urlscan.io logo urlscan.io
SecurityTrails logo

raovat9s.com Open in urlscan Pro
82.180.152.27  Public Scan

Go To Rescan Add Verdict Report
URL: http://raovat9s.com/members/k8betco.43049/
Submission Tags: #k8 #k8bet #nhà_cái_k8 Search All
Submission: On April 16 via manual from VN — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 1 countries across 14 domains to perform 61 HTTP transactions. The main IP is 82.180.152.27, located in Singapore and belongs to AS-HOSTINGER, CY. The main domain is raovat9s.com.
This is the only time raovat9s.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

17    82.180.152.27 (Singapore)

ASN47583 (AS-HOSTINGER, CY)
raovat9s.com
chodichvu.vn
6    2404:6800:4003:c05::9b (Singapore)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
10    35.247.154.239 (Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: cp-apac16.hvn.vn
vxf.vn
2    2404:6800:4003:c00::65 (Singapore)

ASN15169 (GOOGLE, US)
www.google-analytics.com
8    2404:6800:4003:c03::9a (Singapore)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2a03:2880:f00c:300:face:b00c:0:3 (Singapore)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
7    2404:6800:4003:c04::71 (Singapore)

ASN15169 (GOOGLE, US)
apis.google.com
developers.google.com
1    2404:6800:4003:c02::9c (Singapore)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2404:6800:4003:c06::9b (Singapore)

ASN15169 (GOOGLE, US)
adservice.google.com.sg
1    2404:6800:4003:c02::9b (Singapore)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2404:6800:4003:c04::64 (Singapore)

ASN15169 (GOOGLE, US)
developers.google.com
1    2404:6800:4003:c04::65 (Singapore)

ASN15169 (GOOGLE, US)
developers.google.com
2    2404:6800:4003:c03::54 (Singapore)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2404:6800:4003:c04::5e (Singapore)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
1    2a03:2880:f10c:381:face:b00c:0:25de (Singapore)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2404:6800:4003:c03::84 (Singapore)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2404:6800:4003:c0f::68 (Singapore)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
16 raovat9s.com
raovat9s.com
1019 KB
13 google.com
apis.google.com — Cisco Umbrella Rank: 121
adservice.google.com — Cisco Umbrella Rank: 73
developers.google.com — Cisco Umbrella Rank: 11985
accounts.google.com — Cisco Umbrella Rank: 42
www.google.com — Cisco Umbrella Rank: 2
140 KB
10 vxf.vn
vxf.vn
13 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
tpc.googlesyndication.com — Cisco Umbrella Rank: 138
200 KB
8 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
12 KB
2 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 805
134 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 158
88 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
17 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
16 KB
1 gstatic.com
ssl.gstatic.com
5 KB
1 google.com.sg
adservice.google.com.sg — Cisco Umbrella Rank: 27518
531 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 925
605 B
1 chodichvu.vn
chodichvu.vn
450 KB
0 chototvn.net Failed
chototvn.net Failed
61 14
Domain Requested by
16 raovat9s.com raovat9s.com
10 vxf.vn 5 redirects raovat9s.com
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
6 apis.google.com 1 redirects raovat9s.com
apis.google.com
accounts.google.com
6 pagead2.googlesyndication.com raovat9s.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 developers.google.com 2 redirects apis.google.com
2 static.xx.fbcdn.net www.facebook.com
2 accounts.google.com apis.google.com
raovat9s.com
2 connect.facebook.net raovat9s.com
connect.facebook.net
2 www.google-analytics.com raovat9s.com
1 www.google.com tpc.googlesyndication.com
1 www.facebook.com connect.facebook.net
1 ssl.gstatic.com accounts.google.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.com.sg pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 chodichvu.vn raovat9s.com
0 chototvn.net Failed raovat9s.com
61 19

This site contains links to these domains. Also see Links.

Domain
k8bet.co
f8bet.mobi
www.lazada.vn
chodichvu.vn
filler.good.vn
bitcoinnewest.com
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
*.google.com.sg
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-23 -
2023-04-23		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh

This page contains 14 frames:

Primary Page: http://raovat9s.com/members/k8betco.43049/
Frame ID: 83B34F562709D1E11C19D2FDAC23463E
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20190131/zrt_lookup.html
Frame ID: 918C8304126C1142D1218D9F78B66FAE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5381962777152322&output=html&adk=1934523412&adf=3164131733&lmt=1681645288&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fraovat9s.com%2Fmembers%2Fk8betco.43049%2F&ea=0&pra=5&wgl=1&dt=1681645289083&bpp=5&bdt=146&idt=197&shv=r20230412&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7632734845068&frm=20&pv=2&ga_vid=1781877359.1681645289&ga_sid=1681645289&ga_hid=1537476261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31073585%2C31073761&oid=2&pvsid=561213386206360&tmod=1928380699&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=224
Frame ID: 2B6A2AE58EA8FD7ED182FA2FF653CA5B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5381962777152322&output=html&h=300&slotname=5159908244&adk=3829738240&adf=3082817838&pi=t.ma~as.5159908244&w=728&lmt=1681645288&format=728x300&url=http%3A%2F%2Fraovat9s.com%2Fmembers%2Fk8betco.43049%2F&wgl=1&dt=1681645289088&bpp=2&bdt=150&idt=224&shv=r20230412&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7632734845068&frm=20&pv=1&ga_vid=1781877359.1681645289&ga_sid=1681645289&ga_hid=1537476261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=306&ady=214&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31073585%2C31073761&oid=2&pvsid=561213386206360&tmod=1928380699&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=lz9A0wRmpo&p=http%3A//raovat9s.com&dtd=228
Frame ID: 1178EF4CDA0BE841993A6CC498140F6C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5381962777152322&output=html&h=600&slotname=1814380497&adk=3924842593&adf=2771868160&pi=t.ma~as.1814380497&w=250&lmt=1681645288&format=250x600&url=http%3A%2F%2Fraovat9s.com%2Fmembers%2Fk8betco.43049%2F&wgl=1&dt=1681645289116&bpp=5&bdt=178&idt=208&shv=r20230412&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x300&nras=1&correlator=7632734845068&frm=20&pv=1&ga_vid=1781877359.1681645289&ga_sid=1681645289&ga_hid=1537476261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1324&ady=2236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31073585%2C31073761&oid=2&pvsid=561213386206360&tmod=1928380699&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=EVfVqKfNMM&p=http%3A//raovat9s.com&dtd=211
Frame ID: 2DCA4111F89C402FD0A4FF89B7812847
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5381962777152322&output=html&h=90&slotname=9630865630&adk=3415836509&adf=940267551&pi=t.ma~as.9630865630&w=728&lmt=1681645288&format=728x90&url=http%3A%2F%2Fraovat9s.com%2Fmembers%2Fk8betco.43049%2F&wgl=1&dt=1681645289121&bpp=2&bdt=183&idt=220&shv=r20230412&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x300%2C250x600&nras=1&correlator=7632734845068&frm=20&pv=1&ga_vid=1781877359.1681645289&ga_sid=1681645289&ga_hid=1537476261&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=224&ady=23&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31073585%2C31073761&oid=2&pvsid=561213386206360&tmod=1928380699&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=sISbz1unK6&p=http%3A//raovat9s.com&dtd=223
Frame ID: 3396A3944CAE49FD9842409D87A9A659
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5381962777152322&output=html&h=600&slotname=8498456564&adk=3420414647&adf=389011487&pi=t.ma~as.8498456564&w=120&lmt=1681645288&format=120x600&url=http%3A%2F%2Fraovat9s.com%2Fmembers%2Fk8betco.43049%2F&wgl=1&dt=1681645289123&bpp=1&bdt=185&idt=224&shv=r20230412&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x300%2C250x600%2C728x90&nras=1&correlator=7632734845068&frm=20&pv=1&ga_vid=1781877359.1681645289&ga_sid=1681645289&ga_hid=1537476261&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1355&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31073585%2C31073761&oid=2&pvsid=561213386206360&tmod=1928380699&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=VhYYIjnGAw&p=http%3A//raovat9s.com&dtd=228
Frame ID: 3CBDCFB31BA3AE0784B7BBCA516C2D54
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5381962777152322&output=html&h=300&slotname=6091099542&adk=3698524064&adf=2462030970&pi=t.ma~as.6091099542&w=120&lmt=1681645288&format=120x300&url=http%3A%2F%2Fraovat9s.com%2Fmembers%2Fk8betco.43049%2F&wgl=1&dt=1681645289125&bpp=1&bdt=187&idt=228&shv=r20230412&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x300%2C250x600%2C728x90%2C120x600&nras=1&correlator=7632734845068&frm=20&pv=1&ga_vid=1781877359.1681645289&ga_sid=1681645289&ga_hid=1537476261&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=120&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31073585%2C31073761&oid=2&pvsid=561213386206360&tmod=1928380699&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&fsb=1&xpc=kPBr0N4Ccm&p=http%3A//raovat9s.com&dtd=231
Frame ID: 6C6D2C9FCE0EE0ABFE64211720D171BC
Requests: 1 HTTP requests in this frame

