raovat5s.biz Open in urlscan Pro
166.62.13.1 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
Submission: On October 28 via manual (October 28th 2020, 2:58:54 pm UTC) from VN

Summary HTTP 72 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 15 domains to perform 72 HTTP transactions. The main IP is 166.62.13.1, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is raovat5s.biz.

This is the only time raovat5s.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	166.62.13.1 166.62.13.1	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
5	103.3.244.106 103.3.244.106	135905 (VNPT-AS-V...) (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
4	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE)
1	45.117.80.222 45.117.80.222	131353 (NHANHOA-A...) (NHANHOA-AS-VN NhanHoa Software company)
1 2	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
1	104.16.88.26 104.16.88.26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE)
1	104.16.87.26 104.16.87.26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	67.202.110.32 67.202.110.32	32748 (STEADFAST) (STEADFAST)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:814::200d	15169 (GOOGLE) (GOOGLE)
1	172.217.21.226 172.217.21.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	208.100.17.190 208.100.17.190	32748 (STEADFAST) (STEADFAST)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE)
72	23

23 166.62.13.1 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)

raovat5s.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 103.3.244.106 (Viet Nam)

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)
PTR: mx106244.v-1000.com

cdyhanam.edu.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

www.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.117.80.222 (Viet Nam)

ASN131353 (NHANHOA-AS-VN NhanHoa Software company, VN)

quangcaosaigon.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.88.26 (United States)

ASN13335 (CLOUDFLARENET, US)

tcr.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.87.26 (United States)

ASN13335 (CLOUDFLARENET, US)

sc.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 67.202.110.32 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-110.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.21.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f226.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.100.17.190 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip190.208-100-17.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	raovat5s.biz raovat5s.biz	157 KB
11	tynt.com tcr.tynt.com sc.tynt.com ic.tynt.com de.tynt.com	19 KB
7	google.com apis.google.com accounts.google.com adservice.google.com	101 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	145 KB
5	twitter.com platform.twitter.com syndication.twitter.com	32 KB
5	cdyhanam.edu.vn cdyhanam.edu.vn	381 KB
4	facebook.com www.facebook.com
3	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	113 B
2	facebook.net connect.facebook.net	59 KB
2	google-analytics.com 1 redirects www.google-analytics.com	17 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	google.de adservice.google.de	168 B
1	googleadservices.com partner.googleadservices.com	631 B
1	quangcaosaigon.vn quangcaosaigon.vn
1	gravatar.com www.gravatar.com	2 KB
72	15

	Domain	Requested by
23	raovat5s.biz	raovat5s.biz
7	ic.tynt.com	raovat5s.biz
5	apis.google.com	raovat5s.biz apis.google.com
5	cdyhanam.edu.vn	raovat5s.biz
4	www.facebook.com	connect.facebook.net
4	platform.twitter.com	raovat5s.biz platform.twitter.com
4	pagead2.googlesyndication.com	raovat5s.biz pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	de.tynt.com	tcr.tynt.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	connect.facebook.net	raovat5s.biz connect.facebook.net
2	www.google-analytics.com	1 redirects raovat5s.biz
1	syndication.twitter.com	raovat5s.biz
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	accounts.google.com	apis.google.com
1	stats.g.doubleclick.net	raovat5s.biz
1	sc.tynt.com	tcr.tynt.com
1	tcr.tynt.com	raovat5s.biz
1	quangcaosaigon.vn	raovat5s.biz
1	www.gravatar.com	raovat5s.biz
72	23

This site contains links to these domains. Also see Links.

Domain
binbadecor.com.vn
brivium.com
cameradongnai247.net
nguyentienkhoa.com
cameradongnai247.com
hoanggiaco.com

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
*.apis.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-01` - `2021-09-30`	2 years	crt.sh
*.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
accounts.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh

This page contains 12 frames:

Primary Page: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
Frame ID: 222BA17615BF3CCE5BC2C8E7135D800F
Requests: 61 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201021/r20190131/zrt_lookup.html
Frame ID: D16F59A40BE360816E8729A2E970FF08
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=http%3A%2F%2Fraovat5s.biz
Frame ID: 29808240800372F69C6D968AF9B6B6D3
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=true&hl=vi-VN&origin=http%3A%2F%2Fraovat5s.biz&url=http%3A%2F%2Fraovat5s.biz%2Fthreads%2Fnho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__
Frame ID: 305DA54B6D9CDF1C9E6D3F0E89984FE7
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=true&hl=vi-VN&origin=http%3A%2F%2Fraovat5s.biz&url=http%3A%2F%2Fraovat5s.biz%2Fthreads%2Fnho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__
Frame ID: 5873AB17A69E5485B1B05C8EDFDC3E87
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fraovat5s.biz&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__
Frame ID: 72F5CE961D57BB342CCB768BBB395C95
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3459542408626149&output=html&adk=1934523412&adf=3164131733&lmt=1603897100&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fraovat5s.biz%2Fthreads%2Fnho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603897102075&bpp=12&bdt=818&idt=153&shv=r20201021&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1846336760681&frm=20&pv=2&ga_vid=1783116984.1603897102&ga_sid=1603897102&ga_hid=765341463&ga_fc=1&iag=0&icsg=8634410&dssz=23&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21067654%2C44730556&oid=3&pvsid=4231235370690113&pem=14&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=184
Frame ID: D6F7156AFA85A87E8F3ED724E4C277E5
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.96fd96193cc66c3e11d4c5e4c7c7ec97.en.html
Frame ID: F281AA717F7B31457F1E4F4D26C70072
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=845736175469110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3790b6a21a0f08%26domain%3Draovat5s.biz%26origin%3Dhttp%253A%252F%252Fraovat5s.biz%252Ff5e2caecc99aa%26relation%3Dparent.parent&color_scheme=light&container_width=0&font=trebuchet%20ms&href=http%3A%2F%2Fraovat5s.biz%2Fthreads%2Fnho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831%2F&layout=button_count&locale=vi_VN&sdk=joey
Frame ID: 39874AFB827419F459F36C5A9F55D016
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=845736175469110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1275ca8adfc468%26domain%3Draovat5s.biz%26origin%3Dhttp%253A%252F%252Fraovat5s.biz%252Ff5e2caecc99aa%26relation%3Dparent.parent&color_scheme=light&container_width=0&font=trebuchet%20ms&href=http%3A%2F%2Fraovat5s.biz%2Fthreads%2Fnho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831%2F&locale=vi_VN&sdk=joey&show_faces=true&width=500
Frame ID: 28E6A47ED1E131784829BF6443937D21
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like_box.php?app_id=845736175469110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df11e45cdf34cdb8%26domain%3Draovat5s.biz%26origin%3Dhttp%253A%252F%252Fraovat5s.biz%252Ff5e2caecc99aa%26relation%3Dparent.parent&container_width=228&header=false&href=http%3A%2F%2Fwww.facebook.com%2Fmuare247vn&locale=vi_VN&sdk=joey&show_faces=true&stream=false&width=238
Frame ID: 0604912ED02DF46A991B50F25694EA11
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Frame ID: 69C35B2E1C0D90EF339C5912F3CC996F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /apis\.google\.com\/js\/[a-z]*\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

72
Requests

57 %
HTTPS

61 %
IPv6

15
Domains

23
Subdomains

23
IPs

5
Countries

941 kB
Transfer

1934 kB
Size

0
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://binbadecor.com.vn/nha-thep-tien-che/
Title: nhà thép tiền chế

Search URL Search Domain Scan URL

URL: http://brivium.com/
Title: XenForo Add-ons by Brivium ™ © 2012-2013 Brivium LLC.

Search URL Search Domain Scan URL

URL: http://cameradongnai247.net/
Title: camera gia re

Search URL Search Domain Scan URL

URL: https://nguyentienkhoa.com/uon-ong-thep-gia-cong/
Title: Uốn ống thép gia công

Search URL Search Domain Scan URL

URL: http://cameradongnai247.com/
Title: camera bien hoa

Search URL Search Domain Scan URL

URL: http://hoanggiaco.com/
Title: hoang gia khang

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 32

http://connect.facebook.net/vi_VN/all.js HTTP 307
https://connect.facebook.net/vi_VN/all.js

