expires: Tue, 24 Mar 2020 20:20:20 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 9041 33 KB
11 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d22e52d55524c19dd98978fa59b86105107bf7a4f9b3aff7530bfa372bad9d66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "153 / 749 of 1000 / last-modified: 1556624295"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10704
x-xss-protection: 0
expires: Thu, 02 May 2019 14:53:23 GMT

GET
H2 200 RwXi0kg8Nd0
www.youtube.com/embed/ Frame 6B92 0
0 183ms
138ms Document
text/html 2a00:1450:4001:824::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/RwXi0kg8Nd0

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/RwXi0kg8Nd0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: http://raovat.4umer.com/t138860-topic
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://raovat.4umer.com/t138860-topic

Response headers

status: 200
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: br
expires: Tue, 27 Apr 1971 19:44:06 EST
cache-control: no-cache
content-type: text/html; charset=utf-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
date: Thu, 02 May 2019 14:53:23 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=d3yvPxjsRug; path=/; domain=.youtube.com; expires=Tue, 29-Oct-2019 14:53:23 GMT; httponly GPS=1; path=/; domain=.youtube.com; expires=Thu, 02-May-2019 15:23:23 GMT PREF=f1=50000000; path=/; domain=.youtube.com; expires=Wed, 01-Jan-2020 02:46:23 GMT YSC=Ui42hAgG_MM; path=/; domain=.youtube.com; httponly VISITOR_INFO1_LIVE=d3yvPxjsRug; path=/; domain=.youtube.com; expires=Tue, 29-Oct-2019 14:53:23 GMT; httponly
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 KFOmCnqEu92Fr1Mu7WxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v19/ 3 KB
3 KB 17ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v19/KFOmCnqEu92Fr1Mu7WxKKTU1Kvnz.woff2

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

6742ec1271dff587e859a90ce7e4bee26cfd60625f5bb95325650c6b04afda8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin,vietnamese
Origin: http://raovat.4umer.com

Response headers

date: Mon, 25 Mar 2019 20:29:26 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:13:40 GMT
server: sffe
age: 3263037
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 3384
x-xss-protection: 1; mode=block
expires: Tue, 24 Mar 2020 20:29:26 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfCxc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v19/ 3 KB
3 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmWUlfCxc4AMP6lbBP.woff2

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4efba2511ac7b398ee519551405416b684264c28f052829e9dd86bb836257d90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin,vietnamese
Origin: http://raovat.4umer.com

Response headers

date: Mon, 25 Mar 2019 20:41:07 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:14:12 GMT
server: sffe
age: 3262336
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 3352
x-xss-protection: 1; mode=block
expires: Tue, 24 Mar 2020 20:41:07 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 7F61 32 KB
10 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a0babd60ec1d545ccfb6524bbe0c7bc9aa9d6f80844649d0f17601e8da525b18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "153 / 16 of 1000 / last-modified: 1556624275"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10569
x-xss-protection: 0
expires: Thu, 02 May 2019 14:53:23 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 6178 32 KB
10 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

633651509d699afb23d98c4802604412f8941cda898702a5417d9061c6cf0907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "153 / 36 of 1000 / last-modified: 1556624275"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10570
x-xss-protection: 0
expires: Thu, 02 May 2019 14:53:23 GMT

GET
H2 200 pubads_impl_2019043001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 9041 150 KB
55 KB 52ms
51ms Script
text/javascript 216.58.207.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

sffe /

Resource Hash

e7b43567491c251c9cd052c69fe953de1b1e8a86ad15fafc20692b513bc4e49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 30 Apr 2019 10:44:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 55804
x-xss-protection: 0
expires: Thu, 02 May 2019 14:53:23 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame 9041 113 B
178 B 18ms
17ms Script
application/javascript 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=raovat.4umer.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 108
x-xss-protection: 0

GET
H2

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1271310803&utmhn=raovat.4umer.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ph%C...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1271310803&utmhn=raovat.4umer.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ph%...

35 B
101 B

35ms
14ms

Image
image/gif

2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1271310803&utmhn=raovat.4umer.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ph%C3%BA%20M%E1%BB%B9%20Gold%20City%20h%E1%BA%A5p%20d%E1%BA%ABn%20nh%C3%A0%20%C4%91%E1%BA%A7u%20t%C6%B0&utmhid=984175447&utmr=-&utmp=%2Ft138860-topic&utmht=1556808803845&utmac=UA-87786621-1&utmcc=__utma%3D84484378.1463190111.1556808804.1556808804.1556808804.1%3B%2B__utmz%3D84484378.1556808804.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=413459697&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 May 2019 14:53:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1271310803&utmhn=raovat.4umer.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ph%C3%BA%20M%E1%BB%B9%20Gold%20City%20h%E1%BA%A5p%20d%E1%BA%ABn%20nh%C3%A0%20%C4%91%E1%BA%A7u%20t%C6%B0&utmhid=984175447&utmr=-&utmp=%2Ft138860-topic&utmht=1556808803845&utmac=UA-87786621-1&utmcc=__utma%3D84484378.1463190111.1556808804.1556808804.1556808804.1%3B%2B__utmz%3D84484378.1556808804.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=413459697&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS

GET
H2 200 sdk.js Show response
connect.facebook.net/vi_VN/ 194 KB
58 KB 17ms
15ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk.js?hash=1cd5d6df8af70c8e2c9a8636aeaec8dc&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