Frame: https://developers.google.com/?hl=zh-tw
Frame ID: 7EC65CE23FA6C6208A73A683D5427676
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5381962777152322&output=html&h=250&slotname=3312787761&adk=3595721635&adf=284542370&pi=t.ma~as.3312787761&w=970&lmt=1681645288&format=970x250&url=http%3A%2F%2Fraovat9s.com%2Fmembers%2Fk8betco.43049%2F&wgl=1&dt=1681645289140&bpp=1&bdt=202&idt=238&shv=r20230412&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x300%2C250x600%2C728x90%2C120x600%2C120x300&nras=1&correlator=7632734845068&frm=20&pv=1&ga_vid=1781877359.1681645289&ga_sid=1681645289&ga_hid=1537476261&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=0&ady=2976&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31073585%2C31073761&oid=2&pvsid=561213386206360&tmod=1928380699&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=rPYqi5Rr2J&p=http%3A//raovat9s.com&dtd=242
Frame ID: 088FE2081F58B4A9815F29D1772E4605
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fraovat9s.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.zh_CN.aLDC6GMfm8E.O%2Fd%3D1%2Frs%3DAHpOoo-V7HuaocYnUDmtrz5XseB_5CKBGA%2Fm%3D__features__
Frame ID: CD5D64316951C0A9D9BEEEBB85AED613
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=recommend&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df38eb4cb6ec0bb8%26domain%3Draovat9s.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fraovat9s.com%252Ff2c3f4e27d8d9f%26relation%3Dparent.parent&color_scheme=light&container_width=0&font=trebuchet%20ms&href=http%3A%2F%2Fraovat9s.com%2Fmembers%2Fk8betco.43049%2F&layout=button_count&locale=vi_VN&sdk=joey
Frame ID: 8417BE9DCAF0554AE7292FCFE7564F3F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 65F2BD82D4B906F9E63B2B2894C81F62
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BD7F721A8D7C6C85193015460959C5B0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

k8betco | Diễn đàn rao vặt, rao vặt online, đăng tin rao vặt miễn phí, mua bán rao vặt, rao vặt hà nội,rao vặt tphcm, rao vặt cần thơ, rao vặt phú quốc, rao vặt vũng tàu, rao vặt quảng ninh,rao vặt nam định, rao vặt lâm đồng, rao vặt nhanh DIỄN ĐÀN RAO VẶT TOÀN QUỐC

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

61
Requests

56 %
HTTPS

88 %
IPv6

14
Domains

19
Subdomains

16
IPs

1
Countries

2093 kB
Transfer

3652 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • http://vxf.vn/styles/vxf/face.png HTTP 301
  • https://vxf.vn/styles/vxf/face.png
Request Chain 16
  • http://vxf.vn/styles/vxf/youtube.png HTTP 301
  • https://vxf.vn/styles/vxf/youtube.png
Request Chain 17
  • http://vxf.vn/styles/vxf/twitter.png HTTP 301
  • https://vxf.vn/styles/vxf/twitter.png
Request Chain 18
  • http://vxf.vn/styles/vxf/google.png HTTP 301
  • https://vxf.vn/styles/vxf/google.png
Request Chain 19
  • http://vxf.vn/styles/vxf/rss.png HTTP 301
  • https://vxf.vn/styles/vxf/rss.png
Request Chain 20
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 26
  • http://connect.facebook.net/vi_VN/all.js HTTP 307
  • https://connect.facebook.net/vi_VN/all.js
Request Chain 34
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=566258867&utmhn=raovat9s.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=k8betco%20%7C%20Di%E1%BB%85n%20%C4%91%C3%A0n%20rao%20v%E1%BA%B7t%2C%20rao%20v%E1%BA%B7t%20online%2C%20%C4%91%C4%83ng%20tin%20rao%20v%E1%BA%B7t%20mi%E1%BB%85n%20ph%C3%AD%2C%20mua%20b%C3%A1n%20rao%20v%E1%BA%B7t%2C%20rao%20v%E1%BA%B7t%20h%C3%A0%20n%E1%BB%99i%2Crao%20v%E1%BA%B7t%20tphcm%2C%20rao%20v%E1%BA%B7t%20c%E1%BA%A7n%20th%C6%A1%2C%20rao%20v%E1%BA%B7t%20ph%C3%BA%20qu%E1%BB%91c%2C%20rao%20v%E1%BA%B7t%20v%C5%A9ng%20t%C3%A0u%2C%20rao%20v%E1%BA%B7t%20qu%E1%BA%A3ng%20ninh%2Crao%20v%E1%BA%B7t%20nam%20%C4%91%E1%BB%8Bnh%2C%20rao%20v%E1%BA%B7t%20l%C3%A2m%20%C4%91%E1%BB%93ng%2C%20rao%20v%E1%BA%B7t%20nhanh%20DI%E1%BB%84N%20%C4%90%C3%80N%20RAO%20V%E1%BA%B6T%20TO%C3%80N%20QU%E1%BB%90C&utmhid=1537476261&utmr=-&utmp=%2Fmembers%2Fk8betco.43049%2F&utmht=1681645289337&utmac=UA-124744901-1&utmcc=__utma%3D134834546.1781877359.1681645289.1681645289.1681645289.1%3B%2B__utmz%3D134834546.1681645289.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1619629846&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=566258867&utmhn=raovat9s.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=k8betco%20%7C%20Di%E1%BB%85n%20%C4%91%C3%A0n%20rao%20v%E1%BA%B7t%2C%20rao%20v%E1%BA%B7t%20online%2C%20%C4%91%C4%83ng%20tin%20rao%20v%E1%BA%B7t%20mi%E1%BB%85n%20ph%C3%AD%2C%20mua%20b%C3%A1n%20rao%20v%E1%BA%B7t%2C%20rao%20v%E1%BA%B7t%20h%C3%A0%20n%E1%BB%99i%2Crao%20v%E1%BA%B7t%20tphcm%2C%20rao%20v%E1%BA%B7t%20c%E1%BA%A7n%20th%C6%A1%2C%20rao%20v%E1%BA%B7t%20ph%C3%BA%20qu%E1%BB%91c%2C%20rao%20v%E1%BA%B7t%20v%C5%A9ng%20t%C3%A0u%2C%20rao%20v%E1%BA%B7t%20qu%E1%BA%A3ng%20ninh%2Crao%20v%E1%BA%B7t%20nam%20%C4%91%E1%BB%8Bnh%2C%20rao%20v%E1%BA%B7t%20l%C3%A2m%20%C4%91%E1%BB%93ng%2C%20rao%20v%E1%BA%B7t%20nhanh%20DI%E1%BB%84N%20%C4%90%C3%80N%20RAO%20V%E1%BA%B6T%20TO%C3%80N%20QU%E1%BB%90C&utmhid=1537476261&utmr=-&utmp=%2Fmembers%2Fk8betco.43049%2F&utmht=1681645289337&utmac=UA-124744901-1&utmcc=__utma%3D134834546.1781877359.1681645289.1681645289.1681645289.1%3B%2B__utmz%3D134834546.1681645289.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1619629846&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~
Request Chain 41
  • https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=true&hl=vi-VN&origin=http%3A%2F%2Fraovat9s.com&url=http%3A%2F%2Fraovat9s.com%2Fmembers%2Fk8betco.43049%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.zh_CN.aLDC6GMfm8E.O%2Fd%3D1%2Frs%3DAHpOoo-V7HuaocYnUDmtrz5XseB_5CKBGA%2Fm%3D__features__ HTTP 301
  • http://developers.google.com/ HTTP 301
  • https://developers.google.com/ HTTP 302
  • https://developers.google.com/?hl=zh-tw

61 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
raovat9s.com/members/k8betco.43049/ 		40 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://raovat9s.com/members/k8betco.43049/
Protocol
HTTP/1.1
Server
82.180.152.27 , Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/5.6.40
Resource Hash
f6ebe38907d5529d2b663ff996870ad7e260b2db0870866c54ce7fb976138bac
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
cache-control
private, max-age=0
content-encoding
gzip
content-length
12726
content-type
text/html; charset=UTF-8
date
Sun, 16 Apr 2023 11:41:28 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
last-modified
Sun, 16 Apr 2023 11:41:28 GMT
platform
hostinger
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-powered-by
PHP/5.6.40
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		138 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: raovat9s.com
URL: http://raovat9s.com/members/k8betco.43049/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8c9eae661eb2bde9b31a2d365e32092d6ac52c224092fd9d34f05d314a6ab567
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://raovat9s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 11:41:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48055
x-xss-protection
0
server
cafe
etag
6824176281237043346
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 16 Apr 2023 11:41:28 GMT
css.php
raovat9s.com/ 		99 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://raovat9s.com/css.php?css=xenforo,form,public&style=3&dir=LTR&d=1671071920
Requested by
Host: raovat9s.com
URL: http://raovat9s.com/members/k8betco.43049/
Protocol
HTTP/1.1
Server
82.180.152.27 , Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/5.6.40
Resource Hash
55d17cb62f97cffefb2d9a1c902af1c8cc9cb7ce5f7352427e6db10ef2af7c0e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://raovat9s.com/members/k8betco.43049/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 11:41:29 GMT
content-encoding
gzip
last-modified
Thu, 15 Dec 2022 02:38:40 GMT
server
LiteSpeed
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public
Connection
Keep-Alive
platform
hostinger
Keep-Alive
timeout=5, max=100
content-length
25701
expires
Wed, 01 Jan 2020 00:00:00 GMT
custom-node-icons
raovat9s.com/misc/ 		8 KB
861 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://raovat9s.com/misc/custom-node-icons?d=1390208640
Requested by
Host: raovat9s.com
URL: http://raovat9s.com/members/k8betco.43049/
Protocol
HTTP/1.1
Server
82.180.152.27 , Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/5.6.40
Resource Hash
7b5f61daeff8566e172c4d6e7039e5cfaf9cc2b1a38f8aaa4b7a22e1cff352fe