Request Chain 39

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=12711602&utmhn=raovat5s.biz&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Tp.HCM%20-%20Nh%E1%BB%9D%20%C4%91%C3%A2u%20m%C3%A0%20m%E1%BA%ABu%20nh%C3%A0%20ti%E1%BB%81n%20ch%E1%BA%BF%20c%E1%BA%A5p%204%20%C4%91%E1%BA%B9p%20r%E1%BA%A5t%20%C4%91%C6%B0%E1%BB%A3c%20%C6%B0a%20chu%E1%BB%99ng%20%7C%20Rao%20Vat%205s%20-%20raovat5s%20-%205giay%20mua%20ban%20-%20Quang%20Cao%20-%20Mua%20Ban%20-%20Dang%20Tin%20Rao%20Vat%20Viet%20Nam&utmhid=765341463&utmr=-&utmp=%2Fthreads%2Fnho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831%2F&utmht=1603897102106&utmac=UA-32777024-1&utmcc=__utma%3D105942528.1783116984.1603897102.1603897102.1603897102.1%3B%2B__utmz%3D105942528.1603897102.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1972773501&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=12711602&utmhn=raovat5s.biz&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Tp.HCM%20-%20Nh%E1%BB%9D%20%C4%91%C3%A2u%20m%C3%A0%20m%E1%BA%ABu%20nh%C3%A0%20ti%E1%BB%81n%20ch%E1%BA%BF%20c%E1%BA%A5p%204%20%C4%91%E1%BA%B9p%20r%E1%BA%A5t%20%C4%91%C6%B0%E1%BB%A3c%20%C6%B0a%20chu%E1%BB%99ng%20%7C%20Rao%20Vat%205s%20-%20raovat5s%20-%205giay%20mua%20ban%20-%20Quang%20Cao%20-%20Mua%20Ban%20-%20Dang%20Tin%20Rao%20Vat%20Viet%20Nam&utmhid=765341463&utmr=-&utmp=%2Fthreads%2Fnho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831%2F&utmht=1603897102106&utmac=UA-32777024-1&utmcc=__utma%3D105942528.1783116984.1603897102.1603897102.1603897102.1%3B%2B__utmz%3D105942528.1603897102.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1972773501&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-32777024-1&cid=1783116984.1603897102&jid=1972773501&_v=5.7.2&z=12711602

72 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/ 74 KB
20 KB 825ms
806ms Document
text/html 166.62.13.1
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
Protocol: HTTP/1.1
Server: 166.62.13.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: 751ac4671337071c1e5f426400d8a02d117c150900cbd0adc1dfa1da64b2aeee

Request headers

Host: raovat5s.biz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 14:58:20 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-control: private, max-age=0
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: xf_session=872e54aa0ad874da3f28f79a6e0baada; path=/; httponly
Last-Modified: Wed, 28 Oct 2020 14:58:20 GMT
Content-Length: 19587
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK css.php
raovat5s.biz/ 98 KB
27 KB 435ms
422ms Stylesheet
text/css 166.62.13.1
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://raovat5s.biz/css.php?css=xenforo,form,public&style=2&dir=LTR&d=1573439841
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
Protocol: HTTP/1.1
Server: 166.62.13.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: 75a5e3d28956b98f043ee4506efd25c936437802c5edbdad72c14b25854b9214

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 14:58:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Jan 1970 00:00:00 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 27174
Expires: Wed, 01 Jan 2020 00:00:00 GMT

GET
H/1.1 200
OK css.php
raovat5s.biz/ 16 KB
5 KB 459ms
446ms Stylesheet
text/css 166.62.13.1
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://raovat5s.biz/css.php?css=MoreThread_main,bb_code,facebook,login_bar,message,message_user_info,share_page,thread_view,wf_default&style=2&dir=LTR&d=1573439841
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
Protocol: HTTP/1.1
Server: 166.62.13.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: a33b35251e9cc0360e244bd36a650689b1d3769a2697c3ba961248c3988726f9

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 14:58:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Jan 1970 00:00:00 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 5002
Expires: Wed, 01 Jan 2020 00:00:00 GMT

GET
H/1.1 200
OK jquery-1.5.2.min.js Show response
raovat5s.biz/js/jquery/ 84 KB
30 KB 433ms
420ms Script
application/javascript 166.62.13.1
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://raovat5s.biz/js/jquery/jquery-1.5.2.min.js
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
Protocol: HTTP/1.1
Server: 166.62.13.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: 8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 14:58:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Feb 2019 05:14:21 GMT
Server: Apache
ETag: "14fa5-582385062e9ff-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 29910
Expires: Wed, 04 Nov 2020 14:58:21 GMT

GET
H/1.1 200
OK xenforo.js Show response
raovat5s.biz/js/xenforo/ 127 KB
40 KB 388ms
375ms Script
application/javascript 166.62.13.1
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://raovat5s.biz/js/xenforo/xenforo.js?_v=bba17b4a
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
Protocol: HTTP/1.1
Server: 166.62.13.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: d685278846b611c16e8ad662f244e4c5f4b4e69282cec95c60c053de23b6d09a

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 14:58:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Feb 2019 05:14:22 GMT
Server: Apache
ETag: "1fc0a-5823850633fd6-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 40696
Expires: Wed, 04 Nov 2020 14:58:21 GMT

GET
H/1.1 200
OK mau-nha-tien-che-cap-4-dep-1.jpg
cdyhanam.edu.vn/wp-content/uploads/2020/07/ 74 KB
74 KB 3144ms
2844ms Image
image/jpeg 103.3.244.106
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdyhanam.edu.vn/wp-content/uploads/2020/07/mau-nha-tien-che-cap-4-dep-1.jpg
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
Protocol: HTTP/1.1
Server: 103.3.244.106 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: mx106244.v-1000.com
Software: Apache /
Resource Hash: 77ee9e0ec9884ddf437a3c9111b3d46dfb1c00fd10b176b92b19ad6f2637011f

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 14:58:22 GMT
Last-Modified: Mon, 06 Jul 2020 17:10:52 GMT
Server: Apache
ETag: "1278e-5a9c8f4fcbb47"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 75662

GET
H/1.1 200
OK mau-nha-tien-che-cap-4-dep-2.jpg
cdyhanam.edu.vn/wp-content/uploads/2020/07/ 60 KB
60 KB 4586ms
4313ms Image
image/jpeg 103.3.244.106
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdyhanam.edu.vn/wp-content/uploads/2020/07/mau-nha-tien-che-cap-4-dep-2.jpg
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
Protocol: HTTP/1.1
Server: 103.3.244.106 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: mx106244.v-1000.com
Software: Apache /
Resource Hash: 27d91cdacca15a5ddf014caacef0120a475030d86f43ffc2dae7f6a081bc8382

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 14:58:22 GMT
Last-Modified: Mon, 06 Jul 2020 17:10:55 GMT
Server: Apache
ETag: "eee7-5a9c8f5307547"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 61159

GET
H/1.1 200
OK mau-nha-tien-che-cap-4-dep-3.jpg
cdyhanam.edu.vn/wp-content/uploads/2020/07/ 91 KB
91 KB 1407ms
1143ms Image
image/jpeg 103.3.244.106
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdyhanam.edu.vn/wp-content/uploads/2020/07/mau-nha-tien-che-cap-4-dep-3.jpg
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
Protocol: HTTP/1.1
Server: 103.3.244.106 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: mx106244.v-1000.com
Software: Apache /
Resource Hash: aeb81b40717302341dae203e0804f64fb96347992dd4beb424927846c7ea5ec3

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 14:58:22 GMT
Last-Modified: Mon, 06 Jul 2020 17:10:56 GMT
Server: Apache
ETag: "16c8d-5a9c8f53f80c8"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 93325

GET
H/1.1 200
OK mau-nha-tien-che-cap-4-dep-4.jpg
cdyhanam.edu.vn/wp-content/uploads/2020/07/ 84 KB
84 KB 875ms
612ms Image
image/jpeg 103.3.244.106
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdyhanam.edu.vn/wp-content/uploads/2020/07/mau-nha-tien-che-cap-4-dep-4.jpg
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
Protocol: HTTP/1.1
Server: 103.3.244.106 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: mx106244.v-1000.com
Software: Apache /
Resource Hash: 24481141aa4d68e73049b31962be061283e7f34aaf07b914c7cc14da79119289

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 14:58:22 GMT
Last-Modified: Mon, 06 Jul 2020 17:10:58 GMT
Server: Apache
ETag: "14e06-5a9c8f55fa71e"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 85510

GET
H/1.1 200
OK mau-nha-tien-che-cap-4-dep-5.jpg
cdyhanam.edu.vn/wp-content/uploads/2020/07/ 71 KB
72 KB 801ms
537ms Image
image/jpeg 103.3.244.106
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdyhanam.edu.vn/wp-content/uploads/2020/07/mau-nha-tien-che-cap-4-dep-5.jpg
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
Protocol: HTTP/1.1
Server: 103.3.244.106 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: mx106244.v-1000.com
Software: Apache /
Resource Hash: ec07c66c624103840bcd66bf53555623223e80522385f3c456a7f0b3443926af

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 14:58:22 GMT
Last-Modified: Mon, 06 Jul 2020 17:11:00 GMT
Server: Apache
ETag: "11dd8-5a9c8f57405e1"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 73176

GET
H/1.1 200
OK avatar_s.png
raovat5s.biz/styles/aurora/xenforo/avatars/ 3 KB
4 KB 189ms
187ms Image
image/png 166.62.13.1
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://raovat5s.biz/styles/aurora/xenforo/avatars/avatar_s.png
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
Protocol: HTTP/1.1
Server: 166.62.13.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: 1a3442e3a6b7211f76ad641864462654a3ab9729cc28053c26de82109477cd16

