ngayqua.com Open in urlscan Pro
172.67.166.111  Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response ngayqua.com/	65 KB 13 KB	1095ms 1056ms	Document text/html	172.67.166.111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ngayqua.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.166.111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 49451b0ebecbf01d79d25a9aef36bdfa304e553b715d42ef0738f27a98238d81 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers access-control-allow-origin * cache-control no-cache, private cf-cache-status DYNAMIC cf-ray 8c7771f82fd010c1-CPH content-encoding br content-type text/html; charset=UTF-8 date Mon, 23 Sep 2024 03:28:33 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EkJpmGP0MIZQMjtxlAOcwdC3xFG7oo4ouD7Kl%2BDyL9%2FW6hC09btwUrhYkvrULtFwCvr%2BTtAolQjCVy%2BcH3XxWyhUltaF4Umu9hKeUlqot4xG6WV0dhAeWIuvev83Pg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare speculation-rules "/cdn-cgi/speculation" vary Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
GET H3	200	speculation ngayqua.com/cdn-cgi/	128 B 534 B	29ms 29ms	Other application/speculationrules+json	172.67.166.111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ngayqua.com/cdn-cgi/speculation Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.166.111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://ngayqua.com Referer https://ngayqua.com/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tsLzXmKsrK9aUcpJNIoCUEvDPyX8KG1MDJgAhyMvmyHNSZBLYxTCp8ILY0RVSlbZHkR4izBZVL79SWMYOCyHhiZS5UjT1A569xdp1Zlkr%2FdOEuh0lm%2B1YuEByAvntA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c7771fec9bb10c1-CPH access-control-allow-origin https://ngayqua.com content-length 128 date Mon, 23 Sep 2024 03:28:33 GMT content-type application/speculationrules+json vary Origin, Accept-Encoding server cloudflare
GET H3	200	app.css ngayqua.com/themes/tinhte/public/css/	589 KB 105 KB	95ms 95ms	Stylesheet text/css	172.67.166.111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ngayqua.com/themes/tinhte/public/css/app.css?v=1726025138 Requested by Host: ngayqua.com URL: https://ngayqua.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.166.111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f88d34a78d682e1e8d6a3a69e6e3655188f85e600a67e0451fa1ab87aa2533f2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ngayqua.com/ Response headers cache-control public, max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag W/"66b32b32-9320f" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VJKP5IwwyTpUQb3nh32UqoRAwUZ26EwHQs8VkhU594HalzXi5ARwZoGnxU9IK0HECsvcyrz%2BWBw%2FTgu%2B8KoSw7DKzv58ovWwRbYYWH98cZCPAzJWoqZgdH%2FOD%2Bsxjw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c7771fec9bc10c1-CPH expires Wed, 23 Oct 2024 03:28:33 GMT date Mon, 23 Sep 2024 03:28:33 GMT content-type text/css last-modified Wed, 07 Aug 2024 08:07:14 GMT vary Accept-Encoding server cloudflare
GET H3	404	chuan-1695636568.png ngayqua.com/uploads/images/setting/huyhoang/2023/09/25/	5 KB 5 KB	412ms 411ms	Image text/html	172.67.166.111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ngayqua.com/uploads/images/setting/huyhoang/2023/09/25/chuan-1695636568.png?ver=1726025138 Requested by Host: ngayqua.com URL: https://ngayqua.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.166.111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccf46fa6561bc4f79e632235240d03bb0289212091b32643efe3381eab7332ba Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ngayqua.com/ Response headers cache-control no-cache, private nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status BYPASS speculation-rules "/cdn-cgi/speculation" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v6gKtTFk2O%2FsfFgksS7FtuTmGuF8IcVOgT01CTy2wY0jsatS8v9K7bMyzz7ZFBwuDWWbGP%2BsuC9MC9hFJ4xxH0Dz%2F%2FaZIRYLhputdLPddWfsp1JRK%2BW64kwFvSg7HA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c7771fec9bd10c1-CPH access-control-allow-origin * date Mon, 23 Sep 2024 03:28:33 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding server cloudflare