24288187338d0ec227c79bf32788eba753a85b7cbb42c897d4d514d72585cb5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://raovat.4umer.com/t138860-topic
Origin: http://raovat.4umer.com

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: aXSekjiXcTFvbKu1BUgXHg==
status: 200
date: Thu, 02 May 2019 14:53:23 GMT
vary: Accept-Encoding
content-length: 59042
x-fb-debug: HsCJN7jE40PO9AFr6EIleBrJmXgPWuAikeHE0Vv8R8OejzE94zu6tSBBmJptN4Ncyc8zGSXsAc6sJzpsxpIpig==
x-fb-content-md5: 261aa16f5abfc4a749037337aa8fb660
etag: "f34e53e14f111a0a2b5d90d87a6ea1a8"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Fri, 01 May 2020 12:37:59 GMT

GET
H2 200 pubads_impl_2019042601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 7F61 150 KB
55 KB 139ms
46ms Script
text/javascript 216.58.207.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019042601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

sffe /

Resource Hash

712c9d428ed763b8dcc806164db50f61c05d6ed818ff65b1c3081f79cf6cf87d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 26 Apr 2019 15:03:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 55747
x-xss-protection: 0
expires: Thu, 02 May 2019 14:53:24 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame 7F61 113 B
175 B 109ms
16ms Script
application/javascript 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=raovat.4umer.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 108
x-xss-protection: 0

GET
H2 200 pubads_impl_2019042601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 6178 150 KB
55 KB 129ms
45ms Script
text/javascript 216.58.207.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019042601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

sffe /

Resource Hash

712c9d428ed763b8dcc806164db50f61c05d6ed818ff65b1c3081f79cf6cf87d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 26 Apr 2019 15:03:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 55747
x-xss-protection: 0
expires: Thu, 02 May 2019 14:53:24 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame 6178 113 B
175 B 98ms
16ms Script
application/javascript 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=raovat.4umer.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 108
x-xss-protection: 0

GET
H/1.1 200
OK h5- Show response
raovat.4umer.com/ 48 KB
14 KB 329ms
281ms XHR
text/html 94.23.73.212
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://raovat.4umer.com/h5-?_=1556808802404

Requested by

Host: code.jquery.com
URL: http://code.jquery.com/jquery-1.9.1.min.js

Protocol

HTTP/1.1

Server

94.23.73.212 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

bebb2cbe9bfaeaeec6044f278102e8db469aa3fc22d4f6d35d368b31f3f62a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0; mode=block

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: http://raovat.4umer.com/t138860-topic
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 May 2019 14:53:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 02 May 2019 14:53:24 GMT
Vary: User-Agent
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
X-Cache-NE: MISS
Content-Type: text/html; charset=utf-8
X-XSS-Protection: 0; mode=block
Expires: Thu, 02 May 2019 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 9041 3 KB
2 KB 247ms
241ms Script
text/javascript 216.58.207.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1920976649855909&correlator=3827898414888904&output=json_html&callback=googletag.impl.pubads.setPassbackAdContents&impl=s&eid=21063689%2C21062068%2C21062454%2C21063202%2C21063506&vrg=2019043001&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=0&sfv=1-0-33&iu=%2F1150267%2FEtoxicSarl_2019_728x90&sz=728x90&eri=6&cookie_enabled=1&bc=7&lmt=1556808804&dt=1556808804073&dlt=1556808803550&idt=485&ea=0&frm=23&biw=1585&bih=1200&isw=-12245933&ish=-12245933&oid=3&adk=442451065&uci=5ya1o65ow2v&ifi=1&ifk=3343949525&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=http%3A%2F%2Fraovat.4umer.com%2Ft138860-topic&top=raovat.4umer.com&dssz=2&icsg=10&std=0&vis=1&scr_x=0&scr_y=0&blev=1&bisch=1&ga_vid=1463190111.1556808804&ga_sid=1556808804&ga_hid=1465126360&ga_fc=true&fws=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

35798ba258c03b2ec9cd20d4e050f10e45f7e9eb628488f8012f4ccf76a7dd39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1677
x-xss-protection: 0
google-lineitem-id: 227269977
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 80630180577
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019043001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 9041 71 KB
27 KB 53ms
48ms Script
text/javascript 216.58.207.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019043001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

sffe /

Resource Hash

12a0b01fda65dafdfecf773d1e3882c97a31562463aef37b93ece475f3412033

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 30 Apr 2019 10:44:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 27457
x-xss-protection: 0
expires: Thu, 02 May 2019 14:53:24 GMT

GET
H/1.1 200
OK container.html
tpc.googlesyndication.com/safeframe/1-0-33/html/ Frame 9041 0
0 18ms
6ms Other
text/html 2a00:1450:4001:81d::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://tpc.googlesyndication.com/safeframe/1-0-33/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js
Protocol: HTTP/1.1
Server: 2a00:1450:4001:81d::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H/1.1 200
OK vglnk.js Show response
cdn.viglink.com/api/ 77 KB
27 KB 76ms
21ms Script
text/javascript 2606:4700::6810:a10d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.viglink.com/api/vglnk.js
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic
Protocol: HTTP/1.1
Server: 2606:4700::6810:a10d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e393d6f1feb159d634dbe38eb81cb057690e4527b4013840a45ebd1fd6af82b7