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://raovat9s.com/members/k8betco.43049/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 11:41:29 GMT
content-encoding
gzip
last-modified
Mon, 20 Jan 2014 09:04:00 GMT
server
LiteSpeed
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public
Connection
Keep-Alive
platform
hostinger
Keep-Alive
timeout=5, max=100
content-length
467
expires
Wed, 01 Jan 2020 00:00:00 GMT
css.php
raovat9s.com/ 		19 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://raovat9s.com/css.php?css=bb_code,login_bar,member_view,message_simple,sidebar_share_page,wf_default&style=3&dir=LTR&d=1671071920
Requested by
Host: raovat9s.com
URL: http://raovat9s.com/members/k8betco.43049/
Protocol
HTTP/1.1
Server
82.180.152.27 , Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/5.6.40
Resource Hash
db9e3600061a5340d8aecbfad949b4c82cb427c1b5c4844a94ccf3f6a072c948

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://raovat9s.com/members/k8betco.43049/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 11:41:29 GMT
content-encoding
gzip
last-modified
Thu, 15 Dec 2022 02:38:40 GMT
server
LiteSpeed
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public
Connection
Keep-Alive
platform
hostinger
Keep-Alive
timeout=5, max=100
content-length
5359
expires
Wed, 01 Jan 2020 00:00:00 GMT
jquery-1.10.2.min.js
raovat9s.com/js/jquery/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://raovat9s.com/js/jquery/jquery-1.10.2.min.js
Requested by
Host: raovat9s.com
URL: http://raovat9s.com/members/k8betco.43049/
Protocol
HTTP/1.1
Server
82.180.152.27 , Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://raovat9s.com/members/k8betco.43049/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 11:41:28 GMT
content-encoding
gzip
last-modified
Thu, 14 Jan 2021 04:30:36 GMT
server
LiteSpeed
etag
"16bb3-5fffc8ec-2ad2ae153cbb97e5;gz"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
platform
hostinger
Keep-Alive
timeout=5, max=100
content-length
32862
expires
Sun, 23 Apr 2023 11:41:28 GMT
xenforo.js
raovat9s.com/js/xenforo/ 		148 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://raovat9s.com/js/xenforo/xenforo.js?_v=89ce0400
Requested by
Host: raovat9s.com
URL: http://raovat9s.com/members/k8betco.43049/
Protocol
HTTP/1.1
Server
82.180.152.27 , Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
e95bc8bb95b8a4fbb83172407815a497e27a202f72c6831684a4fab11dcac922

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://raovat9s.com/members/k8betco.43049/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 11:41:28 GMT
content-encoding
gzip
last-modified
Thu, 14 Jan 2021 04:30:37 GMT
server
LiteSpeed
etag
"24eda-5fffc8ed-978aafbb661ba3bb;gz"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
platform
hostinger
Keep-Alive
timeout=5, max=100
content-length
47516
expires
Sun, 23 Apr 2023 11:41:28 GMT
quick_reply_profile.js
raovat9s.com/js/xenforo/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://raovat9s.com/js/xenforo/quick_reply_profile.js?_v=89ce0400
Requested by
Host: raovat9s.com
URL: http://raovat9s.com/members/k8betco.43049/
Protocol
HTTP/1.1
Server
82.180.152.27 , Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
b2689ae4331f00e246726fe8cb38c40fde8647d1d0afb73a2df11233ff488e88

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://raovat9s.com/members/k8betco.43049/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 11:41:28 GMT
content-encoding
gzip
last-modified
Thu, 14 Jan 2021 04:30:37 GMT
server
LiteSpeed
etag
"494-5fffc8ed-d2fdddaa656c7999;gz"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
platform
hostinger
Keep-Alive
timeout=5, max=100
content-length
589
expires
Sun, 23 Apr 2023 11:41:28 GMT
comments_simple.js
raovat9s.com/js/xenforo/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://raovat9s.com/js/xenforo/comments_simple.js?_v=89ce0400
Requested by
Host: raovat9s.com
URL: http://raovat9s.com/members/k8betco.43049/
Protocol
HTTP/1.1
Server
82.180.152.27 , Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
ae29b68ec33ea1db88a4c3a1f23e659ef7819816c416f0028791b9555492356e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://raovat9s.com/members/k8betco.43049/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 11:41:29 GMT
content-encoding
gzip
last-modified
Thu, 14 Jan 2021 04:30:37 GMT
server
LiteSpeed
etag
"814-5fffc8ed-ef63219e904cdb15;gz"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
platform
hostinger
Keep-Alive
timeout=5, max=100
content-length
778
expires
Sun, 23 Apr 2023 11:41:29 GMT
43049.jpg
raovat9s.com/data/avatars/l/43/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://raovat9s.com/data/avatars/l/43/43049.jpg?1681580618
Requested by
Host: raovat9s.com
URL: http://raovat9s.com/members/k8betco.43049/
Protocol
HTTP/1.1
Server
82.180.152.27 , Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
2f8c1ffa904116d664d76e3606bf04a25b3c15c8a9437c64332f2de4f53a716a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://raovat9s.com/members/k8betco.43049/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 11:41:29 GMT
last-modified
Sat, 15 Apr 2023 17:43:38 GMT
server
LiteSpeed
etag
"17f5-643ae24a-4f52fb5371a13103;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
platform
hostinger
Keep-Alive
timeout=5, max=100
content-length
6133
expires
Sun, 23 Apr 2023 11:41:29 GMT
43049.jpg
raovat9s.com/data/avatars/s/43/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://raovat9s.com/data/avatars/s/43/43049.jpg?1681580618
Requested by
Host: raovat9s.com
URL: http://raovat9s.com/members/k8betco.43049/
Protocol
HTTP/1.1
Server
82.180.152.27 , Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a3d8ff57c62fdd31ab668687d31c8fc035028008616140c4b006ae3c7004f55f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://raovat9s.com/members/k8betco.43049/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 11:41:29 GMT
last-modified
Sat, 15 Apr 2023 17:43:38 GMT
server
LiteSpeed
etag
"685-643ae24a-694a0c3716ea4fcc;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
platform
hostinger
Keep-Alive
timeout=5, max=100
content-length
1669
expires
Sun, 23 Apr 2023 11:41:29 GMT
25x.gif
raovat9s.com/ 		874 KB
874 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://raovat9s.com/25x.gif
Requested by
Host: raovat9s.com
URL: http://raovat9s.com/members/k8betco.43049/
Protocol
HTTP/1.1
Server
82.180.152.27 , Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
801618d0c351afd3be78850468a3d2c5debbfeb9a7f485aaa997dd3dfe267932

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://raovat9s.com/members/k8betco.43049/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 11:41:29 GMT
last-modified
Fri, 17 Mar 2023 08:40:15 GMT
server
LiteSpeed
etag
"da821-6414276f-5ddf01b00092745e;;;"
content-type
image/gif
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
platform
hostinger
Keep-Alive
timeout=5, max=100
content-length
895009
expires
Sun, 23 Apr 2023 11:41:29 GMT
keosua.jpg
chodichvu.vn/ 		450 KB
450 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://chodichvu.vn/keosua.jpg
Requested by
Host: raovat9s.com
URL: http://raovat9s.com/members/k8betco.43049/
Protocol
HTTP/1.1
Server
82.180.152.27 , Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
e8adee5f35febbaab57760e6f01748876c5372f228dbcc4934209a27a92296a3

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://raovat9s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 11:41:29 GMT
last-modified
Thu, 31 Mar 2022 01:30:36 GMT
server
LiteSpeed
etag
"7060e-6245043c-6fa058b71225aa83;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
platform
hostinger
Keep-Alive
timeout=5, max=100
content-length
460302
expires
Sun, 23 Apr 2023 11:41:29 GMT
scripts.js
raovat9s.com/js/menu/ 		484 B
706 B 		Script
General
Check archive.org
Download Go to
Full URL
http://raovat9s.com/js/menu/scripts.js
Requested by
Host: raovat9s.com
URL: http://raovat9s.com/members/k8betco.43049/
Protocol
HTTP/1.1
Server
82.180.152.27 , Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
98c7d7f8e6e3c4f3cc6586ba73114ccfee4a672cc298509b469bae526df74aeb