GET H2	200	esim-technology-concept-with-smartphone--embedded-sim-the-next-gen-of-sim-cards--vector_1407823.png!w700wp img.pikbest.com/png-images/	19 KB 19 KB	312ms 254ms	Image image/webp	104.18.26.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.pikbest.com/png-images/esim-technology-concept-with-smartphone--embedded-sim-the-next-gen-of-sim-cards--vector_1407823.png!w700wp Requested by Host: ngayqua.com URL: https://ngayqua.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.26.9 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7b8a5e1845e45bdb8e666dd5f843f5a35c4d983747c50eb677753cacfeaf20e1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ngayqua.com/ Response headers access-control-max-age 86400 x-request-id 761a274299e95ac6097f98ea79c794fe cf-cache-status HIT etag "f9622383612f6fb40e58da4f87e1a1da" access-control-allow-methods GET, HEAD, POST, PUT, DELETE, OPTIONS expires Fri, 28 Mar 2025 03:28:33 GMT date Mon, 23 Sep 2024 03:28:33 GMT content-type image/webp last-modified Wed, 29 Dec 2021 10:06:08 GMT vary Accept-Encoding cache-control public, max-age=16070400 x-source U/200, G/200 via T.165.H, V.pcw-cn-hkg-165, T.132.N, M.gtt-de-fra2-132 cf-ray 8c7771ff2b176a77-TXL accept-ranges bytes access-control-allow-origin * content-length 19076 server cloudflare
GET H2	200	AVA-LONGBEACH-5-1.jpg longbeachpearl.com/wp-content/uploads/2023/11/	54 KB 54 KB	2373ms 549ms	Image image/jpeg	103.77.160.17 SUPERDATA-AS-VN S...
General Check archive.org Show headers Download Go to Show image Full URL https://longbeachpearl.com/wp-content/uploads/2023/11/AVA-LONGBEACH-5-1.jpg Requested by Host: ngayqua.com URL: https://ngayqua.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.77.160.17 , Viet Nam, ASN45544 (SUPERDATA-AS-VN SUPERDATA-, VN), Reverse DNS Software LiteSpeed / Resource Hash bab9ff4919955311a630498e54e1f919bfa78a54d345b50990144765d3183d70 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ngayqua.com/ Response headers cache-control public, max-age=604800 etag "d620-65a85d95-a7bdc27eb6439b1a;;;" expires Mon, 30 Sep 2024 03:25:28 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 54816 date Mon, 23 Sep 2024 03:25:28 GMT content-type image/jpeg last-modified Wed, 17 Jan 2024 23:07:01 GMT server LiteSpeed vary User-Agent
GET H3	404	trang-1695636674.png ngayqua.com/uploads/images/setting/huyhoang/2023/09/25/	5 KB 5 KB	824ms 824ms	Image text/html	172.67.166.111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ngayqua.com/uploads/images/setting/huyhoang/2023/09/25/trang-1695636674.png?ver=1726025138 Requested by Host: ngayqua.com URL: https://ngayqua.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.166.111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6511661340d336f5aa9d70b8e41e8a64319422a723bec02a3597cda64c199836 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ngayqua.com/ Response headers cache-control no-cache, private nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status BYPASS speculation-rules "/cdn-cgi/speculation" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oOOyz1QOwieL28rjIf5RUpnFBGqBZQpGCB7OZ41SLdqK3sjA4ZcmxS6eZICU0XpVIy4B6ltkGL%2BF31Gp3HKt4qsLmRBvn1HMhk81eOW4DpigdtfrU1BLdSFuT08yxw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c7771ffca0f10c1-CPH access-control-allow-origin * date Mon, 23 Sep 2024 03:28:34 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding server cloudflare