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 02 May 2019 14:53:24 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
x-amz-request-id: 9E9F7C6E2848CAFB
Connection: keep-alive
Content-Length: 27314
x-amz-id-2: 5yB/bidIK0cFp8tUXjE3dtVylTL3kJxcV36OzbFraAf51FI59/EQB7qbTiyQEkZTLTDw+1Zacjw=
Last-Modified: Thu, 28 Mar 2019 16:24:04 GMT
Server: cloudflare
ETag: "4909064365a1c78485fece2784ca6033"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=1800
Accept-Ranges: bytes
CF-RAY: 4d0ad3122be863a1-FRA
Expires: Thu, 02 May 2019 15:23:24 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
824 B 80ms
31ms Font
text/css 2a00:1450:4001:81b::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed

Requested by

Host: code.jquery.com
URL: http://code.jquery.com/jquery-1.9.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

3bdf088be2b4dd5a29e7d782a66a3728d5a1cbd0c6779855f9ffd9b61ae44389

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://raovat.4umer.com/t138860-topic
Origin: http://raovat.4umer.com

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 02 May 2019 14:53:24 GMT
server: ESF
access-control-allow-origin: *
date: Thu, 02 May 2019 14:53:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Thu, 02 May 2019 14:53:24 GMT

GET
H2 200 toolbar.png
illiweb.com/fa/i/toolbar/ 11 KB
11 KB 11ms
11ms Image
image/png 2606:4700:30::681f:566a
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/i/toolbar/toolbar.png

Requested by

Host: code.jquery.com
URL: http://code.jquery.com/jquery-1.9.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:566a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

075cc698968c8fabdc079e0f5a8bf11ed379ddb445d0d7caa5085cf67ff12b57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://raovat.4umer.com/1-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
content-length: 11066
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 08:34:44 GMT
server: cloudflare
etag: "57398624-2b3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 4d0ad312bcbf2352-FRA
expires: Fri, 01 May 2020 14:53:24 GMT

GET
H2 200 pa0.png
illiweb.com/fa/i/toolbar/ 1 KB
1 KB 15ms
9ms Image
image/png 2606:4700:30::681f:566a
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://illiweb.com/fa/i/toolbar/pa0.png

Requested by

Host: code.jquery.com
URL: http://code.jquery.com/jquery-1.9.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:566a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5b862705def8b10b9a2f6e2d285ace98b47d499942ad23d492820a6a04341dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://raovat.4umer.com/1-ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
content-length: 1087
x-xss-protection: 1; mode=block
last-modified: Mon, 16 May 2016 08:34:43 GMT
server: cloudflare
etag: "57398623-43f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 4d0ad312bcc22352-FRA
expires: Fri, 01 May 2020 14:53:24 GMT

GET
H2 200 d_vbiawPdxB.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 2DD0 0
0 18ms
16ms Document
text/html 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js?hash=1cd5d6df8af70c8e2c9a8636aeaec8dc&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: http://raovat.4umer.com/t138860-topic
accept-encoding: gzip, deflate, br
cookie: fr=0H7avfV82HUQUI6uT..BcywRk...1.0.BcywRk.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://raovat.4umer.com/t138860-topic

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Thu, 30 Apr 2020 21:01:15 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: 7GNBA6K451pwbIwNfSHsSwRuoCEa+LcW2LZAecsU0AHOQmP99EOXLgvLZFRM9u5lkALGp3tlqARoLuMAEmplKw==
content-length: 10984
date: Thu, 02 May 2019 14:53:24 GMT

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 9041 0
57 B 30ms
28ms Fetch
image/gif 216.58.207.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvLBU1tWpZZB4ygVWLKm_ZCRK4n7ctcxbUEv0mp8Z4wdoQtI7PpWNnh6yKtUrSXVttWghZ9TjdBp-gG8n5JYS5S49rppK4IL421k7-cNY0Ku7pMEGX90b-pIpsPYiG_ZZxcr8RqzrpX0-_oVP8ZlucEzaG4zWVe21wb2nkgLANsTZHoaQSVj8QkI-xseR1yrndiyEocjsQHTUJkbjP5Q1FV7GOkUPZ7t4RgDu8Ll3vMKovwhQpjHAzJkmxJLwkoKSrEYhiMkWxd4Q&sai=AMfl-YQbFjMCPB6-1FDDyMJ2Ke7PORoSBVHeDhDh7giFaWRC6rCiMtgU3fuHU6h1PyN9hCSCuYS7QnkIdHCqYfRpglT_ArTME0TZNC3juTJqkq3WuC2i4k0PDYulFw56&sig=Cg0ArKJSzDGfcxiy5NwPEAE&urlfix=1&adurl=

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 May 2019 14:53:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK banner
b.a2gw.com/ Frame 271F 0
0 1229ms
38ms Document
text/html 52.30.76.113
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://b.a2gw.com/banner?dfp=21773487228&cw=728&ch=90&_cb=1949191653
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019043001.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.76.113 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-30-76-113.eu-west-1.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash

Request headers

Host: b.a2gw.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://raovat.4umer.com/t138860-topic
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://raovat.4umer.com/t138860-topic

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 02 May 2019 14:53:26 GMT
Expires: 0
Server: nginx/1.14.1
Content-Length: 281
Connection: keep-alive