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 14:58:21 GMT
Last-Modified: Tue, 19 Feb 2019 05:15:03 GMT
Server: Apache
ETag: "cb1-5823852d76947"
Content-Type: image/png
Cache-Control: max-age=5184000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3249
Expires: Sun, 27 Dec 2020 14:58:21 GMT

GET
H/1.1 200
OK 113390.jpg
raovat5s.biz/data/avatars/s/113/ 1 KB
2 KB 189ms
187ms Image
image/jpeg 166.62.13.1
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://raovat5s.biz/data/avatars/s/113/113390.jpg?1603364117
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
Protocol: HTTP/1.1
Server: 166.62.13.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: 1eb9984b0cb1b1049d05f2614d6c378a56e8b7907e9d982b0b7c03c2bcb70d1f

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 14:58:21 GMT
Last-Modified: Thu, 22 Oct 2020 10:55:18 GMT
Server: Apache
ETag: "576-5b2404cb676b0"
Content-Type: image/jpeg
Cache-Control: max-age=5184000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1398
Expires: Sun, 27 Dec 2020 14:58:21 GMT

GET
H/1.1 200
OK 111367.jpg
raovat5s.biz/data/avatars/s/111/ 6 KB
6 KB 190ms
189ms Image
image/jpeg 166.62.13.1
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://raovat5s.biz/data/avatars/s/111/111367.jpg?1592725781
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
Protocol: HTTP/1.1
Server: 166.62.13.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: 47697e0de06f688b2a510837be46a4bd00abf68f360496ee9f94fbbf17fbcf23

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 14:58:21 GMT
Last-Modified: Sun, 21 Jun 2020 07:49:46 GMT
Server: Apache
ETag: "1640-5a8935ebcc6d1"
Content-Type: image/jpeg
Cache-Control: max-age=5184000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 5696
Expires: Sun, 27 Dec 2020 14:58:21 GMT

GET
H/1.1 200
OK 356edfbd5c0a22711ec836513816fb6f.jpg
www.gravatar.com/avatar/ 2 KB
2 KB 27ms
13ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gravatar.com/avatar/356edfbd5c0a22711ec836513816fb6f.jpg?s=48&d=http%3A%2F%2Fraovat5s.biz%2Fstyles%2Faurora%2Fxenforo%2Favatars%2Favatar_s.png
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
Protocol: HTTP/1.1
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: d830fea093fd500499334f045c2689466fbce94710b98a8b433c7cf192486cb1

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-nc: HIT ams 4
Date: Wed, 28 Oct 2020 14:58:21 GMT
Last-Modified: Thu, 09 Jan 2014 03:57:16 GMT
Server: nginx
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Content-Disposition: inline; filename="356edfbd5c0a22711ec836513816fb6f.jpeg"
Connection: keep-alive
Accept-Ranges: bytes
Link: <https://www.gravatar.com/avatar/356edfbd5c0a22711ec836513816fb6f.jpg?s=48&d=http%3A%2F%2Fraovat5s.biz%2Fstyles%2Faurora%2Fxenforo%2Favatars%2Favatar_s.png>; rel="canonical"
Content-Length: 1585
Expires: Wed, 28 Oct 2020 15:03:21 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 131 KB
45 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: raovat5s.biz
URL: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6a7047c2579074c34c4e1f816093b7205111b3af42dce2c00211228ece4c2f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 14:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45809
x-xss-protection: 0
server: cafe
etag: 10743147157834282818
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 28 Oct 2020 14:58:21 GMT

GET
H/1.1 200
OK BackToTop.png
raovat5s.biz/images/ 4 KB
4 KB 184ms
184ms Image
image/png 166.62.13.1
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://raovat5s.biz/images/BackToTop.png
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
Protocol: HTTP/1.1
Server: 166.62.13.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: c3e4a008297c0056b199009b00fdb6eba1083f63c708c411f9eea97686dc894b

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 14:58:21 GMT
Last-Modified: Tue, 19 Feb 2019 05:14:12 GMT
Server: Apache
ETag: "edb-582384fce52a4"
Content-Type: image/png
Cache-Control: max-age=5184000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3803
Expires: Sun, 27 Dec 2020 14:58:21 GMT

GET
H/1.1 404
Not Found logo.png
quangcaosaigon.vn/images/ 0
0 3773ms
1211ms Image
text/html 45.117.80.222
NHANHOA-AS-VN Nha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://quangcaosaigon.vn/images/logo.png
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
Protocol: HTTP/1.1
Server: 45.117.80.222 , Viet Nam, ASN131353 (NHANHOA-AS-VN NhanHoa Software company, VN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

6ms
5ms

Script
text/javascript

2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: raovat5s.biz
URL: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 3341
date: Wed, 28 Oct 2020 14:02:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Wed, 28 Oct 2020 16:02:40 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK pagecontent_bg.jpg
raovat5s.biz/styles/aurora/xenforo/ 1 KB
1 KB 192ms
191ms Image
image/jpeg 166.62.13.1
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://raovat5s.biz/styles/aurora/xenforo/pagecontent_bg.jpg
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/css.php?css=xenforo,form,public&style=2&dir=LTR&d=1573439841
Protocol: HTTP/1.1
Server: 166.62.13.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: 10b7e072184272e244e3e060bd96835e85bc3d74c7a1243be61510d7560f8a89

Request headers

Referer: http://raovat5s.biz/css.php?css=xenforo,form,public&style=2&dir=LTR&d=1573439841
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 14:58:22 GMT
Last-Modified: Tue, 19 Feb 2019 05:15:02 GMT
Server: Apache
ETag: "457-5823852d00aa6"
Content-Type: image/jpeg
Cache-Control: max-age=5184000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1111
Expires: Sun, 27 Dec 2020 14:58:22 GMT

GET
H/1.1 200
OK breadcrumb_bg2.png
raovat5s.biz/styles/aurora/xenforo/ 864 B
1 KB 296ms
185ms Image
image/png 166.62.13.1
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://raovat5s.biz/styles/aurora/xenforo/breadcrumb_bg2.png
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/css.php?css=xenforo,form,public&style=2&dir=LTR&d=1573439841
Protocol: HTTP/1.1
Server: 166.62.13.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: b5d8e66cc5224cd8913da8921e9b7be1ef499f9451165afaf95e8399d2c23bf0

Request headers

Referer: http://raovat5s.biz/css.php?css=xenforo,form,public&style=2&dir=LTR&d=1573439841
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 14:58:22 GMT
Last-Modified: Tue, 19 Feb 2019 05:15:02 GMT
Server: Apache
ETag: "360-5823852cfcfe2"
Content-Type: image/png
Cache-Control: max-age=5184000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 864
Expires: Sun, 27 Dec 2020 14:58:22 GMT

GET
H/1.1 200
OK quicknav.png
raovat5s.biz/styles/aurora/xenforo/widgets/ 2 KB
2 KB 385ms
191ms Image
image/png 166.62.13.1
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://raovat5s.biz/styles/aurora/xenforo/widgets/quicknav.png
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/css.php?css=xenforo,form,public&style=2&dir=LTR&d=1573439841
Protocol: HTTP/1.1
Server: 166.62.13.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: 0fc6e01c17a36ceb7dbd108b5c1e3db05fa707c92088b0fc04314a0894565f0c

Request headers

Referer: http://raovat5s.biz/css.php?css=xenforo,form,public&style=2&dir=LTR&d=1573439841
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 14:58:22 GMT
Last-Modified: Tue, 19 Feb 2019 05:15:02 GMT
Server: Apache
ETag: "65c-5823852d1db64"
Content-Type: image/png
Cache-Control: max-age=5184000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1628
Expires: Sun, 27 Dec 2020 14:58:22 GMT

GET
H/1.1 200
OK 112504.jpg
raovat5s.biz/data/avatars/s/112/ 535 B
876 B 354ms
239ms Image
image/jpeg 166.62.13.1
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://raovat5s.biz/data/avatars/s/112/112504.jpg?1599125539
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/
Protocol: HTTP/1.1
Server: 166.62.13.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: 4eaf63f575af7e9b830ec8f76bdf4048345e48d8c3494ac79c5e700be66278ca

Request headers

Referer: http://raovat5s.biz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 14:58:22 GMT
Last-Modified: Thu, 03 Sep 2020 09:32:20 GMT
Server: Apache
ETag: "217-5ae656dc63c19"
Content-Type: image/jpeg
Cache-Control: max-age=5184000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 535
Expires: Sun, 27 Dec 2020 14:58:22 GMT

GET
H/1.1 200
OK white_trans_bg.gif
raovat5s.biz/styles/aurora/xenforo/ 46 B
384 B 322ms
189ms Image
image/gif 166.62.13.1
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://raovat5s.biz/styles/aurora/xenforo/white_trans_bg.gif
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/css.php?css=xenforo,form,public&style=2&dir=LTR&d=1573439841
Protocol: HTTP/1.1
Server: 166.62.13.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: f0d3dbe7b247f515a7b1dd329b118eb3ce6c8dde372131bb9fec66bbaab14df7