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://raovat9s.com/members/k8betco.43049/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 11:41:29 GMT
content-encoding
gzip
last-modified
Thu, 14 Jan 2021 04:30:36 GMT
server
LiteSpeed
etag
"1e4-5fffc8ec-ea2a1795b793a4c3;gz"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
platform
hostinger
Keep-Alive
timeout=5, max=100
content-length
257
expires
Sun, 23 Apr 2023 11:41:29 GMT
style.css
raovat9s.com/js/menu/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://raovat9s.com/js/menu/style.css
Requested by
Host: raovat9s.com
URL: http://raovat9s.com/members/k8betco.43049/
Protocol
HTTP/1.1
Server
82.180.152.27 , Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
8e3e7c93cd94071401ef5a10a76da0d1ffc67fb834d738d3ef8020898714f2c4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://raovat9s.com/members/k8betco.43049/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 11:41:29 GMT
content-encoding
gzip
last-modified
Thu, 14 Jan 2021 04:30:36 GMT
server
LiteSpeed
etag
"166d-5fffc8ec-d70e3964f2741c32;gz"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
platform
hostinger
Keep-Alive
timeout=5, max=100
content-length
1474
expires
Sun, 23 Apr 2023 11:41:29 GMT
logos.png
raovat9s.com/styles/default/xenforo/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://raovat9s.com/styles/default/xenforo/logos.png
Requested by
Host: raovat9s.com
URL: http://raovat9s.com/members/k8betco.43049/
Protocol
HTTP/1.1
Server
82.180.152.27 , Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
de5e22ada037ab3fe00d97fbec20abbcee30c81c29aacdf4b6e099fea0837850

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://raovat9s.com/members/k8betco.43049/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 11:41:29 GMT
last-modified
Thu, 14 Jan 2021 04:30:09 GMT
server
LiteSpeed
etag
"7df-5fffc8d1-1473ac857dd3b317;;;"
content-type
image/png
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
platform
hostinger
Keep-Alive
timeout=5, max=100
content-length
2015
expires
Sun, 23 Apr 2023 11:41:29 GMT
face.png
vxf.vn/styles/vxf/
Redirect Chain
  • http://vxf.vn/styles/vxf/face.png
  • https://vxf.vn/styles/vxf/face.png
758 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vxf.vn/styles/vxf/face.png
Requested by
Host: raovat9s.com
URL: http://raovat9s.com/members/k8betco.43049/
Protocol
H2
Server
35.247.154.239 , Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
cp-apac16.hvn.vn
Software
nginx /
Resource Hash
d79577508510051edcbd95ab4ec9e9a633e1a847ad4271ef220a8f4919255b3c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://raovat9s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 11:41:29 GMT
last-modified
Mon, 20 May 2013 03:51:32 GMT
server
nginx
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":444"; ma=2592000, h3-29=":444"; ma=2592000, h3-Q050=":444"; ma=2592000, h3-Q046=":444"; ma=2592000, h3-Q043=":444"; ma=2592000, quic=":444"; ma=2592000; v="43,46"
content-length
758
expires
Sun, 23 Apr 2023 11:41:29 GMT

Redirect headers

Date
Sun, 16 Apr 2023 11:41:29 GMT
Server
nginx
vary
User-Agent
Content-Type
text/html
location
https://vxf.vn/styles/vxf/face.png
x-turbo-charged-by
LiteSpeed
Connection
keep-alive
Content-Length
707
youtube.png
vxf.vn/styles/vxf/
Redirect Chain
  • http://vxf.vn/styles/vxf/youtube.png
  • https://vxf.vn/styles/vxf/youtube.png
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vxf.vn/styles/vxf/youtube.png
Requested by
Host: raovat9s.com
URL: http://raovat9s.com/members/k8betco.43049/
Protocol
H2
Server
35.247.154.239 , Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
cp-apac16.hvn.vn
Software
nginx /
Resource Hash
25f88689138773380e7ca6b18402cd95f751c61c99e5ef08c496431c4c905761

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://raovat9s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 11:41:29 GMT
last-modified
Mon, 20 May 2013 03:51:32 GMT
server
nginx
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":444"; ma=2592000, h3-29=":444"; ma=2592000, h3-Q050=":444"; ma=2592000, h3-Q046=":444"; ma=2592000, h3-Q043=":444"; ma=2592000, quic=":444"; ma=2592000; v="43,46"
content-length
3714
expires
Sun, 23 Apr 2023 11:41:29 GMT

Redirect headers

Date
Sun, 16 Apr 2023 11:41:29 GMT
Server
nginx
vary
User-Agent
Content-Type
text/html
location
https://vxf.vn/styles/vxf/youtube.png
x-turbo-charged-by
LiteSpeed
Connection
keep-alive
Content-Length
707
twitter.png
vxf.vn/styles/vxf/
Redirect Chain
  • http://vxf.vn/styles/vxf/twitter.png
  • https://vxf.vn/styles/vxf/twitter.png
919 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vxf.vn/styles/vxf/twitter.png
Requested by
Host: raovat9s.com
URL: http://raovat9s.com/members/k8betco.43049/
Protocol
H2
Server
35.247.154.239 , Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
cp-apac16.hvn.vn
Software
nginx /
Resource Hash
874aac447b4ff283980b3f189bb824ebaa59c5e4bc4a65495ed332c6cd2a26e5

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://raovat9s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 11:41:29 GMT
last-modified
Mon, 20 May 2013 03:51:32 GMT
server
nginx
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":444"; ma=2592000, h3-29=":444"; ma=2592000, h3-Q050=":444"; ma=2592000, h3-Q046=":444"; ma=2592000, h3-Q043=":444"; ma=2592000, quic=":444"; ma=2592000; v="43,46"
content-length
919
expires
Sun, 23 Apr 2023 11:41:29 GMT

Redirect headers

Date
Sun, 16 Apr 2023 11:41:29 GMT
Server
nginx
vary
User-Agent
Content-Type
text/html
location
https://vxf.vn/styles/vxf/twitter.png
x-turbo-charged-by
LiteSpeed
Connection
keep-alive
Content-Length
707
google.png
vxf.vn/styles/vxf/
Redirect Chain
  • http://vxf.vn/styles/vxf/google.png
  • https://vxf.vn/styles/vxf/google.png
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vxf.vn/styles/vxf/google.png
Requested by
Host: raovat9s.com
URL: http://raovat9s.com/members/k8betco.43049/
Protocol
H2
Server
35.247.154.239 , Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
cp-apac16.hvn.vn
Software
nginx /
Resource Hash
2423762036ba3e959f08d1db2417ce868c1d64e9b8057bc95296fd9b2b7faec8

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://raovat9s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 11:41:29 GMT
last-modified
Mon, 20 May 2013 03:51:30 GMT
server
nginx
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":444"; ma=2592000, h3-29=":444"; ma=2592000, h3-Q050=":444"; ma=2592000, h3-Q046=":444"; ma=2592000, h3-Q043=":444"; ma=2592000, quic=":444"; ma=2592000; v="43,46"
content-length
3713
expires
Sun, 23 Apr 2023 11:41:29 GMT

Redirect headers

Date
Sun, 16 Apr 2023 11:41:29 GMT
Server
nginx
vary
User-Agent
Content-Type
text/html
location
https://vxf.vn/styles/vxf/google.png
x-turbo-charged-by
LiteSpeed
Connection
keep-alive
Content-Length
707
rss.png
vxf.vn/styles/vxf/
Redirect Chain
  • http://vxf.vn/styles/vxf/rss.png
  • https://vxf.vn/styles/vxf/rss.png
985 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vxf.vn/styles/vxf/rss.png
Requested by
Host: raovat9s.com
URL: http://raovat9s.com/members/k8betco.43049/
Protocol
H2
Server
35.247.154.239 , Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
cp-apac16.hvn.vn
Software
nginx /
Resource Hash
d36fe6fb4fcb14093e8f0a9e0eeda1c7ceffea53e58c9ba3c20cbf4f057bffdb

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://raovat9s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 11:41:29 GMT
last-modified
Mon, 20 May 2013 03:51:32 GMT
server
nginx
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":444"; ma=2592000, h3-29=":444"; ma=2592000, h3-Q050=":444"; ma=2592000, h3-Q046=":444"; ma=2592000, h3-Q043=":444"; ma=2592000, quic=":444"; ma=2592000; v="43,46"
content-length
985
expires
Sun, 23 Apr 2023 11:41:29 GMT

Redirect headers

Date
Sun, 16 Apr 2023 11:41:29 GMT
Server
nginx
vary
User-Agent
Content-Type
text/html
location
https://vxf.vn/styles/vxf/rss.png
x-turbo-charged-by
LiteSpeed
Connection
keep-alive
Content-Length
707
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: raovat9s.com
URL: http://raovat9s.com/members/k8betco.43049/
Protocol
H2
Server
2404:6800:4003:c00::65 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://raovat9s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 16 Apr 2023 11:04:13 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
2236
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Sun, 16 Apr 2023 13:04:13 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
xenforo-ui-sprite.png
raovat9s.com/styles/default/xenforo/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://raovat9s.com/styles/default/xenforo/xenforo-ui-sprite.png
Requested by
Host: raovat9s.com
URL: http://raovat9s.com/css.php?css=xenforo,form,public&style=3&dir=LTR&d=1671071920
Protocol
HTTP/1.1
Server
82.180.152.27 , Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
148805ef840df5f06de10c18349522ea3f2ce394218c5515f54e9265828691e5