GET H3	200	email-decode.min.js Show response ngayqua.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	28ms 27ms	Script application/javascript	172.67.166.111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ngayqua.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: ngayqua.com URL: https://ngayqua.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.166.111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ngayqua.com/ Response headers x-frame-options DENY nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cache-control max-age=172800, public content-encoding gzip etag W/"66e7fb1c-4d7" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S35m%2FzMz0o%2BY49FFcOHSH1U5ze%2BA2z7VkMXeaYmNBjrog1zR8QAwb2%2B%2BdTIF92L3z0Tvo9mLu3bnUyddPQV0XjJoYUpPDk%2FagRyxqr35coHtCr14OXPSI2BT8YFhcg%3D%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff cf-ray 8c7771ffca0d10c1-CPH expires Wed, 25 Sep 2024 03:28:33 GMT date Mon, 23 Sep 2024 03:28:33 GMT content-type application/javascript last-modified Mon, 16 Sep 2024 09:32:12 GMT server cloudflare vary Accept-Encoding
GET H3	200	app.js Show response ngayqua.com/themes/tinhte/public/js/	467 KB 136 KB	113ms 113ms	Script application/javascript	172.67.166.111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ngayqua.com/themes/tinhte/public/js/app.js?ver=1726025138 Requested by Host: ngayqua.com URL: https://ngayqua.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.166.111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2817270736d1db78da7fb637c7dbb96cf314939c24d64a432284eac5bb9417a5 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ngayqua.com/ Response headers cache-control public, max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag W/"66b32b32-74a64" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FjqbuY9ktMIMvCWLc3JKUkTu0rPbFFJh9FI4NFaZ3gKIo3kXgesH5Gcz2ay%2Bor6UwW5xPW5poC11Q%2FZGiwqtdwNO%2FdH6v3tawHEQsKX3va4hGEleYmDmk6frFP2GIw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c7771ffca0e10c1-CPH expires Wed, 23 Oct 2024 03:28:33 GMT date Mon, 23 Sep 2024 03:28:33 GMT content-type application/javascript; charset=utf-8 last-modified Wed, 07 Aug 2024 08:07:14 GMT vary Accept-Encoding server cloudflare
GET DATA	200 OK	truncated /	217 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 929fca0851608150592e5854ea93d696951da414e19be4ef5f863947f5a623bd Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET H2	200	fa-regular-400.woff2 pro.fontawesome.com/releases/v5.15.1/webfonts/	170 KB 170 KB	638ms 581ms	Font font/woff2	2606:4700:4400::6812:2844 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pro.fontawesome.com/releases/v5.15.1/webfonts/fa-regular-400.woff2 Requested by Host: ngayqua.com URL: https://ngayqua.com/themes/tinhte/public/css/app.css?v=1726025138 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4e4cc2d5669ad1bb831c050c273dbf760a070eb5f413458cf5cd7625c594a583 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://ngayqua.com Referer https://ngayqua.com/ Response headers access-control-max-age 3000 cf-cache-status MISS etag "f3beba98d10f221fd533c55345fc6823" access-control-allow-methods GET date Mon, 23 Sep 2024 03:28:33 GMT content-type font/woff2 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding last-modified Mon, 28 Jun 2021 17:19:52 GMT x-amz-id-2 uUrPmby0GXScltiKVqJtXmq9KrJR+1RJgAw22cFC0aVmlU4rlm6T4pJOOTrNL3XpaMTqVaQshAE= cache-control max-age=31556926 x-amz-request-id XPCWC832AGCXS7WX cf-ray 8c77720048b44534-TXL accept-ranges bytes access-control-allow-origin * content-length 173596 server cloudflare