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9041 76 KB
28 KB 48ms
37ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019043001.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

6d559ff90127fb1a15d5d979816c626d3f044a8a82cae54f5a6d8faa2b8a68b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1556617735866586"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 28690
x-xss-protection: 0
expires: Thu, 02 May 2019 14:53:24 GMT

GET
H/1.1 200
OK osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9041 76 KB
28 KB 69ms
44ms Script
text/javascript 2a00:1450:4001:81e::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81e::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7152dcb01b90c6ed422e5fbf423b3b692320c5070f5c42be9ec4cabf1d936987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 02 May 2019 14:53:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1556617735866586"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=3000
Accept-Ranges: bytes
Content-Length: 28664
X-XSS-Protection: 0
Expires: Thu, 02 May 2019 14:53:24 GMT

GET
H/1.1 200
OK pixel.gif
cdn.viglink.com/images/ 43 B
543 B 34ms
23ms Image
image/gif 2606:4700::6810:a40d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.viglink.com/images/pixel.gif?ch=1&rn=4.4236386970794035
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic
Protocol: HTTP/1.1
Server: 2606:4700::6810:a40d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 02 May 2019 14:53:25 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 10 Feb 2015 03:29:39 GMT
Server: cloudflare
x-amz-request-id: FC48266EBFBBED1E
ETag: "221d8352905f2c38b3cb2bd191d630b0"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=15, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4d0ad317adfdc2ef-FRA
Content-Length: 43
x-amz-id-2: ZYt0XCJT7TDkEZxleonR2vevsXdGlubVX+eAuuuJz1VDiWmEkPWx+T5VJrqeKqvnN7PBuAS9jqI=

GET
H/1.1 200
OK pixel.gif
cdn.viglink.com/images/ 43 B
543 B 36ms
27ms Image
image/gif 2606:4700::6810:a40d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.viglink.com/images/pixel.gif?ch=2&rn=4.4236386970794035
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic
Protocol: HTTP/1.1
Server: 2606:4700::6810:a40d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 02 May 2019 14:53:25 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 10 Feb 2015 03:29:39 GMT
Server: cloudflare
x-amz-request-id: FC48266EBFBBED1E
ETag: "221d8352905f2c38b3cb2bd191d630b0"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=15, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4d0ad317adffc2ef-FRA
Content-Length: 43
x-amz-id-2: ZYt0XCJT7TDkEZxleonR2vevsXdGlubVX+eAuuuJz1VDiWmEkPWx+T5VJrqeKqvnN7PBuAS9jqI=

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 6178 15 KB
8 KB 253ms
247ms Script
text/javascript 216.58.207.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=247166242141516&correlator=1762937544650725&output=json_html&callback=googletag.impl.pubads.setPassbackAdContents&impl=s&eid=21062456%2C21063500%2C21063505&vrg=2019042601&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=0&sfv=1-0-33&iu=%2F1150267%2FEtoxicSarl_2019_300x250&sz=300x250&eri=6&cookie=ID%3Dec4c6aa0c0defc00%3AT%3D1556808804%3AS%3DALNI_MaCAb2zXEviKQzxM8QNUFyW8aG25Q&bc=7&lmt=1556808805&dt=1556808805530&dlt=1556808803758&idt=1448&ea=0&frm=23&biw=1585&bih=1200&isw=-12245933&ish=-12245933&oid=3&adk=3480591353&uci=2x4rand2s1g2&ifi=1&ifk=3343949525&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=http%3A%2F%2Fraovat.4umer.com%2Ft138860-topic&top=raovat.4umer.com&dssz=2&icsg=10&std=0&vis=1&scr_x=0&scr_y=0&blev=1&bisch=1&ga_vid=1463190111.1556808804&ga_sid=1556808804&ga_hid=349190327&ga_fc=true&fws=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019042601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

5f21c423bd894da9935a21e7f2377eeea9ee7827523d6d895952338fef3d7528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 8092
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019042601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 6178 71 KB
27 KB 49ms
48ms Script
text/javascript 216.58.207.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019042601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019042601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

sffe /

Resource Hash

de73f32bb4477b4ee5db462c75708795835fbb0e3c1de9834103f9dbc6b6d2de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 26 Apr 2019 15:03:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 27335
x-xss-protection: 0
expires: Thu, 02 May 2019 14:53:25 GMT

GET
H/1.1 200
OK container.html
tpc.googlesyndication.com/safeframe/1-0-33/html/ Frame 6178 0
0 6ms
6ms Other
text/html 2a00:1450:4001:81d::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://tpc.googlesyndication.com/safeframe/1-0-33/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019042601.js
Protocol: HTTP/1.1
Server: 2a00:1450:4001:81d::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 7F61 16 KB
8 KB 309ms
308ms XHR
text/javascript 216.58.207.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3372440815881131&correlator=1161523044871302&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fif&eid=21061863%2C21062151%2C21062452%2C21062818%2C21062887%2C21063016%2C21063158%2C21063606&vrg=2019042601&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=0&sfv=1-0-33&iu=%2F1150267%2FEtoxicSarl_2019_300x250&sz=300x250&eri=6&cookie=ID%3Dec4c6aa0c0defc00%3AT%3D1556808804%3AS%3DALNI_MaCAb2zXEviKQzxM8QNUFyW8aG25Q&bc=7&lmt=1556808805&dt=1556808805726&dlt=1556808803746&idt=1866&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adx=461&ady=2957&adk=3480591353&uci=2p8v1p53cqbb&ifi=1&ifk=4149713805&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=http%3A%2F%2Fraovat.4umer.com%2Ft138860-topic&top=raovat.4umer.com&dssz=2&icsg=10&std=0&vis=1&scr_x=0&scr_y=0&blev=1&bisch=1&ga_vid=1463190111.1556808804&ga_sid=1556808804&ga_hid=1571213115&ga_fc=true&fws=256