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://raovat9s.com/css.php?css=xenforo,form,public&style=3&dir=LTR&d=1671071920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 11:41:29 GMT
last-modified
Thu, 14 Jan 2021 04:30:09 GMT
server
LiteSpeed
etag
"f36-5fffc8d1-66417f19885f8e58;;;"
content-type
image/png
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
platform
hostinger
Keep-Alive
timeout=5, max=100
content-length
3894
expires
Sun, 23 Apr 2023 11:41:29 GMT
form-button-white-25px.png
raovat9s.com/styles/default/xenforo/gradients/ 		192 B
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://raovat9s.com/styles/default/xenforo/gradients/form-button-white-25px.png
Requested by
Host: raovat9s.com
URL: http://raovat9s.com/css.php?css=xenforo,form,public&style=3&dir=LTR&d=1671071920
Protocol
HTTP/1.1
Server
82.180.152.27 , Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6a7df56f580bf0b383dfcacf6f1962e04f5acbb343b270fa4749a16864cac5ac

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://raovat9s.com/css.php?css=xenforo,form,public&style=3&dir=LTR&d=1671071920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 11:41:29 GMT
last-modified
Thu, 14 Jan 2021 04:30:08 GMT
server
LiteSpeed
etag
"c0-5fffc8d0-7f0a62cc30387d79;;;"
content-type
image/png
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
platform
hostinger
Keep-Alive
timeout=5, max=100
content-length
192
expires
Sun, 23 Apr 2023 11:41:29 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ 		347 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073761
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01a1ac04295dd24c06346da1285d0d3ec243bf15af910cb8895a06d33568f2f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://raovat9s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 11:41:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
118926
x-xss-protection
0
server
cafe
etag
9610218462670747248
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 16 Apr 2023 11:41:29 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230412/r20190131/ Frame 918C 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230412/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://raovat9s.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
27696
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Apr 2023 03:59:53 GMT
etag
2378337311435320485
expires
Sun, 30 Apr 2023 03:59:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
chototvn.net/ 		0
0
all.js
connect.facebook.net/vi_VN/
Redirect Chain
  • http://connect.facebook.net/vi_VN/all.js
  • https://connect.facebook.net/vi_VN/all.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/vi_VN/all.js
Requested by
Host: raovat9s.com
URL: http://raovat9s.com/members/k8betco.43049/
Protocol
H2
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7cc497afc712e147f8d99a94d7a3106b05361acfd6d42a6d1e055769c87f0006
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://raovat9s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 16 Apr 2023 11:41:29 GMT
content-md5
AWqGBG982sLxuvv0DZlC/g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
gznAE67dY/yUmqRoS8YUuqMTRSyn6mqTGu0nMZxQMoVqs2OJ0uMehBMYJtOjvJRlcnUJHHhrFzElXxmzglAdpg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
548340344
x-fb-content-md5
9f110add877e7a8a520ee191b348f3e6
cross-origin-opener-policy
same-origin-allow-popups
etag
"f86642bfaa6aed3bdfcbf9a9b1fa55e2"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-frame-options
DENY
timing-allow-origin
*
expires
Sun, 16 Apr 2023 11:56:04 GMT