Request headers

Referer: http://raovat5s.biz/css.php?css=xenforo,form,public&style=2&dir=LTR&d=1573439841
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 14:58:22 GMT
Last-Modified: Tue, 19 Feb 2019 05:15:03 GMT
Server: Apache
ETag: "2e-5823852d71373"
Content-Type: image/gif
Cache-Control: max-age=5184000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 46
Expires: Sun, 27 Dec 2020 14:58:22 GMT

GET
H/1.1 200
OK sortnum.png
raovat5s.biz/styles/default/xenforo/vietxf/ 638 B
978 B 197ms
196ms Image
image/png 166.62.13.1
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://raovat5s.biz/styles/default/xenforo/vietxf/sortnum.png
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/css.php?css=MoreThread_main,bb_code,facebook,login_bar,message,message_user_info,share_page,thread_view,wf_default&style=2&dir=LTR&d=1573439841
Protocol: HTTP/1.1
Server: 166.62.13.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: 0e8e3532d38e82282d3cebbf9ac27ff0989f09833b1011f6193cf269fc06fba3

Request headers

Referer: http://raovat5s.biz/css.php?css=MoreThread_main,bb_code,facebook,login_bar,message,message_user_info,share_page,thread_view,wf_default&style=2&dir=LTR&d=1573439841
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 14:58:22 GMT
Last-Modified: Tue, 19 Feb 2019 05:15:03 GMT
Server: Apache
ETag: "27e-5823852e37ee6"
Content-Type: image/png
Cache-Control: max-age=5184000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 638
Expires: Sun, 27 Dec 2020 14:58:22 GMT

GET
H/1.1 200
OK grey_trans_bg.gif
raovat5s.biz/styles/aurora/xenforo/ 46 B
385 B 364ms
351ms Image
image/gif 166.62.13.1
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://raovat5s.biz/styles/aurora/xenforo/grey_trans_bg.gif
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/css.php?css=xenforo,form,public&style=2&dir=LTR&d=1573439841
Protocol: HTTP/1.1
Server: 166.62.13.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: f5550794d98d4d5e6248536593f6661d1ebbf3eb6fc8fb0e059283848bcb059f

Request headers

Referer: http://raovat5s.biz/css.php?css=xenforo,form,public&style=2&dir=LTR&d=1573439841
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 14:58:22 GMT
Last-Modified: Tue, 19 Feb 2019 05:15:03 GMT
Server: Apache
ETag: "2e-5823852d86f13"
Content-Type: image/gif
Cache-Control: max-age=5184000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 46
Expires: Sun, 27 Dec 2020 14:58:22 GMT

GET
H/1.1 200
OK form-button-white-25px.png
raovat5s.biz/styles/aurora/xenforo/gradients/ 163 B
502 B 308ms
197ms Image
image/png 166.62.13.1
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://raovat5s.biz/styles/aurora/xenforo/gradients/form-button-white-25px.png
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/css.php?css=xenforo,form,public&style=2&dir=LTR&d=1573439841
Protocol: HTTP/1.1
Server: 166.62.13.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: b30af76669065e3d88c24e6a25998ae6620c58e987bd5a29b100e8f827d01c3b

Request headers

Referer: http://raovat5s.biz/css.php?css=xenforo,form,public&style=2&dir=LTR&d=1573439841
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 14:58:22 GMT
Last-Modified: Tue, 19 Feb 2019 05:15:03 GMT
Server: Apache
ETag: "a3-5823852d58cbe"
Content-Type: image/png
Cache-Control: max-age=5184000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 163
Expires: Sun, 27 Dec 2020 14:58:22 GMT

GET
H/1.1 200
OK ti.js Show response
tcr.tynt.com/ 45 KB
16 KB 57ms
35ms Script
application/javascript 104.16.88.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tcr.tynt.com/ti.js
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
Protocol: HTTP/1.1
Server: 104.16.88.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97c9e4bb119be4e6842e63d01ac05e1ee6564d3861c1567e10a986403cd682c0

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 14:58:22 GMT
content-encoding: gzip
CF-Cache-Status: HIT
last-modified: Fri, 21 Aug 2020 18:27:45 GMT
Server: cloudflare
Age: 160156
etag: W/"5f401221-b27d"
vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=259200
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5e9583b77fc80c7d-AMS
cf-request-id: 061150a6aa00000c7d69867000000001
Expires: Sat, 31 Oct 2020 14:58:22 GMT

GET
H/1.1 200
OK main_menu_bg.gif
raovat5s.biz/styles/aurora/xenforo/ 506 B
846 B 441ms
190ms Image
image/gif 166.62.13.1
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://raovat5s.biz/styles/aurora/xenforo/main_menu_bg.gif
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/css.php?css=xenforo,form,public&style=2&dir=LTR&d=1573439841
Protocol: HTTP/1.1
Server: 166.62.13.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: 829149d0b5622aea5882c9c172800d648d415129cc704ed651c973425f19fd4a

Request headers

Referer: http://raovat5s.biz/css.php?css=xenforo,form,public&style=2&dir=LTR&d=1573439841
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 14:58:22 GMT
Last-Modified: Tue, 19 Feb 2019 05:15:02 GMT
Server: Apache
ETag: "1fa-5823852cbebe1"
Content-Type: image/gif
Cache-Control: max-age=5184000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 506
Expires: Sun, 27 Dec 2020 14:58:22 GMT

GET
H/1.1 200
OK nav_seperator.gif
raovat5s.biz/styles/aurora/xenforo/ 176 B
515 B 562ms
253ms Image
image/gif 166.62.13.1
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://raovat5s.biz/styles/aurora/xenforo/nav_seperator.gif
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/css.php?css=xenforo,form,public&style=2&dir=LTR&d=1573439841
Protocol: HTTP/1.1
Server: 166.62.13.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: 1c22d239a7164eb03ae66b4d440412d2d6682785d4310b0f22311b989c01d068

Request headers

Referer: http://raovat5s.biz/css.php?css=xenforo,form,public&style=2&dir=LTR&d=1573439841
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 14:58:22 GMT
Last-Modified: Tue, 19 Feb 2019 05:15:02 GMT
Server: Apache
ETag: "b0-5823852cfdfa7"
Content-Type: image/gif
Cache-Control: max-age=5184000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 176
Expires: Sun, 27 Dec 2020 14:58:22 GMT

GET
H/1.1 200
OK nav_bg_selected.png
raovat5s.biz/styles/aurora/xenforo/ 1 KB
1 KB 467ms
190ms Image
image/png 166.62.13.1
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://raovat5s.biz/styles/aurora/xenforo/nav_bg_selected.png
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/css.php?css=xenforo,form,public&style=2&dir=LTR&d=1573439841
Protocol: HTTP/1.1
Server: 166.62.13.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: f1d0d2aa6e3edf0f6316b98d4465f56561e85e7882e66348b2c83bf76e3dc012

Request headers

Referer: http://raovat5s.biz/css.php?css=xenforo,form,public&style=2&dir=LTR&d=1573439841
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 14:58:22 GMT
Last-Modified: Tue, 19 Feb 2019 05:15:02 GMT
Server: Apache
ETag: "460-5823852cece29"
Content-Type: image/png
Cache-Control: max-age=5184000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1120
Expires: Sun, 27 Dec 2020 14:58:22 GMT

GET
H/1.1 200
OK submenu_bg.png
raovat5s.biz/styles/aurora/xenforo/ 3 KB
3 KB 449ms
185ms Image
image/png 166.62.13.1
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://raovat5s.biz/styles/aurora/xenforo/submenu_bg.png
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/css.php?css=xenforo,form,public&style=2&dir=LTR&d=1573439841
Protocol: HTTP/1.1
Server: 166.62.13.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: 6d7d6f51ec8fff63a4f331d41ff4c19ec8452460fec099ce86bd453ad9cd1606

Request headers

Referer: http://raovat5s.biz/css.php?css=xenforo,form,public&style=2&dir=LTR&d=1573439841
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 14:58:22 GMT
Last-Modified: Tue, 19 Feb 2019 05:15:03 GMT
Server: Apache
ETag: "b0e-5823852d6f3f4"
Content-Type: image/png
Cache-Control: max-age=5184000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2830
Expires: Sun, 27 Dec 2020 14:58:22 GMT

GET
H/1.1 200
OK footer-bg.png
raovat5s.biz/styles/aurora/xenforo/ 93 B
431 B 185ms
185ms Image
image/png 166.62.13.1
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://raovat5s.biz/styles/aurora/xenforo/footer-bg.png
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/css.php?css=xenforo,form,public&style=2&dir=LTR&d=1573439841
Protocol: HTTP/1.1
Server: 166.62.13.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: bbbbed4415bb9fd568268faf865e555883e62a452c366db9400f02d2b72c3168