GET H2	200	fa-solid-900.woff2 pro.fontawesome.com/releases/v5.15.1/webfonts/	138 KB 138 KB	605ms 548ms	Font font/woff2	2606:4700:4400::6812:2844 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pro.fontawesome.com/releases/v5.15.1/webfonts/fa-solid-900.woff2 Requested by Host: ngayqua.com URL: https://ngayqua.com/themes/tinhte/public/css/app.css?v=1726025138 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8b5a3ff47c2413e0bf3dd3bb7899a25aeef9b390a055847a1185a39ad48a2da2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://ngayqua.com Referer https://ngayqua.com/ Response headers access-control-max-age 3000 cf-cache-status MISS etag "25d740d42658b6e2c293ce7b3322aac7" access-control-allow-methods GET date Mon, 23 Sep 2024 03:28:33 GMT content-type font/woff2 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding last-modified Mon, 28 Jun 2021 17:19:52 GMT x-amz-id-2 E29EUBJtE6UWeXnB3kl/q4dVO4MCSQSdbs0jD+FHyMkLrhSutPX4yKZgQMKep9UH3FDjIetjgZY= cache-control max-age=31556926 x-amz-request-id XPCPJQ1HMQ2RJKFX cf-ray 8c77720058ba4534-TXL accept-ranges bytes access-control-allow-origin * content-length 140996 server cloudflare
GET H3	200	Lato-Bold.woff2 ngayqua.com/frontend/fonts/Lato-Bold/	175 KB 175 KB	131ms 131ms	Font font/woff2	172.67.166.111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ngayqua.com/frontend/fonts/Lato-Bold/Lato-Bold.woff2 Requested by Host: ngayqua.com URL: https://ngayqua.com/themes/tinhte/public/css/app.css?v=1726025138 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.166.111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc8d96fe9d7088bb0d1a537d40d5576c81c458dbd7cfad97a832634462a2de77 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://ngayqua.com Referer https://ngayqua.com/themes/tinhte/public/css/app.css?v=1726025138 Response headers cache-control public, max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "6688bcb2-2ba68" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xn5Rz4o2%2BLJLuIaiJUtfU1FKKP5PvGOlnzIgXkJsJbOKqt8CvoYT2M7eOfWfOwIbspX1bd6qUMhAk9YlweXVtaUF5yEoLENIVgnujLEhkpIRYtXtycHVXpBrhVkr6w%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c7771fffa1a10c1-CPH expires Wed, 23 Oct 2024 03:28:33 GMT accept-ranges bytes content-length 178792 date Mon, 23 Sep 2024 03:28:33 GMT content-type font/woff2 last-modified Sat, 06 Jul 2024 03:40:34 GMT vary Accept-Encoding server cloudflare
GET H2	200	fa-brands-400.woff2 pro.fontawesome.com/releases/v5.15.1/webfonts/	77 KB 77 KB	523ms 467ms	Font font/woff2	2606:4700:4400::6812:2844 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pro.fontawesome.com/releases/v5.15.1/webfonts/fa-brands-400.woff2 Requested by Host: ngayqua.com URL: https://ngayqua.com/themes/tinhte/public/css/app.css?v=1726025138 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 59beb1f8f4ea7e16c50ae0652005e6f7a39f58f9deb0e155d8c8981ea99544b0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://ngayqua.com Referer https://ngayqua.com/ Response headers access-control-max-age 3000 cf-cache-status MISS etag "ff496de99efc36ce4f6f1e611ada7e65" access-control-allow-methods GET date Mon, 23 Sep 2024 03:28:33 GMT content-type font/woff2 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding last-modified Mon, 28 Jun 2021 17:19:51 GMT x-amz-id-2 qA9avp/3QGQDoJTMkkylEF4pUnDkNS0xoFwCvooctHuZZ77UHF8lEvZdniEFll6T+0/e6vzF1/A= cache-control max-age=31556926 x-amz-request-id XPCQCX5YAN5F5X2B cf-ray 8c77720048b74534-TXL accept-ranges bytes access-control-allow-origin * content-length 78464 server cloudflare
GET H3	200	roboto_regular.woff2 ngayqua.com/frontend/fonts/roboto_regular/	44 KB 45 KB	134ms 133ms	Font font/woff2	172.67.166.111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ngayqua.com/frontend/fonts/roboto_regular/roboto_regular.woff2 Requested by Host: ngayqua.com URL: https://ngayqua.