Redirect headers

Location
https://connect.facebook.net/vi_VN/all.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
plusone.js
apis.google.com/js/ 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: raovat9s.com
URL: http://raovat9s.com/js/xenforo/xenforo.js?_v=89ce0400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::71 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3a8288d99f66b93bccbe2b4ef0f0164344ed771e7ac1bc5f302ea7c08904c00
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://raovat9s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 16 Apr 2023 11:41:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"0df31a35b589c8cf"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 16 Apr 2023 11:41:29 GMT
cookie.js
partner.googleadservices.com/gampad/ 		391 B
605 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=raovat9s.com&callback=_gfp_s_&client=ca-pub-5381962777152322
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073761
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6cc3890b49912928016fc11c5e1ea8fd05db32d40efa85eec3bcabae7288ce2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://raovat9s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 11:41:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
253
x-xss-protection
0
integrator.js
adservice.google.com.sg/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.sg/adsid/integrator.js?domain=raovat9s.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073761
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c06::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://raovat9s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 11:41:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=raovat9s.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073761
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://raovat9s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 11:41:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2B6A 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5381962777152322&output=html&adk=1934523412&adf=3164131733&lmt=1681645288&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fraovat9s.com%2Fmembers%2Fk8betco.43049%2F&ea=0&pra=5&wgl=1&dt=1681645289083&bpp=5&bdt=146&idt=197&shv=r20230412&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7632734845068&frm=20&pv=2&ga_vid=1781877359.1681645289&ga_sid=1681645289&ga_hid=1537476261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31073585%2C31073761&oid=2&pvsid=561213386206360&tmod=1928380699&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=224
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073761
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
efc1aafc351525cbbef6ee248458b01ede570e035974c09636be2d581f6a35a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://raovat9s.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
4715
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Apr 2023 11:41:29 GMT
expires
Sun, 16 Apr 2023 11:41:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1178 		430 B
376 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5381962777152322&output=html&h=300&slotname=5159908244&adk=3829738240&adf=3082817838&pi=t.ma~as.5159908244&w=728&lmt=1681645288&format=728x300&url=http%3A%2F%2Fraovat9s.com%2Fmembers%2Fk8betco.43049%2F&wgl=1&dt=1681645289088&bpp=2&bdt=150&idt=224&shv=r20230412&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7632734845068&frm=20&pv=1&ga_vid=1781877359.1681645289&ga_sid=1681645289&ga_hid=1537476261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=306&ady=214&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31073585%2C31073761&oid=2&pvsid=561213386206360&tmod=1928380699&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=lz9A0wRmpo&p=http%3A//raovat9s.com&dtd=228
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073761
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c05b10c506d2ed0e38a3794b00ad1feecc7b44617b648e5d4cce8d12b73647d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://raovat9s.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
206
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Apr 2023 11:41:29 GMT
expires
Sun, 16 Apr 2023 11:41:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2DCA 		430 B
375 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5381962777152322&output=html&h=600&slotname=1814380497&adk=3924842593&adf=2771868160&pi=t.ma~as.1814380497&w=250&lmt=1681645288&format=250x600&url=http%3A%2F%2Fraovat9s.com%2Fmembers%2Fk8betco.43049%2F&wgl=1&dt=1681645289116&bpp=5&bdt=178&idt=208&shv=r20230412&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x300&nras=1&correlator=7632734845068&frm=20&pv=1&ga_vid=1781877359.1681645289&ga_sid=1681645289&ga_hid=1537476261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1324&ady=2236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31073585%2C31073761&oid=2&pvsid=561213386206360&tmod=1928380699&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=EVfVqKfNMM&p=http%3A//raovat9s.com&dtd=211
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073761
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37c8ca2c2d2892bf071e88c9c81000a5dc3f204672072f1054fee9c787a5b38e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://raovat9s.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
208
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Apr 2023 11:41:29 GMT
expires
Sun, 16 Apr 2023 11:41:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
__utm.gif
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=566258867&utmhn=raovat9s.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=k8betco%2...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=566258867&utmhn=raovat9s.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=k8betco%...
35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=566258867&utmhn=raovat9s.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=k8betco%20%7C%20Di%E1%BB%85n%20%C4%91%C3%A0n%20rao%20v%E1%BA%B7t%2C%20rao%20v%E1%BA%B7t%20online%2C%20%C4%91%C4%83ng%20tin%20rao%20v%E1%BA%B7t%20mi%E1%BB%85n%20ph%C3%AD%2C%20mua%20b%C3%A1n%20rao%20v%E1%BA%B7t%2C%20rao%20v%E1%BA%B7t%20h%C3%A0%20n%E1%BB%99i%2Crao%20v%E1%BA%B7t%20tphcm%2C%20rao%20v%E1%BA%B7t%20c%E1%BA%A7n%20th%C6%A1%2C%20rao%20v%E1%BA%B7t%20ph%C3%BA%20qu%E1%BB%91c%2C%20rao%20v%E1%BA%B7t%20v%C5%A9ng%20t%C3%A0u%2C%20rao%20v%E1%BA%B7t%20qu%E1%BA%A3ng%20ninh%2Crao%20v%E1%BA%B7t%20nam%20%C4%91%E1%BB%8Bnh%2C%20rao%20v%E1%BA%B7t%20l%C3%A2m%20%C4%91%E1%BB%93ng%2C%20rao%20v%E1%BA%B7t%20nhanh%20DI%E1%BB%84N%20%C4%90%C3%80N%20RAO%20V%E1%BA%B6T%20TO%C3%80N%20QU%E1%BB%90C&utmhid=1537476261&utmr=-&utmp=%2Fmembers%2Fk8betco.43049%2F&utmht=1681645289337&utmac=UA-124744901-1&utmcc=__utma%3D134834546.1781877359.1681645289.1681645289.1681645289.1%3B%2B__utmz%3D134834546.1681645289.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1619629846&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~
Requested by
Host: raovat9s.com
URL: http://raovat9s.com/members/k8betco.43049/
Protocol
H2
Server
2404:6800:4003:c00::65 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://raovat9s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Apr 2023 11:41:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=566258867&utmhn=raovat9s.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=k8betco%20%7C%20Di%E1%BB%85n%20%C4%91%C3%A0n%20rao%20v%E1%BA%B7t%2C%20rao%20v%E1%BA%B7t%20online%2C%20%C4%91%C4%83ng%20tin%20rao%20v%E1%BA%B7t%20mi%E1%BB%85n%20ph%C3%AD%2C%20mua%20b%C3%A1n%20rao%20v%E1%BA%B7t%2C%20rao%20v%E1%BA%B7t%20h%C3%A0%20n%E1%BB%99i%2Crao%20v%E1%BA%B7t%20tphcm%2C%20rao%20v%E1%BA%B7t%20c%E1%BA%A7n%20th%C6%A1%2C%20rao%20v%E1%BA%B7t%20ph%C3%BA%20qu%E1%BB%91c%2C%20rao%20v%E1%BA%B7t%20v%C5%A9ng%20t%C3%A0u%2C%20rao%20v%E1%BA%B7t%20qu%E1%BA%A3ng%20ninh%2Crao%20v%E1%BA%B7t%20nam%20%C4%91%E1%BB%8Bnh%2C%20rao%20v%E1%BA%B7t%20l%C3%A2m%20%C4%91%E1%BB%93ng%2C%20rao%20v%E1%BA%B7t%20nhanh%20DI%E1%BB%84N%20%C4%90%C3%80N%20RAO%20V%E1%BA%B6T%20TO%C3%80N%20QU%E1%BB%90C&utmhid=1537476261&utmr=-&utmp=%2Fmembers%2Fk8betco.43049%2F&utmht=1681645289337&utmac=UA-124744901-1&utmcc=__utma%3D134834546.1781877359.1681645289.1681645289.1681645289.1%3B%2B__utmz%3D134834546.1681645289.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1619629846&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
ads
googleads.g.doubleclick.net/pagead/ Frame 3396 		430 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5381962777152322&output=html&h=90&slotname=9630865630&adk=3415836509&adf=940267551&pi=t.ma~as.9630865630&w=728&lmt=1681645288&format=728x90&url=http%3A%2F%2Fraovat9s.com%2Fmembers%2Fk8betco.43049%2F&wgl=1&dt=1681645289121&bpp=2&bdt=183&idt=220&shv=r20230412&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x300%2C250x600&nras=1&correlator=7632734845068&frm=20&pv=1&ga_vid=1781877359.1681645289&ga_sid=1681645289&ga_hid=1537476261&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=224&ady=23&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31073585%2C31073761&oid=2&pvsid=561213386206360&tmod=1928380699&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=sISbz1unK6&p=http%3A//raovat9s.com&dtd=223
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073761
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86857a08d45331bf490d7d065a585df4d9eb9afac0fd8d302ccf9daf73ecd977
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://raovat9s.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Apr 2023 11:41:29 GMT
expires
Sun, 16 Apr 2023 11:41:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
all.js
connect.facebook.net/vi_VN/ 		303 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/vi_VN/all.js?hash=0338dee8cd8a91611f1cfced98120931
Requested by
Host: connect.facebook.net
URL: http://connect.facebook.net/vi_VN/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3bc64ac6ffc20ed10e9efcdd7f7ddbbeec7c46f168be86f94a4bddfa07a1af35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://raovat9s.com/
Origin
http://raovat9s.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 16 Apr 2023 11:41:29 GMT
content-md5
eWhINCi8ozswm0DtNBs6hQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87061
x-fb-rlafr
0
x-fb-debug
XrXqLrH5AsiQEHWRnWk6oDcay8/B0qcGaKqjie07I3QGQPmydzFAO1NoRkM6eR/26kZ8uqn0gL9sValXkYcZTQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
548340344
x-fb-content-md5
dae0f0805053fc099ac8829594991f76
cross-origin-opener-policy
same-origin-allow-popups
etag
"86273a019a0d1835a98bfc067439f793"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options
DENY
timing-allow-origin
*
expires
Mon, 15 Apr 2024 10:50:40 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 3CBD 		430 B
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5381962777152322&output=html&h=600&slotname=8498456564&adk=3420414647&adf=389011487&pi=t.ma~as.8498456564&w=120&lmt=1681645288&format=120x600&url=http%3A%2F%2Fraovat9s.com%2Fmembers%2Fk8betco.43049%2F&wgl=1&dt=1681645289123&bpp=1&bdt=185&idt=224&shv=r20230412&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x300%2C250x600%2C728x90&nras=1&correlator=7632734845068&frm=20&pv=1&ga_vid=1781877359.1681645289&ga_sid=1681645289&ga_hid=1537476261&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1355&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31073585%2C31073761&oid=2&pvsid=561213386206360&tmod=1928380699&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=VhYYIjnGAw&p=http%3A//raovat9s.com&dtd=228
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073761
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d6fb59a11a8b1571253df6c41c68c35ab058b8b7112318e70fe6a8f2d3182571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://raovat9s.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
208
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Apr 2023 11:41:29 GMT
expires
Sun, 16 Apr 2023 11:41:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6C6D 		430 B
373 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5381962777152322&output=html&h=300&slotname=6091099542&adk=3698524064&adf=2462030970&pi=t.ma~as.6091099542&w=120&lmt=1681645288&format=120x300&url=http%3A%2F%2Fraovat9s.com%2Fmembers%2Fk8betco.43049%2F&wgl=1&dt=1681645289125&bpp=1&bdt=187&idt=228&shv=r20230412&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x300%2C250x600%2C728x90%2C120x600&nras=1&correlator=7632734845068&frm=20&pv=1&ga_vid=1781877359.1681645289&ga_sid=1681645289&ga_hid=1537476261&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=120&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31073585%2C31073761&oid=2&pvsid=561213386206360&tmod=1928380699&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&fsb=1&xpc=kPBr0N4Ccm&p=http%3A//raovat9s.com&dtd=231
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073761
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db518a1ade7fcab57ed141685aa2cbab50eb6f59a21fc8623048a73445cc1280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://raovat9s.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
206
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Apr 2023 11:41:29 GMT
expires
Sun, 16 Apr 2023 11:41:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.zh_CN.aLDC6GMfm8E.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-V7HuaocYnUDmtrz5XseB_5CKBGA/ 		150 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.zh_CN.aLDC6GMfm8E.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-V7HuaocYnUDmtrz5XseB_5CKBGA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::71 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbaf089cc06ec17419fd302c605f0433b611e34b2f727f44a928e1c73f2adbce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://raovat9s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 09:13:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95309
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53023
x-xss-protection
0
last-modified
Thu, 09 Mar 2023 16:31:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 14 Apr 2024 09:13:00 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.zh_CN.aLDC6GMfm8E.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-V7HuaocYnUDmtrz5XseB_5CKBGA/ 		104 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.zh_CN.aLDC6GMfm8E.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-V7HuaocYnUDmtrz5XseB_5CKBGA/cb=gapi.loaded_1?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::71 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fad16a3159db34dfea80dce73635ff6e4048a412592fa0c75e96b601e7b7f14d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://raovat9s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 09:13:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95298
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36732