Request headers

Referer: http://raovat5s.biz/css.php?css=xenforo,form,public&style=2&dir=LTR&d=1573439841
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 14:58:22 GMT
Last-Modified: Tue, 19 Feb 2019 05:15:02 GMT
Server: Apache
ETag: "5d-5823852cfb099"
Content-Type: image/png
Cache-Control: max-age=5184000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 93
Expires: Sun, 27 Dec 2020 14:58:22 GMT

GET
H/1.1 200
OK xenforo-ui-sprite.png
raovat5s.biz/styles/aurora/xenforo/ 7 KB
7 KB 187ms
187ms Image
image/png 166.62.13.1
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://raovat5s.biz/styles/aurora/xenforo/xenforo-ui-sprite.png
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/css.php?css=xenforo,form,public&style=2&dir=LTR&d=1573439841
Protocol: HTTP/1.1
Server: 166.62.13.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: e744d2beb11f29f729c4716efb96d11325d73f43e98dc8e26615afda3e024423

Request headers

Referer: http://raovat5s.biz/css.php?css=xenforo,form,public&style=2&dir=LTR&d=1573439841
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 14:58:22 GMT
Last-Modified: Tue, 19 Feb 2019 05:15:02 GMT
Server: Apache
ETag: "1b09-5823852cc2671"
Content-Type: image/png
Cache-Control: max-age=5184000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 6921
Expires: Sun, 27 Dec 2020 14:58:22 GMT

GET
H2

200

all.js Show response
connect.facebook.net/vi_VN/
Redirect Chain

http://connect.facebook.net/vi_VN/all.js
https://connect.facebook.net/vi_VN/all.js

3 KB
2 KB

7ms
6ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/all.js

Requested by

Host: raovat5s.biz
URL: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

baf17cb27a27a651b78353f887a1f9ba0d2ed7c6dcccfe0db0b0c6fff992980c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: yKGK+mr4R0mKMm7N3LJx+w==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
etag: "6f47cf2feeb32182b562b917942eaa68"
x-fb-debug: bTQTcV7yR/447HSIyHvePHotCFK/tkRiMzdnSC77UO2fmHGL/wesjw/GbRYl6rBF7oX2u5fqj0OPTDAQJu0V0Q==
x-fb-trip-id: 664085054
x-fb-content-md5: 4fc8f53fc4aeb7014b243fc97a4e53ae
x-frame-options: DENY
date: Wed, 28 Oct 2020 14:58:22 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 28 Oct 2020 15:09:43 GMT

Redirect headers

Location: https://connect.facebook.net/vi_VN/all.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 7ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/js/xenforo/xenforo.js?_v=bba17b4a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/41A3) /
Resource Hash: 2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 14:58:22 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 471
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length: 28698
x-tw-cdn: VZ
Last-Modified: Thu, 01 Oct 2020 21:52:09 GMT
Server: ECS (fcn/41A3)
Etag: "a671d4d584ef50954e5cebb21da17065+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 plusone.js Show response
apis.google.com/js/ 49 KB
19 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: raovat5s.biz
URL: http://raovat5s.biz/js/xenforo/xenforo.js?_v=bba17b4a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8f83ec4847f74e502cf7cb88387326d770877897b977619c93327fc99b244bbd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hBMTqI1OiTfTcF53QB743w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 14:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "3e801f1b1d67e6ea720d7c6a799ff679"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-hBMTqI1OiTfTcF53QB743w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Wed, 28 Oct 2020 14:58:22 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/ 230 KB
87 KB 57ms
42ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b93041c86419712e621598adda1d9749ce2855af2fd4d952873ef00905922730

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 14:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88452
x-xss-protection: 0
server: cafe
etag: 16783570891068550005
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Oct 2020 14:58:22 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201021/r20190131/ Frame D16F 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201021/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201021/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Wed, 28 Oct 2020 11:43:14 GMT
expires: Wed, 11 Nov 2020 11:43:14 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 11708
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 b7no-63bGr4zUiacwqm_6r.js Show response
sc.tynt.com/script/sc/ 57 B
721 B 516ms
474ms Script
text/javascript 104.16.87.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sc.tynt.com/script/sc/b7no-63bGr4zUiacwqm_6r.js

Requested by

Host: tcr.tynt.com
URL: http://tcr.tynt.com/ti.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.87.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19463040e2e0354fecb88c513ccf8046041a6d149047cb3103bb4942f6853219

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 14:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200, 200 OK
x-xss-protection: 1; mode=block
x-request-id: 25efa7a5-1a25-49ee-a658-f723990877e0
x-runtime: 0.008432
x-content-digest: 3c0929a2815e3db46360e382da67234f35b31cac
last-modified: Wed, 28 Oct 2020 14:05:18 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=86400, public, s-maxage=172800
cf-request-id: 061150a74300001f7420364000000001
cf-ray: 5e9583b86aec1f74-AMS
x-rack-cache: reload, store
expires: Thu, 29 Oct 2020 14:58:22 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 344ms
114ms Image
text/plain 67.202.110.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=b7no-63bGr4zUiacwqm_6r&lm=0&ts=1603897102096&dn=TI&iso=0&ct=Tp.HCM%20-%20Nh%E1%BB%9D%20%C4%91%C3%A2u%20m%C3%A0%20m%E1%BA%ABu%20nh%C3%A0%20ti%E1%BB%81n%20ch%E1%BA%BF%20c%E1%BA%A5p%204%20%C4%91%E1%BA%B9p%20r%E1%BA%A5t%20%C4%91%C6%B0%E1%BB%A3c%20%C6%B0a%20chu%E1%BB%99ng&t=Tp.HCM%20-%20Nh%E1%BB%9D%20%C4%91%C3%A2u%20m%C3%A0%20m%E1%BA%ABu%20nh%C3%A0%20ti%E1%BB%81n%20ch%E1%BA%BF%20c%E1%BA%A5p%204%20%C4%91%E1%BA%B9p%20r%E1%BA%A5t%20%C4%91%C6%B0%E1%BB%A3c%20%C6%B0a%20chu%E1%BB%99ng%20%7C%20Rao%20Vat%205s%20-%20raovat5s%20-%205giay%20mua%20ban%20-%20Quang%20Cao%20-%20Mua%20Ban%20-%20Dang%20Tin%20Rao%20Vat%20Viet%20Nam&cu=http%3A%2F%2Fraovat5s.biz%2Fthreads%2Fnho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831%2F
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.32 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-110.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Wed, 28 Oct 2020 14:58:22 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=12711602&utmhn=raovat5s.biz&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Tp.HCM%20-...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=12711602&utmhn=raovat5s.biz&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Tp.HCM%20...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-32777024-1&cid=1783116984.1603897102&jid=1972773501&_v=5.7.2&z=12711602

35 B
113 B

14ms
13ms

Image
image/gif

2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-32777024-1&cid=1783116984.1603897102&jid=1972773501&_v=5.7.2&z=12711602

Requested by

Host: raovat5s.biz
URL: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 28 Oct 2020 14:58:22 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Oct 2020 14:58:22 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-32777024-1&cid=1783116984.1603897102&jid=1972773501&_v=5.7.2&z=12711602
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 369
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 all.js Show response
connect.facebook.net/vi_VN/ 188 KB
57 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/all.js?hash=8b4224f3875f46a7b1ea26548c349b7a&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/vi_VN/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f8b3e59d688ee18ba3e7e2b157fe0243bb0a42d02cfcc8da19b6b8a1e4e0e497

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: http://raovat5s.biz
Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 8WlNuq0AJZ0zNTEcXcMcrQ==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 57653
etag: "03aa41163d151f772faafeff2b05b3d8"
x-fb-debug: RSfm/fL0bWUSrxyaFfTV4cn0tMpSFBSTr2JhxaqQdn2ZXgyIjWwXQe4gOH4Ni6ZKlK35+aNsCbUq+GpSnep3uw==
x-fb-trip-id: 664085054
x-fb-content-md5: befa8d55b0dd991d14bbcd740051afb4
x-frame-options: DENY
date: Wed, 28 Oct 2020 14:58:22 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Thu, 28 Oct 2021 12:28:22 GMT

GET
H/1.1 200
OK widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html
platform.twitter.com/widgets/ Frame 2980 0
0 7ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=http%3A%2F%2Fraovat5s.biz
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/41A9) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1155542
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 28 Oct 2020 14:58:22 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Thu, 01 Oct 2020 21:50:01 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/41A9)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 5825

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/ 138 KB
48 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e534be2c89e1f740aa5e337494a1c35fa2de8fa8d4d8e4748f403c167e83141

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 22:15:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 17:38:50 GMT
server: sffe
age: 146601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49481
x-xss-protection: 0
expires: Tue, 26 Oct 2021 22:15:01 GMT

GET
H3-Q050 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/ 97 KB
34 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d2a0acc80b1b085951857bfa79bb54bef1f83f05ff5c5be1cbcad59cb838f82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 22:15:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 17:38:50 GMT
server: sffe
age: 146580
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34293
x-xss-protection: 0
expires: Tue, 26 Oct 2021 22:15:22 GMT