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019042601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

f95139506e20b1dc358e501be86243ebf9c89ec97b99db5792f4df3c7c2e9ada

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://raovat.4umer.com/t138860-topic
Origin: http://raovat.4umer.com

Response headers

date: Thu, 02 May 2019 14:53:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 8268
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://raovat.4umer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019042601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 7F61 71 KB
27 KB 52ms
51ms Script
text/javascript 216.58.207.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019042601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019042601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

sffe /

Resource Hash

de73f32bb4477b4ee5db462c75708795835fbb0e3c1de9834103f9dbc6b6d2de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 May 2019 14:53:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 26 Apr 2019 15:03:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 27335
x-xss-protection: 0
expires: Thu, 02 May 2019 14:53:25 GMT

GET
H/1.1 200
OK container.html
tpc.googlesyndication.com/safeframe/1-0-33/html/ Frame 7F61 0
0 9ms
7ms Other
text/html 2a00:1450:4001:81d::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://tpc.googlesyndication.com/safeframe/1-0-33/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019042601.js
Protocol: HTTP/1.1
Server: 2a00:1450:4001:81d::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H/1.1 200
OK impl.355-445-RELEASE.js Show response
cdn.taboola.com/libtrc/ 367 KB
104 KB 35ms
16ms Script
application/javascript 151.101.194.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/libtrc/impl.355-445-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/forforumotion-vi/loader.js
Protocol: HTTP/1.1
Server: 151.101.194.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 80e61c604efb4fd981f5acced457c023f5f6f49dce7f8688674cbacbeed5bffc

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: C7cbObwe26Wb4wspUflMFoMgntsZbEoI
Content-Encoding: gzip
Age: 190
X-Cache: HIT
Date: Thu, 02 May 2019 14:53:26 GMT
x-amz-replication-status: PENDING
Connection: keep-alive
Content-Length: 106152
x-amz-id-2: +dXgYobAjtw5hXyDw+hamGKcgFcsX/4f+gHSswdhwdf+/pEGVY+v8S0hmguqpHseyhD+IPBZd5w=
X-Served-By: cache-hhn1523-HHN
Last-Modified: Thu, 02 May 2019 14:50:11 GMT
Server: AmazonS3
X-Timer: S1556808806.007537,VS0,VE0
ETag: "12778e49e1720df71dd9b493905c6441"
Vary: Accept-Encoding
x-amz-request-id: 860B47130BD07D1E
Via: 1.1 varnish
Cache-Control: private,max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
abp: 12
X-Cache-Hits: 3191

GET
H/1.1 200
OK beacon.js Show response
b.scorecardresearch.com/ 1 KB
1 KB 1082ms
31ms Script
application/x-javascript 2.16.186.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://b.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/forforumotion-vi/loader.js
Protocol: HTTP/1.1
Server: 2.16.186.51 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 02 May 2019 14:53:27 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 901
Expires: Fri, 03 May 2019 14:53:27 GMT

GET
H/1.1 200
OK container.html
tpc.googlesyndication.com/safeframe/1-0-33/html/ Frame 4B37 0
0 7ms
6ms Document
text/html 2a00:1450:4001:81d::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/safeframe/1-0-33/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019042601.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: tpc.googlesyndication.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://raovat.4umer.com/t138860-topic
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://raovat.4umer.com/t138860-topic

Response headers

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Timing-Allow-Origin: *
Content-Length: 3444
Date: Thu, 18 Apr 2019 17:59:31 GMT
Expires: Fri, 17 Apr 2020 17:59:31 GMT
Last-Modified: Tue, 16 Apr 2019 19:37:56 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Cache-Control: public, immutable, max-age=31536000
Age: 1198435

GET
H/1.1 200
OK osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6178 76 KB
28 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81e::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019042601.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81e::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7152dcb01b90c6ed422e5fbf423b3b692320c5070f5c42be9ec4cabf1d936987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 02 May 2019 14:53:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1556617735866586"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=3000
Accept-Ranges: bytes
Content-Length: 28664
X-XSS-Protection: 0
Expires: Thu, 02 May 2019 14:53:26 GMT

GET
H/1.1 200
OK container.html
tpc.googlesyndication.com/safeframe/1-0-33/html/ Frame B294 0
0 7ms
7ms Document
text/html 2a00:1450:4001:81d::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/safeframe/1-0-33/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019042601.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: tpc.googlesyndication.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://raovat.4umer.com/t138860-topic
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://raovat.4umer.com/t138860-topic

Response headers

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Timing-Allow-Origin: *
Content-Length: 3444
Date: Thu, 18 Apr 2019 17:59:31 GMT
Expires: Fri, 17 Apr 2020 17:59:31 GMT
Last-Modified: Tue, 16 Apr 2019 19:37:56 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Cache-Control: public, immutable, max-age=31536000
Age: 1198435