x-xss-protection
0
last-modified
Thu, 09 Mar 2023 16:31:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 14 Apr 2024 09:13:11 GMT
/
developers.google.com/ Frame 7EC6
Redirect Chain
  • https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=true&hl=vi-VN&origin=http%3A%2F%2Fraovat9s.com&url=http%3A%2F%2Fraovat9s.com%2Fmembers%2Fk8betco.43049%2F&gsrc=3p&ic=1&j...
  • http://developers.google.com/
  • https://developers.google.com/
  • https://developers.google.com/?hl=zh-tw
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://developers.google.com/?hl=zh-tw
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::71 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-KeA6+Euyi23aAdVeiJjHHlqBN2BEU7' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://raovat9s.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
30220
content-security-policy
base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-KeA6+Euyi23aAdVeiJjHHlqBN2BEU7' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
content-type
text/html; charset=utf-8
date
Sun, 16 Apr 2023 11:41:32 GMT
expires
0
last-modified
Sat, 15 Apr 2023 16:25:11 GMT
pragma
no-cache
server
Google Frontend
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-cloud-trace-context
dc21fd0ee992c0d6ed40031751bfcfa2
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
166
content-security-policy
base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-vYu8r6DVuGgtgRD/KDpqY8kbqHUwLC' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
content-type
text/html; charset=utf-8
date
Sun, 16 Apr 2023 11:41:30 GMT
expires
0
location
/?hl=zh-tw
pragma
no-cache
server
Google Frontend
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-cloud-trace-context
d6590cd72e42b11dabb638ea18a0ad79
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 088F 		430 B
375 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5381962777152322&output=html&h=250&slotname=3312787761&adk=3595721635&adf=284542370&pi=t.ma~as.3312787761&w=970&lmt=1681645288&format=970x250&url=http%3A%2F%2Fraovat9s.com%2Fmembers%2Fk8betco.43049%2F&wgl=1&dt=1681645289140&bpp=1&bdt=202&idt=238&shv=r20230412&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x300%2C250x600%2C728x90%2C120x600%2C120x300&nras=1&correlator=7632734845068&frm=20&pv=1&ga_vid=1781877359.1681645289&ga_sid=1681645289&ga_hid=1537476261&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=0&ady=2976&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31073585%2C31073761&oid=2&pvsid=561213386206360&tmod=1928380699&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=rPYqi5Rr2J&p=http%3A//raovat9s.com&dtd=242
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073761
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eaaa73decaf9093d4f94a5e033c9296e8577f28698fba126d27ecf605f2968dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://raovat9s.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
208
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Apr 2023 11:41:29 GMT
expires
Sun, 16 Apr 2023 11:41:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
postmessageRelay
accounts.google.com/o/oauth2/ Frame CD5D 		565 B
808 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fraovat9s.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.zh_CN.aLDC6GMfm8E.O%2Fd%3D1%2Frs%3DAHpOoo-V7HuaocYnUDmtrz5XseB_5CKBGA%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.zh_CN.aLDC6GMfm8E.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-V7HuaocYnUDmtrz5XseB_5CKBGA/cb=gapi.loaded_1?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::54 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
74614d5bd319a33eb238551facf7e17039d3710901375a61a509201cca724684
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-xOD_45h_xEx93rHvUc6XlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://raovat9s.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-xOD_45h_xEx93rHvUc6XlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-type
text/html; charset=utf-8
date
Sun, 16 Apr 2023 11:41:29 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
cspreport
accounts.google.com/o/ Frame CD5D 		0
250 B 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/cspreport
Requested by
Host: raovat9s.com
URL: http://raovat9s.com/members/k8betco.43049/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::54 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-WLBeSr_eSZ62-lTPnN7QHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fraovat9s.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.zh_CN.aLDC6GMfm8E.O%2Fd%3D1%2Frs%3DAHpOoo-V7HuaocYnUDmtrz5XseB_5CKBGA%2Fm%3D__features__
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Sun, 16 Apr 2023 11:41:29 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-WLBeSr_eSZ62-lTPnN7QHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
611095756-postmessagerelay.js
ssl.gstatic.com/accounts/o/ Frame CD5D 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/accounts/o/611095756-postmessagerelay.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fraovat9s.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.zh_CN.aLDC6GMfm8E.O%2Fd%3D1%2Frs%3DAHpOoo-V7HuaocYnUDmtrz5XseB_5CKBGA%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f173bffef77f251b9bea649b2ac1ce118c9b1daf0fc812bf22cba42a3a7bc293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 07:42:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
273513
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4526
x-xss-protection
0
last-modified
Wed, 05 Apr 2023 20:11:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="federated-signon-mpm-access"
vary
Accept-Encoding
report-to
{"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 Apr 2024 07:42:56 GMT
rpc:shindig_random.js
apis.google.com/js/ Frame CD5D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/rpc:shindig_random.js?onload=init
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fraovat9s.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.zh_CN.aLDC6GMfm8E.O%2Fd%3D1%2Frs%3DAHpOoo-V7HuaocYnUDmtrz5XseB_5CKBGA%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::71 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c17aad235a1e7bf545aca1a20597546c5f1630159321dedf9b9bda0afe922e83
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 16 Apr 2023 11:41:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6904
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"9d3dddb8dfaf87b0"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 16 Apr 2023 11:41:29 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.zh_CN.aLDC6GMfm8E.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-V7HuaocYnUDmtrz5XseB_5CKBGA/ Frame CD5D 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.zh_CN.aLDC6GMfm8E.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-V7HuaocYnUDmtrz5XseB_5CKBGA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::71 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88bbc4ebfcf9a284985af6d84ff1e7cf313314a72ba1e327a8c7ece5d476a621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 12:25:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
256583
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20939
x-xss-protection
0
last-modified
Thu, 09 Mar 2023 16:31:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 Apr 2024 12:25:06 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230412&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073761
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de748979f02f86770f4076a0ec3697dd39377dd6ba9d288ea9dd64b2490c4793
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://raovat9s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 11:41:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11260
x-xss-protection
0
like.php
www.facebook.com/plugins/ Frame 8417 		43 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?action=recommend&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df38eb4cb6ec0bb8%26domain%3Draovat9s.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fraovat9s.com%252Ff2c3f4e27d8d9f%26relation%3Dparent.parent&color_scheme=light&container_width=0&font=trebuchet%20ms&href=http%3A%2F%2Fraovat9s.com%2Fmembers%2Fk8betco.43049%2F&layout=button_count&locale=vi_VN&sdk=joey
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/all.js?hash=0338dee8cd8a91611f1cfced98120931
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10c:381:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dfd0d06c58340716ff718ddc80d488a85eed85eea79ced854f6be18516a57b2d
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://raovat9s.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Sun, 16 Apr 2023 11:41:32 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
f5lNKJmFqyLO8g1vgmbBg2/nf+RYZsu2MHgov7OSBcWp6GykttOG53FBPCesCdytuj7uELxk5ndMN4FtRrc3GA==
x-fb-rlafr
0
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073761
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://raovat9s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 11:41:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 16 Apr 2023 11:41:32 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 65F2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://raovat9s.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
259840
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 13 Apr 2023 11:30:52 GMT
expires
Fri, 12 Apr 2024 11:30:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BD7F 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::68 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d2d73e34ec5ecec55c4bb92afe27b61e408d427be2c04f378fe66f7cac6264f7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-a9QnTAIKjiwK_7zP_TxT7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://raovat9s.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-a9QnTAIKjiwK_7zP_TxT7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 16 Apr 2023 11:41:32 GMT
expires
Sun, 16 Apr 2023 11:41:32 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
qQ9mw0ckdUnCcE_fRg-2epoMaLUurlOMv3TU4-E81-A.js
pagead2.googlesyndication.com/bg/ Frame 65F2 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/qQ9mw0ckdUnCcE_fRg-2epoMaLUurlOMv3TU4-E81-A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a90f66c347247549c2704fdf460fb67a9a0c68b52eae538cbf74d4e3e13cd7e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 19:05:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
146172
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14294
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 10:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 13 Apr 2024 19:05:20 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame BD7F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230412&jk=561213386206360&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 65F2 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?VPl5fw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 11:41:32 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
GzgedhmzSQa.png
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame 8417 		272 B
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/GzgedhmzSQa.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=recommend&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df38eb4cb6ec0bb8%26domain%3Draovat9s.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fraovat9s.com%252Ff2c3f4e27d8d9f%26relation%3Dparent.parent&color_scheme=light&container_width=0&font=trebuchet%20ms&href=http%3A%2F%2Fraovat9s.com%2Fmembers%2Fk8betco.43049%2F&layout=button_count&locale=vi_VN&sdk=joey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0187fed1f15750c2fa9e427912bb64d209aad8b47ee4fa9576f6666b68188d36
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 11:41:32 GMT
x-content-type-options
nosniff
content-md5
lIjeC3eJAboxVqIOEs/Auw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
272
x-fb-rlafr
0
x-fb-debug
z4fzzE7rjdHdvZCgPCiP1xFd/Dqv6N8NgdoReu0+JsBMeacmdeLAMq8AsP2m5dFIoE7+VaAIzoQxYFKDUAOgsQ==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 12 Apr 2024 01:19:34 GMT
XockdfMHEG4.js
static.xx.fbcdn.net/rsrc.php/v3iSa94/yC/l/vi_VN/ Frame 8417 		514 KB
133 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iSa94/yC/l/vi_VN/XockdfMHEG4.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=recommend&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df38eb4cb6ec0bb8%26domain%3Draovat9s.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fraovat9s.com%252Ff2c3f4e27d8d9f%26relation%3Dparent.parent&color_scheme=light&container_width=0&font=trebuchet%20ms&href=http%3A%2F%2Fraovat9s.com%2Fmembers%2Fk8betco.43049%2F&layout=button_count&locale=vi_VN&sdk=joey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0d26804f8da45d4cb63cc3f4b3622f390d337527892248e6931d4cae74144d62
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 11:41:32 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
HAn46zMbtyKTMBVpv8L3vA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
136101
x-fb-rlafr
0
x-fb-debug
6ZS5b72gX3RzLTB/+OgiXIdzfAjFuLpy7dxyOCychl1DiFFymBc0vFDemgOpStxKK4Aq93fOH40HniY4ylD5DQ==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 13 Apr 2024 05:45:43 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230412&jk=561213386206360&bg=!WlmlWQ3NAAZA7GLoYOw7ADkAdvg8WqAGE6S8YvVc0hEl8bgjgh0u1aHE8K-TXjXN1H_A5AiAkP60B398tFRYUM_KwPK3wl0NAIcCAAAAVVIAAAACaAEHCgCUlc2WQYuaSG77mYFF06yn-rkTEClh_GKh2C5Wo0oR4vyMLjB88F8vm9eRAIWcrR5getfaAm6T-JOELybaueTZI3uLJWsOfzWsSSfQYhTASIgSnKWQE0sz-0ChcVBqfJoTBMofYxnpEXLbk1G1cx5r1gcfu-kYISr9jrbFr6JEqIDvv-tyrOWdZmsNGqLvLKPJgl7DWJkC6jfw4lhcRq6AEhwiJn4k2RGqSiMN_RxbaFy1-2kzwS9xaJf55oOWH2SH7Rw0y2yH9NWGqu_ltgAy_f-a-01NaJOXaVZKjYCuS_1ZrE5AOHALubtRvU9M0MdLzvWXMxKU52wuKiD0uGCo4FUvbCXLIKAITrtqVVPtv9dnjkCN10F5LLQVVkWo-1Snq-eHzp7kW-BhwNO9SXL3uvmR5cwVpE-dpSwIQTBaTl45Zn5u2QRGife5tCiT89dHuJPlcBSL7nxE6E9_KTggwVCHRCrVds2xhTlhFcMtrHtfn-8ocoACu5dO4lFQL_u32bXIyr9MTMDfNtvGLX2Q-72FX5L0WC5K-wfrAS_K0HnfNCpllghGCpoWZ2rcidsBI3j-SHhid-5FY9TFMe9pArztHQ7Hfdiw8jJOALbQygEsfs5IP68h5JvoUBVbp24usjhfQnSCnyFETpumow_D8cXVcmzbCeimV5JlXJ6Ahg_z7FjH5q6yGnen5wpXepNDX_soQBafO2c9-S9er7uvyvw8QR3kKNYKBXieQ1satIMn1nxnsSJW8fwYzZLxr4WqT8Cxul6p7CaZHmisgXf33X6VQ-RPETmDrlOpM-DgcUMAofyjBUS9Zt8juGWNhZz4KIdcaUaWzEaNsd9j0eh8Ws_V_w1rpVlUs45XryHCeJ3FwbYktTH-h7qcr9garkMDdpXQcHQkvW1cTZdFI95iL_Yf_U3IqtNyltZArqe-oRl6pFKToPxW0zg34mUpo8Z-uvPikljLqHxvsZUOo3erEFD21tgUJ3rRRwkmL8_aVFfss9GWAKapUKFCI6_NisxbvzXarEOatfBUTbCnrCXNrY-6W26iGYDSbgBXx6H0HqC9Jsl3HG02m_n_1uGqXblv14ICACkyt47Cza58TTt7GPjpxVQFiVHza24BHElllr2v_E_v2_-kuZlWPnc8YBrdLkq3_6W0Nkkcb4N2YPzCoot3JU39sL-EN59JOFtwVQi5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://raovat9s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
chototvn.net
URL
http://chototvn.net/