GET
H3-Q050 404 fastbutton
apis.google.com/se/0/_/+1/ Frame 305D 0
0 41ms
25ms Document
text/html 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=true&hl=vi-VN&origin=http%3A%2F%2Fraovat5s.biz&url=http%3A%2F%2Fraovat5s.biz%2Fthreads%2Fnho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DgH56ln6iY6jNDJEMc8LIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&size=medium&count=true&hl=vi-VN&origin=http%3A%2F%2Fraovat5s.biz&url=http%3A%2F%2Fraovat5s.biz%2Fthreads%2Fnho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=204=gVd4DnMwdYnxUr3TI3wYT0c3CZ2g8lewWIT8-aMntPe9ChrrJ3CESGUPyjLTARpUuLFxfoVNwSugaUX38y2IlHriTuRRTC3U-yYbXMOiy4t5jbES8cXQTLnIkYmLA4vh9W7Cz3uKZ8UefPC32rWGmxATBqKCOHVMJecvJubz7bU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/

Response headers

status: 404
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 28 Oct 2020 14:58:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-DgH56ln6iY6jNDJEMc8LIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 404 fastbutton
apis.google.com/se/0/_/+1/ Frame 5873 0
0 28ms
28ms Document
text/html 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jZR5Utyn2Xwoq6HLWKF+VA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&size=medium&count=true&hl=vi-VN&origin=http%3A%2F%2Fraovat5s.biz&url=http%3A%2F%2Fraovat5s.biz%2Fthreads%2Fnho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=204=gVd4DnMwdYnxUr3TI3wYT0c3CZ2g8lewWIT8-aMntPe9ChrrJ3CESGUPyjLTARpUuLFxfoVNwSugaUX38y2IlHriTuRRTC3U-yYbXMOiy4t5jbES8cXQTLnIkYmLA4vh9W7Cz3uKZ8UefPC32rWGmxATBqKCOHVMJecvJubz7bU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/

Response headers

status: 404
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 28 Oct 2020 14:58:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-jZR5Utyn2Xwoq6HLWKF+VA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK button.63c51c903061d0dbd843c41e8a00aa5a.js Show response
platform.twitter.com/js/ 7 KB
3 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.63c51c903061d0dbd843c41e8a00aa5a.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/41A3) /
Resource Hash: e0a70c5d116d9c823c7d7958ecea2a7926315fac156e390bd7dc8a5fa088cdc3

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 14:58:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Oct 2020 21:49:51 GMT
Server: ECS (fcn/41A3)
Age: 1186098
Etag: "62d4b0301f07768d13f3ee5de8633739+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2294

GET
H2 200 postmessageRelay
accounts.google.com/o/oauth2/ Frame 72F5 0
0 39ms
39ms Document
text/html 2a00:1450:4001:814::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fraovat5s.biz&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/cb=gapi.loaded_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wrfR99yP42nU+mgUZbh9Pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=http%3A%2F%2Fraovat5s.biz&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=204=gVd4DnMwdYnxUr3TI3wYT0c3CZ2g8lewWIT8-aMntPe9ChrrJ3CESGUPyjLTARpUuLFxfoVNwSugaUX38y2IlHriTuRRTC3U-yYbXMOiy4t5jbES8cXQTLnIkYmLA4vh9W7Cz3uKZ8UefPC32rWGmxATBqKCOHVMJecvJubz7bU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 28 Oct 2020 14:58:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-wrfR99yP42nU+mgUZbh9Pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 202 B
631 B 77ms
29ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=raovat5s.biz&callback=_gfp_s_&client=ca-pub-3459542408626149

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

6bca3e14dfc75f8c6bd1d85d4beddaa734e1c0d77ae37d40eb040ce8cf6fb039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 14:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 16ms
15ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=raovat5s.biz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Oct 2020 14:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 16ms
16ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=raovat5s.biz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Oct 2020 14:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 403 ads
googleads.g.doubleclick.net/pagead/ Frame D6F7 0
0 81ms
80ms Document
text/html 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3459542408626149&output=html&adk=1934523412&adf=3164131733&lmt=1603897100&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fraovat5s.biz%2Fthreads%2Fnho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603897102075&bpp=12&bdt=818&idt=153&shv=r20201021&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1846336760681&frm=20&pv=2&ga_vid=1783116984.1603897102&ga_sid=1603897102&ga_hid=765341463&ga_fc=1&iag=0&icsg=8634410&dssz=23&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21067654%2C44730556&oid=3&pvsid=4231235370690113&pem=14&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=184

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3459542408626149&output=html&adk=1934523412&adf=3164131733&lmt=1603897100&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fraovat5s.biz%2Fthreads%2Fnho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603897102075&bpp=12&bdt=818&idt=153&shv=r20201021&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1846336760681&frm=20&pv=2&ga_vid=1783116984.1603897102&ga_sid=1603897102&ga_hid=765341463&ga_fc=1&iag=0&icsg=8634410&dssz=23&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21067654%2C44730556&oid=3&pvsid=4231235370690113&pem=14&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=184
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/

Response headers

status: 403
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 28 Oct 2020 14:58:22 GMT
server: cafe
content-length: 1654
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 28-Oct-2020 15:13:22 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93e55098f3846c590ea30d65c602bfd53f858a9bec79dd73a15816a70ec06c09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 14:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603712362387365"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27565
x-xss-protection: 0
expires: Wed, 28 Oct 2020 14:58:22 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 36ms
36ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=845736175469110&input_token&origin=1&redirect_uri=http%3A%2F%2Fraovat5s.biz%2Fthreads%2Fnho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/all.js?hash=8b4224f3875f46a7b1ea26548c349b7a&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://raovat5s.biz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
pragma: no-cache
x-fb-debug: cJePjuyx3hiQcDfv8tevzCb8EBIuF+US2u0mWHMnMFkgtGGXSgW5XyApQKe4PcmPN9+7qVSsu/15tpyZjdFgjQ==
fb-s: unknown
cache-control: private, no-cache, no-store, must-revalidate
date: Wed, 28 Oct 2020 14:58:22 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://raovat5s.biz
access-control-expose-headers: fb-s
fb-error-description: "This endpoint may only be called from an HTTPS Origin."
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK tweet_button.96fd96193cc66c3e11d4c5e4c7c7ec97.en.html
platform.twitter.com/widgets/ Frame F281 0
0 9ms
8ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.96fd96193cc66c3e11d4c5e4c7c7ec97.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/41A3) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1186096
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 28 Oct 2020 14:58:22 GMT
Etag: "076dccdedb34f3771be52190b917884e+gzip"
Last-Modified: Thu, 01 Oct 2020 21:49:58 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/41A3)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 12263

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
202 B 343ms
114ms Script
application/javascript 208.100.17.190
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=b7no-63bGr4zUiacwqm_6r&dn=TI&cc=1&r=
Requested by: Host: tcr.tynt.com
URL: http://tcr.tynt.com/ti.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.190 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip190.208-100-17.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 28 Oct 2020 14:58:21 GMT
cache-control: max-age=86400
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 4
expires: Thu, 29 Oct 2020 14:58:22 GMT