GET
H/1.1 200
OK osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7F61 76 KB
28 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:81e::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019042601.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81e::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7152dcb01b90c6ed422e5fbf423b3b692320c5070f5c42be9ec4cabf1d936987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 02 May 2019 14:53:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1556617735866586"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=3000
Accept-Ranges: bytes
Content-Length: 28664
X-XSS-Protection: 0
Expires: Thu, 02 May 2019 14:53:26 GMT

POST
H/1.1 200
OK ping Show response
api.viglink.com/api/ 351 B
1 KB 1845ms
41ms XHR
text/javascript 54.154.175.204
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/ping
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Server: 54.154.175.204 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-154-175-204.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 2524aaec3b85c6856b1712c72e48d3331f3af7d873864a2b9e1c8cfe5af26996

Request headers

Referer: http://raovat.4umer.com/t138860-topic
Origin: http://raovat.4umer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 02 May 2019 14:53:28 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://raovat.4umer.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 351
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

204
No Content

b2
b.scorecardresearch.com/
Redirect Chain

http://b.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1556808807073&ns_c=UTF-8&cv=3.1&c8=Ph%C3%BA%20M%E1%BB%B9%20Gold%20City%20h%E1%BA%A5p%20d%E1%BA%ABn%20nh%C3%A0%20%C4%91%E1%BA%A...
http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1556808807073&ns_c=UTF-8&cv=3.1&c8=Ph%C3%BA%20M%E1%BB%B9%20Gold%20City%20h%E1%BA%A5p%20d%E1%BA%ABn%20nh%C3%A0%20%C4%91%E1%BA%...

0
248 B

32ms
31ms

Image
text/plain

2.16.186.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1556808807073&ns_c=UTF-8&cv=3.1&c8=Ph%C3%BA%20M%E1%BB%B9%20Gold%20City%20h%E1%BA%A5p%20d%E1%BA%ABn%20nh%C3%A0%20%C4%91%E1%BA%A7u%20t%C6%B0&c7=http%3A%2F%2Fraovat.4umer.com%2Ft138860-topic&c9=
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic
Protocol: HTTP/1.1
Server: 2.16.186.51 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 May 2019 14:53:27 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1556808807073&ns_c=UTF-8&cv=3.1&c8=Ph%C3%BA%20M%E1%BB%B9%20Gold%20City%20h%E1%BA%A5p%20d%E1%BA%ABn%20nh%C3%A0%20%C4%91%E1%BA%A7u%20t%C6%B0&c7=http%3A%2F%2Fraovat.4umer.com%2Ft138860-topic&c9=
Pragma: no-cache
Date: Thu, 02 May 2019 14:53:27 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9041 42 B
110 B 20ms
15ms Image
image/gif 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvicGraaBhBhkItPsaSeGxpzv4YfB3_rRaZhSh9IHbrjpB2YOkGFFoaXgqu4ji03FyEsq01U9dllqMRTcs7IvlYzjg0LmvVLrfdWy3X9fY&sig=Cg0ArKJSzL80JsvooAYyEAE&adk=442451065&tt=991&bs=1585%2C1200&mtos=1068,1068,1068,1068,1068&tos=1068,0,0,0,0&p=262,429,352,1157&mcvt=1068&rs=3&ht=0&tfs=229&tls=1297&mc=1&lte=1&bas=0&bac=0&avms=geo&rst=1556808804924&rpt=1344&isd=0&lm=2&oseid=3&xdi=0&ps=1585%2C3487&ss=1600%2C1200&pt=307&deb=1-1-1-14-11-40-13-10&tvt=1262&is=728%2C90&iframe_loc=http%3A%2F%2Fraovat.4umer.com%2Ft138860-topic&r=v&id=osdim&vs=4&uc=10&upc=0&tgt=DIV&cl=1&cec=5&clc=0&cac=0&cd=0x0&v=20190429

Requested by

Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 May 2019 14:53:27 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync.gif
api.viglink.com/api/ 0
307 B 39ms
38ms Image
text/plain 54.154.175.204
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://api.viglink.com/api/sync.gif?partner_id=lot
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic
Protocol: HTTP/1.1
Server: 54.154.175.204 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-154-175-204.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 May 2019 14:53:28 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK domains Show response
api.viglink.com/api/ 55 B
502 B 75ms
36ms XHR
text/javascript 54.154.175.204
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/domains
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Server: 54.154.175.204 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-154-175-204.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 7fb99552544739e5d8a9810704bc402152e7c4bb712433c8d50ab2c88d554ab4

Request headers

Referer: http://raovat.4umer.com/t138860-topic
Origin: http://raovat.4umer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 02 May 2019 14:53:27 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://raovat.4umer.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 55
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK insert Show response
api.viglink.com/api/ 117 B
565 B 108ms
39ms XHR
text/javascript 54.154.175.204
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/insert
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Server: 54.154.175.204 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-154-175-204.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 4b8415450c862d333324b9d4c782b85ee3ab8b92ea7dce343acfa019e7fe00cc