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.166.111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 700fd526c6e0f2f766efab9679cce63e5e3b444910585dfe0c4eb60801673599 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://ngayqua.com Referer https://ngayqua.com/ Response headers cache-control public, max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "6688bcb2-b188" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2JABglfN9Rvmavnm73ahYjtHmSr%2B0PdmUX%2Bhl%2FJhx7d%2BofQ2srPDmxNuiw9sZXhGoH8ztkkYwytExxXF8GUlm%2BEpkuZpkLFxUQksGDiAoqVRJ0LPl8Vqm9x7e8Ts2g%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c7771fffa1b10c1-CPH expires Wed, 23 Oct 2024 03:28:33 GMT accept-ranges bytes content-length 45448 date Mon, 23 Sep 2024 03:28:33 GMT content-type font/woff2 last-modified Sat, 06 Jul 2024 03:40:34 GMT vary Accept-Encoding server cloudflare
GET H3	200	1848_hinh_nen_co_bon_la__67_.jpg mega.com.vn/media/news/	30 KB 30 KB	799ms 756ms	Image image/jpeg	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mega.com.vn/media/news/1848_hinh_nen_co_bon_la__67_.jpg Requested by Host: ngayqua.com URL: https://ngayqua.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4faf82a09579b4c68b14bc41b1af44ca8683317b84c05ba8ca410f05a747ea0d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ngayqua.com/ Response headers cache-control max-age=315360000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "62a6ece5-763d" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RSctJu8mrwtRnZ8Jg7SXlWwQXskktO9sVrdf493DTUi1IeCn6cDu2DAjMVj8aIbWuRrQkSciw6ZPchiQQwYU%2FRiP4mVgjH22WA4NxhQzRg%2FQ5unW1xQZdH8S5WTSOg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c7772014eb3930b-CPH expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes content-length 30269 date Mon, 23 Sep 2024 03:28:34 GMT content-type image/jpeg last-modified Mon, 13 Jun 2022 07:53:09 GMT vary Accept-Encoding server cloudflare
GET H2	200	2f9dcc85e96abe491f3e7053e08465f0.jpg hinhdep.com.vn/wp-content/uploads/2024/05/	60 KB 60 KB	868ms 202ms	Image image/jpeg	143.42.78.29 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Show image Full URL https://hinhdep.com.vn/wp-content/uploads/2024/05/2f9dcc85e96abe491f3e7053e08465f0.jpg Requested by Host: ngayqua.com URL: https://ngayqua.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.42.78.29 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 143-42-78-29.ip.linodeusercontent.com Software nginx / Resource Hash 873d9acf5bc90c6df83ddfe918a0799de485cfd6dc2e80e39da4a6c769a4c35d Security Headers Name Value X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ngayqua.com/ Response headers cache-control max-age=31536000 etag "66539fe4-f012" x-content-type-options nosniff, nosniff expires Tue, 23 Sep 2025 03:28:34 GMT accept-ranges bytes content-length 61458 date Mon, 23 Sep 2024 03:28:34 GMT x-xss-protection 1; mode=block content-type image/jpeg last-modified Sun, 26 May 2024 20:47:32 GMT server nginx x-frame-options SAMEORIGIN
GET H2	200	pngtree-c4d-yellow-lottery-turntable-png-image_4153127.png png.pngtree.com/png-clipart/20220111/ourmid/	78 KB 79 KB	1262ms 1210ms	Image image/jpg	2606:4700::6812:29d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://png.pngtree.com/png-clipart/20220111/ourmid/pngtree-c4d-yellow-lottery-turntable-png-image_4153127.png Requested by Host: ngayqua.com URL: https://ngayqua.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:29d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fb520c848036333d8bd97875142a23434edbabe79ee649ee3aae014d9e470430 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ngayqua.com/ Response headers cf-ray 8c7772014ca46a75-TXL cache-control public, max-age=16070400 cf-bgj h2pri etag "39714f7ad4a5e2fbc0b552fdc4a98ad7" cf-cache-status HIT x-amz-request-id 3CPQSGA774VG0888 expires Fri, 28 Mar 2025 03:28:34 GMT accept-ranges bytes content-length 80117 date Mon, 23 Sep 2024 03:28:34 GMT content-type image/jpg last-modified Tue, 11 Jan 2022 19:18:02 GMT vary Accept-Encoding server cloudflare x-amz-id-2 3jH7O9mQbSZG3jcb4PNekavoJuHXb51+Iv2wrkRnXk6N3ggKkCIPQ/XrMwzKVNjK4V/VvuLM9Wg=