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
337 B 141ms
141ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fraovat5s.biz%2Fthreads%2Fnho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1603897102440%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22ed20a2b%3A1601588405575%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: raovat5s.biz
URL: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 14:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 118
pragma: no-cache
last-modified: Wed, 28 Oct 2020 14:58:22 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 92c57d8a80d900e8055dd0690cc9e36d
x-transaction: 00456218008ee4af
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 114ms
114ms Image
text/plain 67.202.110.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=b7no-63bGr4zUiacwqm_6r&lm=0&ts=1603897102096&dn=TI&iso=0&ct=Tp.HCM%20-%20Nh%E1%BB%9D%20%C4%91%C3%A2u%20m%C3%A0%20m%E1%BA%ABu%20nh%C3%A0%20ti%E1%BB%81n%20ch%E1%BA%BF%20c%E1%BA%A5p%204%20%C4%91%E1%BA%B9p%20r%E1%BA%A5t%20%C4%91%C6%B0%E1%BB%A3c%20%C6%B0a%20chu%E1%BB%99ng&t=Tp.HCM%20-%20Nh%E1%BB%9D%20%C4%91%C3%A2u%20m%C3%A0%20m%E1%BA%ABu%20nh%C3%A0%20ti%E1%BB%81n%20ch%E1%BA%BF%20c%E1%BA%A5p%204%20%C4%91%E1%BA%B9p%20r%E1%BA%A5t%20%C4%91%C6%B0%E1%BB%A3c%20%C6%B0a%20chu%E1%BB%99ng%20%7C%20Rao%20Vat%205s%20-%20raovat5s%20-%205giay%20mua%20ban%20-%20Quang%20Cao%20-%20Mua%20Ban%20-%20Dang%20Tin%20Rao%20Vat%20Viet%20Nam&cu=http%3A%2F%2Fraovat5s.biz%2Fthreads%2Fnho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831%2F
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.32 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-110.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Wed, 28 Oct 2020 14:58:22 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 114ms
114ms Image
text/plain 67.202.110.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=b7no-63bGr4zUiacwqm_6r&lm=0&ts=1603897102096&dn=TI&iso=0&ct=Tp.HCM%20-%20Nh%E1%BB%9D%20%C4%91%C3%A2u%20m%C3%A0%20m%E1%BA%ABu%20nh%C3%A0%20ti%E1%BB%81n%20ch%E1%BA%BF%20c%E1%BA%A5p%204%20%C4%91%E1%BA%B9p%20r%E1%BA%A5t%20%C4%91%C6%B0%E1%BB%A3c%20%C6%B0a%20chu%E1%BB%99ng&t=Tp.HCM%20-%20Nh%E1%BB%9D%20%C4%91%C3%A2u%20m%C3%A0%20m%E1%BA%ABu%20nh%C3%A0%20ti%E1%BB%81n%20ch%E1%BA%BF%20c%E1%BA%A5p%204%20%C4%91%E1%BA%B9p%20r%E1%BA%A5t%20%C4%91%C6%B0%E1%BB%A3c%20%C6%B0a%20chu%E1%BB%99ng%20%7C%20Rao%20Vat%205s%20-%20raovat5s%20-%205giay%20mua%20ban%20-%20Quang%20Cao%20-%20Mua%20Ban%20-%20Dang%20Tin%20Rao%20Vat%20Viet%20Nam
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.32 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-110.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Wed, 28 Oct 2020 14:58:22 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 114ms
114ms Image
text/plain 67.202.110.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=b7no-63bGr4zUiacwqm_6r&lm=0&ts=1603897102096&dn=TI&iso=0&ct=Tp.HCM%20-%20Nh%E1%BB%9D%20%C4%91%C3%A2u%20m%C3%A0%20m%E1%BA%ABu%20nh%C3%A0%20ti%E1%BB%81n%20ch%E1%BA%BF%20c%E1%BA%A5p%204%20%C4%91%E1%BA%B9p%20r%E1%BA%A5t%20%C4%91%C6%B0%E1%BB%A3c%20%C6%B0a%20chu%E1%BB%99ng
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.32 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-110.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Wed, 28 Oct 2020 14:58:22 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 119ms
119ms Image
text/plain 67.202.110.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=b7no-63bGr4zUiacwqm_6r&lm=0&ts=1603897102096&dn=TI&iso=0&ct=Tp.HCM%20-%20Nh%E1%BB%9D%20%C4%91%C3%A2u%20m%C3%A0%20m%E1%BA%ABu%20nh%C3%A0%20ti%E1%BB%81n%20ch%E1%BA%BF%20c%E1%BA%A5p%204%20%C4%91%E1%BA%B9p%20r%E1%BA%A5t%20%C4%91%C6%B0%E1%BB%A3c%20%C6%B0a%20chu%E1%BB%99ng
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.32 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-110.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Wed, 28 Oct 2020 14:58:22 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 114ms
114ms Image
text/plain 67.202.110.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=b7no-63bGr4zUiacwqm_6r&lm=0&ts=1603897102096&dn=TI&iso=0
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.32 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-110.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Wed, 28 Oct 2020 14:58:22 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 115ms
115ms Image
text/plain 67.202.110.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=b7no-63bGr4zUiacwqm_6r&lm=0&ts=1603897102096&dn=TI&iso=0
Requested by: Host: raovat5s.biz
URL: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.32 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-110.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Wed, 28 Oct 2020 14:58:23 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
202 B 113ms
113ms Script
application/javascript 208.100.17.190
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=b7no-63bGr4zUiacwqm_6r&dn=TI&cc=2&r=
Requested by: Host: tcr.tynt.com
URL: http://tcr.tynt.com/ti.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.190 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip190.208-100-17.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 28 Oct 2020 14:58:36 GMT
cache-control: max-age=86400
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 4
expires: Thu, 29 Oct 2020 14:58:37 GMT

GET
H2 200 like.php
www.facebook.com/plugins/ Frame 3987 0
0 64ms
63ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?action=like&app_id=845736175469110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3790b6a21a0f08%26domain%3Draovat5s.biz%26origin%3Dhttp%253A%252F%252Fraovat5s.biz%252Ff5e2caecc99aa%26relation%3Dparent.parent&color_scheme=light&container_width=0&font=trebuchet%20ms&href=http%3A%2F%2Fraovat5s.biz%2Fthreads%2Fnho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831%2F&layout=button_count&locale=vi_VN&sdk=joey

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/all.js?hash=8b4224f3875f46a7b1ea26548c349b7a&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?action=like&app_id=845736175469110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3790b6a21a0f08%26domain%3Draovat5s.biz%26origin%3Dhttp%253A%252F%252Fraovat5s.biz%252Ff5e2caecc99aa%26relation%3Dparent.parent&color_scheme=light&container_width=0&font=trebuchet%20ms&href=http%3A%2F%2Fraovat5s.biz%2Fthreads%2Fnho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831%2F&layout=button_count&locale=vi_VN&sdk=joey
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/

Response headers

status: 200
vary: Accept-Encoding
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: ea1UV14NVG7TpFnsmlBKnj/Ja0eQIvXrG2AdESHiBD6ExvfVrGafPhF+wtNVpPk3LeM5SPfFvBt+UPD8IxL+4w==
date: Wed, 28 Oct 2020 14:58:37 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 like.php
www.facebook.com/plugins/ Frame 28E6 0
0 70ms
70ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?action=like&app_id=845736175469110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1275ca8adfc468%26domain%3Draovat5s.biz%26origin%3Dhttp%253A%252F%252Fraovat5s.biz%252Ff5e2caecc99aa%26relation%3Dparent.parent&color_scheme=light&container_width=0&font=trebuchet%20ms&href=http%3A%2F%2Fraovat5s.biz%2Fthreads%2Fnho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831%2F&locale=vi_VN&sdk=joey&show_faces=true&width=500

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/all.js?hash=8b4224f3875f46a7b1ea26548c349b7a&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?action=like&app_id=845736175469110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1275ca8adfc468%26domain%3Draovat5s.biz%26origin%3Dhttp%253A%252F%252Fraovat5s.biz%252Ff5e2caecc99aa%26relation%3Dparent.parent&color_scheme=light&container_width=0&font=trebuchet%20ms&href=http%3A%2F%2Fraovat5s.biz%2Fthreads%2Fnho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831%2F&locale=vi_VN&sdk=joey&show_faces=true&width=500
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/

Response headers

status: 200
vary: Accept-Encoding
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: T6N29xMbeA3Z0XhDhoIZJGE9QqCRyg69mxtCurhsP5qyBkeAMVpp3O4Rn7cZmcyU8E9qYgzcrGWgKBOTBTNu0Q==
date: Wed, 28 Oct 2020 14:58:37 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 like_box.php
www.facebook.com/plugins/ Frame 0604 0
0 83ms
83ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like_box.php?app_id=845736175469110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df11e45cdf34cdb8%26domain%3Draovat5s.biz%26origin%3Dhttp%253A%252F%252Fraovat5s.biz%252Ff5e2caecc99aa%26relation%3Dparent.parent&container_width=228&header=false&href=http%3A%2F%2Fwww.facebook.com%2Fmuare247vn&locale=vi_VN&sdk=joey&show_faces=true&stream=false&width=238

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/all.js?hash=8b4224f3875f46a7b1ea26548c349b7a&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like_box.php?app_id=845736175469110&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df11e45cdf34cdb8%26domain%3Draovat5s.biz%26origin%3Dhttp%253A%252F%252Fraovat5s.biz%252Ff5e2caecc99aa%26relation%3Dparent.parent&container_width=228&header=false&href=http%3A%2F%2Fwww.facebook.com%2Fmuare247vn&locale=vi_VN&sdk=joey&show_faces=true&stream=false&width=238
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/