Request headers

Referer: http://raovat.4umer.com/t138860-topic
Origin: http://raovat.4umer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 02 May 2019 14:53:28 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://raovat.4umer.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 117
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sync.gif
api.viglink.com/api/ 0
307 B 112ms
37ms Image
text/plain 54.154.175.204
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://api.viglink.com/api/sync.gif?partner_id=eyt
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic
Protocol: HTTP/1.1
Server: 54.154.175.204 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-154-175-204.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 May 2019 14:53:28 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 400
Bad Request optimize Show response
api.viglink.com/api/ 986 B
1 KB 46ms
39ms XHR
text/html 54.154.175.204
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/optimize
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Server: 54.154.175.204 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-154-175-204.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 4192f7a925a86b25b87e422c509071dc6d5222fef92358406b627882ee2c22af

Request headers

Referer: http://raovat.4umer.com/t138860-topic
Origin: http://raovat.4umer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 02 May 2019 14:53:28 GMT
Server: Apache-Coyote/1.1
Content-Language: en
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://raovat.4umer.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html;charset=utf-8
Content-Length: 986
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sync.gif
api.viglink.com/api/ 0
307 B 35ms
34ms Image
text/plain 54.154.175.204
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://api.viglink.com/api/sync.gif?partner_id=svn
Requested by: Host: raovat.4umer.com
URL: http://raovat.4umer.com/t138860-topic
Protocol: HTTP/1.1
Server: 54.154.175.204 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-154-175-204.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://raovat.4umer.com/t138860-topic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 May 2019 14:53:28 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

275 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://raovat.4umer.com/t138860-topic(Line 15) Message: {"w":1600,"h":1200}