GET H2	200	pngtree-colorful-halloween-pumpkin-with-autumn-tree-png-image_13699687.png png.pngtree.com/png-vector/20240922/ourmid/	192 KB 193 KB	1425ms 1373ms	Image image/png	2606:4700::6812:29d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://png.pngtree.com/png-vector/20240922/ourmid/pngtree-colorful-halloween-pumpkin-with-autumn-tree-png-image_13699687.png Requested by Host: ngayqua.com URL: https://ngayqua.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:29d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4bd6453d88b6e166a6b5847b2b243f28f1a806c4b316809696cd676d870c2130 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ngayqua.com/ Response headers x-amz-id-2 SJoeIJK7V02rPLcyvRMsfEvA6jIM5vIFRXi13R02zsyMlb2Zh9HDtSSyx5BTSrRbcwcIlGWcSJg= cache-control public, max-age=16070400 cf-ray 8c7772014ca96a75-TXL cf-cache-status MISS etag "a695a7690b4464bbe7f5c45837501019" x-amz-request-id R7N2116T2ZRY5QR0 expires Fri, 28 Mar 2025 03:28:34 GMT accept-ranges bytes content-length 196753 date Mon, 23 Sep 2024 03:28:34 GMT content-type image/png last-modified Sun, 22 Sep 2024 23:48:39 GMT vary Accept-Encoding server cloudflare x-amz-server-side-encryption AES256
GET H2	200	71585.jpg gcs.tripi.vn/public-tripi/tripi-feed/img/473970geC/	5 KB 6 KB	398ms 309ms	Image image/jpeg	2400:52e0:1e00::1049:1 CDN77 _
General Check archive.org Show headers Download Go to Show image Full URL https://gcs.tripi.vn/public-tripi/tripi-feed/img/473970geC/71585.jpg Requested by Host: ngayqua.com URL: https://ngayqua.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1049:1 , Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software BunnyCDN-DE1-1049 / Resource Hash d76e85e47a82017c01482a4893b945caf534bcddd0fb8ffcd7547f4085997ba6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ngayqua.com/ Response headers cdn-status 200 etag "65dc8eb1-14b7" cdn-fileserver 780 date Mon, 23 Sep 2024 03:28:33 GMT cdn-storageserver SG-515 content-type image/jpeg last-modified Mon, 26 Feb 2024 13:14:25 GMT cdn-cachedat 09/23/2024 03:28:33 cdn-cache MISS cdn-requestpullcode 200 cache-control public, max-age=31919000 cdn-requestpullsuccess True cdn-uid 997b7c59-5e69-404c-907e-2b883550ed60 cdn-requestid 84050984a4bad48a2e3915171eff6cee cdn-pullzone 1519349 cdn-proxyver 1.04 accept-ranges bytes content-length 5303 cdn-edgestorageid 722 perma-cache HIT server BunnyCDN-DE1-1049 cdn-requestcountrycode DE
GET H3	200	sdk.js Show response connect.facebook.net/vi_VN/	3 KB 2 KB	74ms 34ms	Script application/x-javascript	157.240.0.6 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/vi_VN/sdk.js Requested by Host: ngayqua.com URL: https://ngayqua.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-fra3.fbcdn.net Software / Resource Hash ac5b0659c5630105b5494bb00da7fe8e56e1faabdfe3bb436ea83b58cab964fb Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://ngayqua.com Referer https://ngayqua.com/ Response headers content-md5 1awtCmM08ErTTaO8tCDpWA== access-control-expose-headers X-FB-Content-MD5 content-encoding gzip etag "c79323a3996efe69967de21ade3aea42" report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Mon, 23 Sep 2024 03:31:28 GMT alt-svc h3=":443"; ma=86400 edge-control cache-maxage=1200s date Mon, 23 Sep 2024 03:28:36 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-content-md5 c637ca3979e8b98801079ecb8f6c14bf cache-control public,max-age=1200,stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" x-fb-connection-quality EXCELLENT; q=0.9, rtt=27, rtx=0, c=23, mss=1232, tbw=4442, tp=9, tpl=0, uplat=4, ullat=-1 x-fb-debug cOr6rIep45CV2RzThPPDcBjecAEu7eJjrcu4jUAi3WI6m5sVrSYfkMr0UW54QSA2v48+KIJy7LHtzwynTPjivw== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top access-control-allow-origin * content-length 1686 origin-agent-cluster ?0