Response headers

status: 200
vary: Accept-Encoding
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: fqkjQ+fSSI3c+BDpGz2sXaGxro9kVESPVy0Q3vpK2zzk1DJx5bHAojjISp+Fv8ovR0OdeAScbwQtpDzpvznvCQ==
date: Wed, 28 Oct 2020 14:58:37 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 20ms
18ms XHR
application/json 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201021&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd46da358f1e074169fcf8109440311220f0d69bccd18cd7b0f15eff319036a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Oct 2020 14:58:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6511
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 14:58:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601937181905197"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6302
x-xss-protection: 0
expires: Wed, 28 Oct 2020 14:58:37 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/218/ Frame 69C3 0
0 46ms
22ms Document
text/html 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/218/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Wed, 28 Oct 2020 14:51:02 GMT
expires: Thu, 28 Oct 2021 14:51:02 GMT
last-modified: Fri, 25 Sep 2020 19:26:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 455
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
74 B 15ms
14ms Image
image/gif 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=218&t=2&li=gda_r20201021&jk=4231235370690113&bg=!w8ClwODNAAVp0lmVaVjoptVDwz2MugIAAAB6UgAAABMKAQPha3DQz-pko4m8DMjD31PYcqz3M0wiscSLn7-LX_oVIAgC4Y1mt64p6LjlgtAjbO-FQUWUp11fmsFrYX9X71yFrItOC99dQhJsPOAXdzU3IKFpj0tmLarODvJdtipvxQaHfInLxrh2JwkuvJfhT83BlmHa2zFNvGi2oHkzdnjj5sqLL3FIgGBUZa8_SEo_kU9SN8zUzZjV_HHqbx0CPIHDOkWd2GunIhXmgf2mqQ4q3vTByY2siD7uI8YXOvI_DuHoXxp_8mKVbrmzQwGSm1lVw6i52n9uE4xP1QC3O1cad4-XcBGrW7M1Ecn2e1RPZgHImCKT8YrZQwO_RfczNEfkyFSRmQGk_Y27XnX8YOdn3PT4aMO8hC8b7er7J4JHYwDIgem_M3zgqKVUm_kmG8-kyyR0LXLRIvNQMuRjq4fF1O4XGCv-rjLLRXTfoJ-UElZW4PJ6ruyKpjpsdiurq4CtrS2pWmAUEuuTFqDYCVSqmb1k2t0N2Zg2qjlbcye-xdGzntfbaJNsZs-ODmtQKe_67xxZce3OmizJn5UeCwr7Fx6kTG-eSWuc5efvWYi8QweoHTKtzLKRaPrRZYv9VBoMKX86I-sb3VRmHOZrnTdIg41Qh0X2X2zzC1yLG1rnkbZj6HfB5-Ql4TxeEpUXlflT84rZ1rR0pGyEhOLnBmDwCHAaY9EhaQKz_a2kZtCm5DbTIEJQOpFGqYzP4vz9GTj5FPV-7rvAXkwdjXYK-keiB64QqqbatvE8dKEndiCeZQhBBCGml_BumeT661iTXWzO5TsMoJrU5bxQ-KTiHJReFDw4WXtFBTdfXs8WYgmBstbvoh82uXhMGAb3_yXDhMNgwNtRVx1lWBKqz2maLN47nqMI2w4f3IQfiRdfkHP7N_sg25gAQHO-S1fu

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://raovat5s.biz/threads/nho-dau-ma-mau-nha-tien-che-cap-4-dep-rat-duoc-ua-chuong.592831/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Oct 2020 14:58:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://raovat5s.biz/js/xenforo/xenforo.js?_v=bba17b4a(Line 191) Message: XenForo.activate(%o) [object HTMLDocument]
console-api	log	URL: http://raovat5s.biz/js/xenforo/xenforo.js?_v=bba17b4a(Line 192) Message: console.groupEnd
console-api	info	URL: http://raovat5s.biz/js/xenforo/xenforo.js?_v=bba17b4a(Line 188) Message: XenForo.init() %dms. jQuery %s/%s 59 1.5.2 1.2.6-dev
console-api	error	URL: https://connect.facebook.net/vi_VN/all.js?hash=8b4224f3875f46a7b1ea26548c349b7a&ua=modern_es6(Line 52) Message: The method FB.getLoginStatus can no longer be called from http pages. https://developers.facebook.com/blog/post/2018/06/08/enforce-https-facebook-login/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adservice.google.com
adservice.google.de
apis.google.com
cdyhanam.edu.vn
connect.facebook.net
de.tynt.com
googleads.g.doubleclick.net
ic.tynt.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
quangcaosaigon.vn
raovat5s.biz
sc.tynt.com
stats.g.doubleclick.net
syndication.twitter.com
tcr.tynt.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.googletagservices.com
www.gravatar.com
103.3.244.106
104.16.87.26
104.16.88.26
104.244.42.136
166.62.13.1
172.217.21.226
208.100.17.190
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:800::2001
2a00:1450:4001:801::200e
2a00:1450:4001:809::200e
2a00:1450:4001:814::2001
2a00:1450:4001:814::200d
2a00:1450:4001:816::200e
2a00:1450:4001:81d::2002
2a00:1450:4001:81e::2002
2a00:1450:4001:824::2002
2a00:1450:400c:c0c::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:fa87:fffe::c000:4902
45.117.80.222
67.202.110.32
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0e8e3532d38e82282d3cebbf9ac27ff0989f09833b1011f6193cf269fc06fba3
0fc6e01c17a36ceb7dbd108b5c1e3db05fa707c92088b0fc04314a0894565f0c
10b7e072184272e244e3e060bd96835e85bc3d74c7a1243be61510d7560f8a89
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
19463040e2e0354fecb88c513ccf8046041a6d149047cb3103bb4942f6853219
1a3442e3a6b7211f76ad641864462654a3ab9729cc28053c26de82109477cd16
1c22d239a7164eb03ae66b4d440412d2d6682785d4310b0f22311b989c01d068
1e534be2c89e1f740aa5e337494a1c35fa2de8fa8d4d8e4748f403c167e83141
1eb9984b0cb1b1049d05f2614d6c378a56e8b7907e9d982b0b7c03c2bcb70d1f
24481141aa4d68e73049b31962be061283e7f34aaf07b914c7cc14da79119289
27d91cdacca15a5ddf014caacef0120a475030d86f43ffc2dae7f6a081bc8382
2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15
47697e0de06f688b2a510837be46a4bd00abf68f360496ee9f94fbbf17fbcf23
4eaf63f575af7e9b830ec8f76bdf4048345e48d8c3494ac79c5e700be66278ca
6bca3e14dfc75f8c6bd1d85d4beddaa734e1c0d77ae37d40eb040ce8cf6fb039
6d7d6f51ec8fff63a4f331d41ff4c19ec8452460fec099ce86bd453ad9cd1606
751ac4671337071c1e5f426400d8a02d117c150900cbd0adc1dfa1da64b2aeee
75a5e3d28956b98f043ee4506efd25c936437802c5edbdad72c14b25854b9214
77ee9e0ec9884ddf437a3c9111b3d46dfb1c00fd10b176b92b19ad6f2637011f
7d2a0acc80b1b085951857bfa79bb54bef1f83f05ff5c5be1cbcad59cb838f82
829149d0b5622aea5882c9c172800d648d415129cc704ed651c973425f19fd4a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
8f83ec4847f74e502cf7cb88387326d770877897b977619c93327fc99b244bbd
93e55098f3846c590ea30d65c602bfd53f858a9bec79dd73a15816a70ec06c09
97c9e4bb119be4e6842e63d01ac05e1ee6564d3861c1567e10a986403cd682c0
a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee
a33b35251e9cc0360e244bd36a650689b1d3769a2697c3ba961248c3988726f9
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aeb81b40717302341dae203e0804f64fb96347992dd4beb424927846c7ea5ec3
b30af76669065e3d88c24e6a25998ae6620c58e987bd5a29b100e8f827d01c3b
b5d8e66cc5224cd8913da8921e9b7be1ef499f9451165afaf95e8399d2c23bf0
b93041c86419712e621598adda1d9749ce2855af2fd4d952873ef00905922730
baf17cb27a27a651b78353f887a1f9ba0d2ed7c6dcccfe0db0b0c6fff992980c
bbbbed4415bb9fd568268faf865e555883e62a452c366db9400f02d2b72c3168
bd46da358f1e074169fcf8109440311220f0d69bccd18cd7b0f15eff319036a7
c3e4a008297c0056b199009b00fdb6eba1083f63c708c411f9eea97686dc894b
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d685278846b611c16e8ad662f244e4c5f4b4e69282cec95c60c053de23b6d09a
d830fea093fd500499334f045c2689466fbce94710b98a8b433c7cf192486cb1
e0a70c5d116d9c823c7d7958ecea2a7926315fac156e390bd7dc8a5fa088cdc3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a7047c2579074c34c4e1f816093b7205111b3af42dce2c00211228ece4c2f6
e744d2beb11f29f729c4716efb96d11325d73f43e98dc8e26615afda3e024423
ec07c66c624103840bcd66bf53555623223e80522385f3c456a7f0b3443926af
f0d3dbe7b247f515a7b1dd329b118eb3ce6c8dde372131bb9fec66bbaab14df7
f1d0d2aa6e3edf0f6316b98d4465f56561e85e7882e66348b2c83bf76e3dc012
f5550794d98d4d5e6248536593f6661d1ebbf3eb6fc8fb0e059283848bcb059f
f8b3e59d688ee18ba3e7e2b157fe0243bb0a42d02cfcc8da19b6b8a1e4e0e497

raovat5s.biz Open in urlscan Pro 166.62.13.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

72 Requests

57 %HTTPS

61 %IPv6

15 Domains

23 Subdomains

23 IPs

5 Countries

941 kBTransfer

1934 kBSize

0 Cookies

6 Outgoing links

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

raovat5s.biz Open in urlscan Pro
166.62.13.1 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

57 %
HTTPS

61 %
IPv6

15
Domains

23
Subdomains

23
IPs

5
Countries

941 kB
Transfer

1934 kB
Size

0
Cookies

72 HTTP transactions
0 data transactions