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.de
api.viglink.com
b.a2gw.com
b.scorecardresearch.com
bidder.criteo.com
cdn.rawgit.com
cdn.taboola.com
cdn.viglink.com
code.jquery.com
connect.facebook.net
crrepo.com
fonts.googleapis.com
fonts.gstatic.com
hitsk.in
i.imgur.com
i.servimg.com
i97.servimg.com
illiweb.com
images.dmca.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
raovat.4umer.com
raovat.tuoitrevn.net
securepubads.g.doubleclick.net
static.criteo.net
staticxx.facebook.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
151.101.120.193
151.101.194.2
151.101.2.2
151.139.237.11
151.139.242.29
178.250.2.130
178.250.2.152
178.33.44.177
188.165.2.137
2.16.186.51
205.185.208.52
209.197.3.15
216.58.207.34
2606:4700:30::6812:3807
2606:4700:30::6812:3907
2606:4700:30::681b:850d
2606:4700:30::681c:1c04
2606:4700:30::681f:566a
2606:4700::6810:a10d
2606:4700::6810:a40d
2a00:1450:4001:815::2002
2a00:1450:4001:818::2002
2a00:1450:4001:81a::2004
2a00:1450:4001:81b::200a
2a00:1450:4001:81c::200e
2a00:1450:4001:81d::2001
2a00:1450:4001:81e::2002
2a00:1450:4001:824::2003
2a00:1450:4001:824::200e
2a00:1450:4001:825::2002
2a00:1450:4001:825::2003
2a03:2880:f02d:12:face:b00c:0:3
52.30.76.113
54.154.175.204
94.23.73.212
0035ed075d597ffa4dc9deb3f28776a1d13d337daa1f6be413f13cb51f7dd0fb
02be12aef9119686fd59cb18175cb585e21e46a6aa5ec6b10074e6dd37476eef
075cc698968c8fabdc079e0f5a8bf11ed379ddb445d0d7caa5085cf67ff12b57
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0f79bc31608a9b96c72b0ee909ff9f38bde39915d513f339cb495971aa7e440a
10dfcb598d3dd6c0f995f34de110a0612d6e68ee3f9928bcbe1f348084f0d9bf
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12a0b01fda65dafdfecf773d1e3882c97a31562463aef37b93ece475f3412033
166361649cb058cd61e6f87d19a0b47a859deb79a17396c59d8dd9b1c661bc9f
1ccb56e3c58fce6511ad69d71f3a78357043b451270ee13643a32a118899c36c
20ea9b0f35d57e898e1761b34d5b9d019df3201b0d027908cd02d0656c2960d1
2277d479b455f41e7f14f8f2c73868eb304c6cf80cd5dcb7e54ff868fc2ce71e
22890030f40e00ad7694aa78f140c1f08f22451838a4dad8fc2e85337f242a31
235d503d44efda2814ec2bceae1626390f3c7c8b57bfec42531b927de266758e
23fa7927abb72fffbbbaaeabe4c62238ae303156d14226ae64d56d75684798aa
24288187338d0ec227c79bf32788eba753a85b7cbb42c897d4d514d72585cb5f
2524aaec3b85c6856b1712c72e48d3331f3af7d873864a2b9e1c8cfe5af26996
2854d1a7a60eaaf973f850aa7303ac2705a26f92011281ac9b41b684796ed5c3
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c7a8b34d05698985a9c135034620a43a47bb11b9701867465b4909327f018a3
35798ba258c03b2ec9cd20d4e050f10e45f7e9eb628488f8012f4ccf76a7dd39
3bdf088be2b4dd5a29e7d782a66a3728d5a1cbd0c6779855f9ffd9b61ae44389
3f2a88a252ab5dce2170fff4889f744b5a4943b2863b220a96fec7aa9d0bae71
4192f7a925a86b25b87e422c509071dc6d5222fef92358406b627882ee2c22af
4265bef2c2165dc515856027e5dfd765c1a59136fe9c4e4194dee86bb7a9722b
4895ea123004a86ed0195e733b973aac213b6ef43487b706a3cda470b32d2322
4b8415450c862d333324b9d4c782b85ee3ab8b92ea7dce343acfa019e7fe00cc
4d2393ec9a6d20fc58d60f8d9140fd7ccdd709ec1ab00036dce2847901c2ba92
4efba2511ac7b398ee519551405416b684264c28f052829e9dd86bb836257d90
5384a3023793ef64f078ec77235f40a8cb0fe8aa2dfd04fbbbbaf6e292da18c2
53b50d936fbd0379b43181e53561a665a21e6ea1d1fd50a08b8eeaa0fee06906
5b9015044ce252559ccbb0cd794d03c995a50f84884b2019293782fb7fe8874f
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5f21c423bd894da9935a21e7f2377eeea9ee7827523d6d895952338fef3d7528
633651509d699afb23d98c4802604412f8941cda898702a5417d9061c6cf0907
6742ec1271dff587e859a90ce7e4bee26cfd60625f5bb95325650c6b04afda8d
690a9c5e2ba9f5cfb4bb225bf84b658d899b75825472da0851845edb636463dd
6ca20cfedac5fd9258f9f8355b713ae92a640b2ebdd2b048182e0b7eafa1a9fe
6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90
6d559ff90127fb1a15d5d979816c626d3f044a8a82cae54f5a6d8faa2b8a68b5
712c9d428ed763b8dcc806164db50f61c05d6ed818ff65b1c3081f79cf6cf87d
7152dcb01b90c6ed422e5fbf423b3b692320c5070f5c42be9ec4cabf1d936987
783d5189b19fa69b9ca77a4487cf52cc8b0fb3d38762894d18efd5e31bb40fa1
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7fb99552544739e5d8a9810704bc402152e7c4bb712433c8d50ab2c88d554ab4
80e61c604efb4fd981f5acced457c023f5f6f49dce7f8688674cbacbeed5bffc
812d081f4ee2fb711db42bc0dc1fb6ea43ab641be367c6056c7af7df84eba5b3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84193816087e802c9209355842e4d99b9dc73cea9179921c8070da4dcc139b7d
8464f9a28062d00fd300538f9e93fad38faa64b9751db49b28911b9b6cceafdd
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8f54301c324d81a1d069061f8932c853d1ac44fdc77298340743310ec32c4aa7
90e83f9812d4235e44151847751420c1b53a05a31415446dd467c85720f6e143
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
a0babd60ec1d545ccfb6524bbe0c7bc9aa9d6f80844649d0f17601e8da525b18
a56d8fd2c346648167ab574f3be9f54f3a96707aeddcdd3ceabd3ac1201b8057
afdf47418c7cc1acb6a43bf303ce2928e43f4a4269db313e55319374750ab3a1
b0e82f9ce6c1510f32a8e18c9581ba6573b6988dabdd3f2ed6c1ba08eff85cb9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b844a2bb8061f0b3382e300f63fb07d62a08cca0d9eceb0c995ddc2b118fc062
bebb2cbe9bfaeaeec6044f278102e8db469aa3fc22d4f6d35d368b31f3f62a06
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
d22e52d55524c19dd98978fa59b86105107bf7a4f9b3aff7530bfa372bad9d66
d4a0134009f70c36d82c43c77b2a6f0ee48a57beb8d4f9e9ff7c3dd3887212bc
d7302ec78f40ce56d85a90fdcb2f659bac0e8bc6ba023dc1e520a58d94adec0b
da281a874974bf0c9518ccd03db9c96e1f69bfbb72ad62bee649c400d97e4899
de73f32bb4477b4ee5db462c75708795835fbb0e3c1de9834103f9dbc6b6d2de
e393d6f1feb159d634dbe38eb81cb057690e4527b4013840a45ebd1fd6af82b7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b43567491c251c9cd052c69fe953de1b1e8a86ad15fafc20692b513bc4e49d
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
eea9767f3e2c171b55a01fd5da2da5ce658ae3f4e3b6c49cee0659bb38237f6a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2b57c5797018dd0ef9c1c8386ef46d1d27c13ea0615617ffd6e7012074e6948
f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4
f4b71c33ac6ac5b9d76b3dd1ae788431afd678b97666ab0a817ea122e7f326fc
f5b862705def8b10b9a2f6e2d285ace98b47d499942ad23d492820a6a04341dc
f7fd8cd273315dba176575ac928c7d93c1bd685ad93a4f8e3d0a917917b0988f
f95139506e20b1dc358e501be86243ebf9c89ec97b99db5792f4df3c7c2e9ada
fd13440af38cdc0d0c6f12de9da5022672b69a9e7d3039e23794377cc696558f
fe6d42f3670bd140d05899fd0bc6161882da3f9fb4173f241148836279fa5477

raovat.4umer.com Open in urlscan Pro 188.165.2.137 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

104 Requests

62 %HTTPS

54 %IPv6

28 Domains

32 Subdomains

35 IPs

4 Countries

1426 kBTransfer

3461 kBSize

0 Cookies

22 Outgoing links

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

raovat.4umer.com Open in urlscan Pro
188.165.2.137 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

62 %
HTTPS

54 %
IPv6

28
Domains

32
Subdomains

35
IPs

4
Countries

1426 kB
Transfer

3461 kB
Size

0
Cookies

104 HTTP transactions
0 data transactions