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 boolean| credentialless object| _b string| _bH object| _gaq function| $ function| jQuery object| XenForo object| jQuery110205396604168416388 object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter function| FloatTopDiv function| ShowAdDiv number| MainContentW number| LeftBannerW number| RightBannerW number| LeftAdjust number| RightAdjust number| TopAdjust number| startLX number| startLY number| startRX number| startRY function| stayTopLeft object| ftlObj object| ftlObj2 function| fbAsyncInit object| api object| ___gcfg function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| _gat object| FB object| gapi object| ___jsl object| ___gu object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| __buffer object| GoogleGcLKhOms

9 Cookies

Domain/Path Name / Value
raovat9s.com/ Name: xf_session
Value: 9178d9261bd02d5ef57d7b17cde12602
.raovat9s.com/ Name: __utmc
Value: 134834546
.raovat9s.com/ Name: __utmz
Value: 134834546.1681645289.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.raovat9s.com/ Name: __utmt
Value: 1
.raovat9s.com/ Name: __utma
Value: 134834546.1781877359.1681645289.1681645289.1681645289.1
.raovat9s.com/ Name: __utmb
Value: 134834546.1.10.1681645289
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.raovat9s.com/ Name: __gads
Value: ID=945bd63aa16f4f50-2295055aadde001d:T=1681645289:RT=1681645289:S=ALNI_MaWjIHHpt-AjwvSvRIh83SAGzUfZQ
.raovat9s.com/ Name: __gpi
Value: UID=00000bf614ba2963:T=1681645289:RT=1681645289:S=ALNI_MYD3Pge_nPhsZTlT7VPao-yPGqi2A

3 Console Messages

Source Level URL
Text
network error URL: http://chototvn.net/
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://developers.google.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adservice.google.com
adservice.google.com.sg
apis.google.com
chodichvu.vn
chototvn.net
connect.facebook.net
developers.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
raovat9s.com
ssl.gstatic.com
static.xx.fbcdn.net
tpc.googlesyndication.com
vxf.vn
www.facebook.com
www.google-analytics.com
www.google.com
chototvn.net
2404:6800:4003:c00::65
2404:6800:4003:c02::9b
2404:6800:4003:c02::9c
2404:6800:4003:c03::54
2404:6800:4003:c03::84
2404:6800:4003:c03::9a
2404:6800:4003:c04::5e
2404:6800:4003:c04::64
2404:6800:4003:c04::65
2404:6800:4003:c04::71
2404:6800:4003:c05::9b
2404:6800:4003:c06::9b
2404:6800:4003:c0f::68
2a03:2880:f00c:300:face:b00c:0:3
2a03:2880:f10c:381:face:b00c:0:25de
35.247.154.239
82.180.152.27
0187fed1f15750c2fa9e427912bb64d209aad8b47ee4fa9576f6666b68188d36
01a1ac04295dd24c06346da1285d0d3ec243bf15af910cb8895a06d33568f2f4
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0d26804f8da45d4cb63cc3f4b3622f390d337527892248e6931d4cae74144d62
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
148805ef840df5f06de10c18349522ea3f2ce394218c5515f54e9265828691e5
2423762036ba3e959f08d1db2417ce868c1d64e9b8057bc95296fd9b2b7faec8
25f88689138773380e7ca6b18402cd95f751c61c99e5ef08c496431c4c905761
2f8c1ffa904116d664d76e3606bf04a25b3c15c8a9437c64332f2de4f53a716a
37c8ca2c2d2892bf071e88c9c81000a5dc3f204672072f1054fee9c787a5b38e
3bc64ac6ffc20ed10e9efcdd7f7ddbbeec7c46f168be86f94a4bddfa07a1af35
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d17cb62f97cffefb2d9a1c902af1c8cc9cb7ce5f7352427e6db10ef2af7c0e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a7df56f580bf0b383dfcacf6f1962e04f5acbb343b270fa4749a16864cac5ac
6c05b10c506d2ed0e38a3794b00ad1feecc7b44617b648e5d4cce8d12b73647d
74614d5bd319a33eb238551facf7e17039d3710901375a61a509201cca724684
7b5f61daeff8566e172c4d6e7039e5cfaf9cc2b1a38f8aaa4b7a22e1cff352fe
7cc497afc712e147f8d99a94d7a3106b05361acfd6d42a6d1e055769c87f0006
801618d0c351afd3be78850468a3d2c5debbfeb9a7f485aaa997dd3dfe267932
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86857a08d45331bf490d7d065a585df4d9eb9afac0fd8d302ccf9daf73ecd977
874aac447b4ff283980b3f189bb824ebaa59c5e4bc4a65495ed332c6cd2a26e5
88bbc4ebfcf9a284985af6d84ff1e7cf313314a72ba1e327a8c7ece5d476a621
8c9eae661eb2bde9b31a2d365e32092d6ac52c224092fd9d34f05d314a6ab567
8e3e7c93cd94071401ef5a10a76da0d1ffc67fb834d738d3ef8020898714f2c4
98c7d7f8e6e3c4f3cc6586ba73114ccfee4a672cc298509b469bae526df74aeb
a3d8ff57c62fdd31ab668687d31c8fc035028008616140c4b006ae3c7004f55f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6cc3890b49912928016fc11c5e1ea8fd05db32d40efa85eec3bcabae7288ce2
a90f66c347247549c2704fdf460fb67a9a0c68b52eae538cbf74d4e3e13cd7e0
ae29b68ec33ea1db88a4c3a1f23e659ef7819816c416f0028791b9555492356e
b2689ae4331f00e246726fe8cb38c40fde8647d1d0afb73a2df11233ff488e88
b3a8288d99f66b93bccbe2b4ef0f0164344ed771e7ac1bc5f302ea7c08904c00
c17aad235a1e7bf545aca1a20597546c5f1630159321dedf9b9bda0afe922e83
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
d2d73e34ec5ecec55c4bb92afe27b61e408d427be2c04f378fe66f7cac6264f7
d36fe6fb4fcb14093e8f0a9e0eeda1c7ceffea53e58c9ba3c20cbf4f057bffdb
d6fb59a11a8b1571253df6c41c68c35ab058b8b7112318e70fe6a8f2d3182571
d79577508510051edcbd95ab4ec9e9a633e1a847ad4271ef220a8f4919255b3c
db518a1ade7fcab57ed141685aa2cbab50eb6f59a21fc8623048a73445cc1280
db9e3600061a5340d8aecbfad949b4c82cb427c1b5c4844a94ccf3f6a072c948
dbaf089cc06ec17419fd302c605f0433b611e34b2f727f44a928e1c73f2adbce
de5e22ada037ab3fe00d97fbec20abbcee30c81c29aacdf4b6e099fea0837850
de748979f02f86770f4076a0ec3697dd39377dd6ba9d288ea9dd64b2490c4793
dfd0d06c58340716ff718ddc80d488a85eed85eea79ced854f6be18516a57b2d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8adee5f35febbaab57760e6f01748876c5372f228dbcc4934209a27a92296a3
e95bc8bb95b8a4fbb83172407815a497e27a202f72c6831684a4fab11dcac922
eaaa73decaf9093d4f94a5e033c9296e8577f28698fba126d27ecf605f2968dc
efc1aafc351525cbbef6ee248458b01ede570e035974c09636be2d581f6a35a4
f173bffef77f251b9bea649b2ac1ce118c9b1daf0fc812bf22cba42a3a7bc293
f6ebe38907d5529d2b663ff996870ad7e260b2db0870866c54ce7fb976138bac
fad16a3159db34dfea80dce73635ff6e4048a412592fa0c75e96b601e7b7f14d