GET H3	200	sdk.js Show response connect.facebook.net/vi_VN/	283 KB 81 KB	32ms 32ms	Script application/x-javascript	157.240.0.6 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/vi_VN/sdk.js?hash=d5ae9dc57e2336059e078ebea3f015f2 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/vi_VN/sdk.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-fra3.fbcdn.net Software / Resource Hash 6dc8bf12c87afe947a9f7039792d06f9efadab42ae802018eefe3ea93d26a6f6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://ngayqua.com Referer https://ngayqua.com/ Response headers content-md5 UPZz3S57B9ccwVfNO5cJgQ== access-control-expose-headers X-FB-Content-MD5 content-encoding gzip etag "bb6647876035bfb8574bb20f79a0d328" report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Tue, 23 Sep 2025 01:57:15 GMT alt-svc h3=":443"; ma=86400 date Mon, 23 Sep 2024 03:28:36 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-content-md5 037891cd70474ebcc4bde325c5b4a7ca cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" x-fb-connection-quality EXCELLENT; q=0.9, rtt=27, rtx=0, c=26, mss=1232, tbw=8298, tp=14, tpl=0, uplat=3, ullat=-1 x-fb-debug vzxvTEq9ipM76jkuIpoePu4yatoVkSLEpKpG2gasdIL9EH8LmRx/Z79skiNSCnogQvbLP5wNlIc2tuUqLlZrRw== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top access-control-allow-origin * content-length 82674 origin-agent-cluster ?0
GET H2	200	page.php www.facebook.com/v11.0/plugins/ Frame 3789	0 0	475ms 414ms	Document text/html	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/v11.0/plugins/page.php?adapt_container_width=true&app_id=2503419203077231&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b249bed23a8670c%26domain%3Dngayqua.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fngayqua.com%252Ffe1216f5fd5a00ef3%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fnhanh3s&locale=vi_VN&sdk=joey&show_facepile=true&small_header=false&tabs=&width= Requested by Host: connect.facebook.net URL: https://connect.facebook.net/vi_VN/sdk.js?hash=d5ae9dc57e2336059e078ebea3f015f2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ngayqua.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, must-revalidate content-encoding zstd content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; content-type text/html; charset="utf-8" cross-origin-opener-policy unsafe-none;report-to="coop_report" cross-origin-resource-policy cross-origin date Mon, 23 Sep 2024 03:28:37 GMT document-policy force-load-at-top expires Sat, 01 Jan 2000 00:00:00 GMT facebook-api-version v15.0 origin-agent-cluster ?0 permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" pragma no-cache report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7417675308513077732"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7417675308513077732", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" strict-transport-security max-age=15552000; preload vary Accept-Encoding x-content-type-options nosniff x-fb-connection-quality EXCELLENT; q=0.9, rtt=27, rtx=0, c=10, mss=1368, tbw=2787, tp=-1, tpl=-1, uplat=384, ullat=0 x-fb-debug VmLJwco+J6ULlu1q6iKD/l7Z2VvndXdBnorUu5eA7M7DjvvSDYhQobBN8fykdyq9Jm+iGrloHiRUg6/KT5Dw2g== x-xss-protection 0
GET H3	404	icon-1695636639.png ngayqua.com/uploads/images/setting/huyhoang/2023/09/25/	47 KB 10 KB	420ms 420ms	Other text/html	172.67.166.111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ngayqua.com/uploads/images/setting/huyhoang/2023/09/25/icon-1695636639.png?ver=1726025138 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.166.111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c99d9db4e81f98bfe8fd54e58979b2438e575f341ea2ccffe1772056bd5b7104 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ngayqua.com/ Response headers cache-control no-cache, private nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status BYPASS speculation-rules "/cdn-cgi/speculation" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iSDedMp%2B56k9WMQ83jVL2a9aj26bksNo%2FHFm6F7hXrkx48YNH8XRN5r6ZugGFEttIKNYA%2Fhln1NQRik8WmYQB9cH0ZrJNZXWcVZrbcSTuNV422OU67rrhgu0K6vy6g%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c77721b290710c1-CPH access-control-allow-origin * date Mon, 23 Sep 2024 03:28:38 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding server cloudflare

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| WN_Data function| triggerScriptLoader function| loadScripts function| Waypoint function| $ boolean| mCustomScrollbar function| LazyLoad object| toastr object| lazyLoadInstance function| viewModePC object| cookiePopup function| refrClock function| timeClock object| Toc object| FB object| __buffer

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ngayqua.com/	1970-01-20 23:44:29	Name: 127001_session Value: eyJpdiI6ImhmQW05RllNVkF4eEtrRmNzVXpEbHc9PSIsInZhbHVlIjoiUktzQXNKQ0JkU1o1dmp3NmxrcS9JL3VuV281SnNRQlk0dllCczJSa0JPbmF3ejlzbGpHOEcyb0laTmp5aFFqNEg0R3MyeEZkaERJZjFwTWlpdW1JUkE3OXlUd1ZnZUVXYzdzUGQzbmZkbXVjQzBLNkVmcFl6dlhJdGJEd3dUSHUiLCJtYWMiOiJhMDQ5N2Q3MmMxNWI5OTQ4MDA5MWQ5NWU2OGY4ODhmMjRiZWYzNGM0YjNiZWVmZjExMDYyMjY3NmNjMzM1YTgxIiwidGFnIjoiIn0%3D
			.pngtree.com/	1970-01-20 23:44:23	Name: __cf_bm Value: RJIF5luzyA6C14zyLtGCvlbGZ5XEdE.8fxuAkQo6vrU-1727062114-1.0.1.1-cULwTAliaNtey0OjF2XC2DEm3.oL68S2PFbw_8MkD6eu51j4m_P9DdhdOc.NJfkl.BuXhK2Fas0xkh1BCWBMMw

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://ngayqua.com/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://ngayqua.com/uploads/images/setting/huyhoang/2023/09/25/chuan-1695636568.png?ver=1726025138 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ngayqua.com/uploads/images/setting/huyhoang/2023/09/25/trang-1695636674.png?ver=1726025138 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ngayqua.com/uploads/images/setting/huyhoang/2023/09/25/icon-1695636639.png?ver=1726025138 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
gcs.tripi.vn
hinhdep.com.vn
img.pikbest.com
longbeachpearl.com
mega.com.vn
ngayqua.com
png.pngtree.com
pro.fontawesome.com
www.facebook.com
103.77.160.17
104.18.26.9
143.42.78.29
157.240.0.6
172.67.166.111
188.114.97.3
2400:52e0:1e00::1049:1
2606:4700:4400::6812:2844
2606:4700::6812:29d
2a03:2880:f177:185:face:b00c:0:25de
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2817270736d1db78da7fb637c7dbb96cf314939c24d64a432284eac5bb9417a5
49451b0ebecbf01d79d25a9aef36bdfa304e553b715d42ef0738f27a98238d81
4bd6453d88b6e166a6b5847b2b243f28f1a806c4b316809696cd676d870c2130
4e4cc2d5669ad1bb831c050c273dbf760a070eb5f413458cf5cd7625c594a583
4faf82a09579b4c68b14bc41b1af44ca8683317b84c05ba8ca410f05a747ea0d
59beb1f8f4ea7e16c50ae0652005e6f7a39f58f9deb0e155d8c8981ea99544b0
6511661340d336f5aa9d70b8e41e8a64319422a723bec02a3597cda64c199836
6dc8bf12c87afe947a9f7039792d06f9efadab42ae802018eefe3ea93d26a6f6
700fd526c6e0f2f766efab9679cce63e5e3b444910585dfe0c4eb60801673599
7b8a5e1845e45bdb8e666dd5f843f5a35c4d983747c50eb677753cacfeaf20e1
873d9acf5bc90c6df83ddfe918a0799de485cfd6dc2e80e39da4a6c769a4c35d
8b5a3ff47c2413e0bf3dd3bb7899a25aeef9b390a055847a1185a39ad48a2da2
929fca0851608150592e5854ea93d696951da414e19be4ef5f863947f5a623bd
ac5b0659c5630105b5494bb00da7fe8e56e1faabdfe3bb436ea83b58cab964fb
bab9ff4919955311a630498e54e1f919bfa78a54d345b50990144765d3183d70
c99d9db4e81f98bfe8fd54e58979b2438e575f341ea2ccffe1772056bd5b7104
ccf46fa6561bc4f79e632235240d03bb0289212091b32643efe3381eab7332ba
d76e85e47a82017c01482a4893b945caf534bcddd0fb8ffcd7547f4085997ba6
dc8d96fe9d7088bb0d1a537d40d5576c81c458dbd7cfad97a832634462a2de77
f88d34a78d682e1e8d6a3a69e6e3655188f85e600a67e0451fa1ab87aa2533f2
fb520c848036333d8bd97875142a23434edbabe79ee649ee3aae014d9e470430