vannomroblox1.com Open in urlscan Pro
103.221.221.61 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://vannomroblox1.com/
Submission Tags: phishingrod
Submission: On May 13 via api (May 13th 2023, 3:13:57 am UTC) from DE — Scanned from DE

Summary HTTP 73 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 17 domains to perform 73 HTTP transactions. The main IP is 103.221.221.61, located in Ho Chi Minh City, Viet Nam and belongs to AZDIGI-AS-VN AZDIGI Corporation, VN. The main domain is vannomroblox1.com.
TLS certificate: Issued by R3 on May 13th 2023. Valid for: 3 months.

This is the only time vannomroblox1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	103.221.221.61 103.221.221.61	63760 (AZDIGI-AS...) (AZDIGI-AS-VN AZDIGI Corporation)
4	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6816:325d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	146.75.116.193 146.75.116.193	54113 (FASTLY) (FASTLY)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
9	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:4911	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.19.58.157 162.19.58.157	16276 (OVH) (OVH)
10	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
73	21

21 103.221.221.61 (Ho Chi Minh City, Viet Nam)

ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN)

vannomroblox1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:325d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.datatables.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.75.116.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4911 (United States)

ASN13335 (CLOUDFLARENET, US)

static.nulled.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.58.157 (France)

ASN16276 (OVH, FR)
PTR: ns3096589.ip-162-19-58.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	vannomroblox1.com vannomroblox1.com	2 MB
12	gstatic.com fonts.gstatic.com www.gstatic.com	131 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 85	953 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 50 jnn-pa.googleapis.com — Cisco Umbrella Rank: 233	35 KB
4	imgur.com i.imgur.com — Cisco Umbrella Rank: 5738	431 B
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 static.doubleclick.net — Cisco Umbrella Rank: 272	1 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 379	24 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	89 KB
2	datatables.net cdn.datatables.net — Cisco Umbrella Rank: 5378	114 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	9 KB
2	unpkg.com unpkg.com — Cisco Umbrella Rank: 930	102 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 224	4 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 104	47 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	15 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	185 B
1	ibb.co i.ibb.co — Cisco Umbrella Rank: 12330	5 KB
1	nulled.to static.nulled.to	22 KB
73	17

	Domain	Requested by
21	vannomroblox1.com	vannomroblox1.com
10	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
9	www.youtube.com	vannomroblox1.com www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
4	i.imgur.com	vannomroblox1.com
4	fonts.googleapis.com	vannomroblox1.com
3	cdn.jsdelivr.net	vannomroblox1.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	connect.facebook.net	vannomroblox1.com connect.facebook.net
2	cdn.datatables.net	vannomroblox1.com
2	cdnjs.cloudflare.com	vannomroblox1.com
2	unpkg.com	vannomroblox1.com unpkg.com
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	www.facebook.com	vannomroblox1.com
1	i.ibb.co	vannomroblox1.com
1	static.nulled.to	vannomroblox1.com
73	20

This site contains links to these domains. Also see Links.

Domain
www.facebook.com

Subject Issuer	Validity	Valid
vannomroblox1.com R3	`2023-05-13` - `2023-08-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-13` - `2024-03-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-19` - `2023-05-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
i.ibb.co R3	`2023-04-11` - `2023-07-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://vannomroblox1.com/
Frame ID: 4CBA8AE9FE2FC812C4CE3BA4C2F9F56B
Requests: 50 HTTP requests in this frame

Frame: https://www.youtube.com/embed/AlKUT2mnkdw
Frame ID: 95888EA8FDC9307D890080CB276A77E7
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Shop Bán Acc Uy Tín - Chất Lượng Hàng Đầu VN | vannomroblox.com

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

DataTables (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

dataTables.*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/npm/sweetalert2@([\d.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

73
Requests

99 %
HTTPS

85 %
IPv6

17
Domains

20
Subdomains

21
IPs

4
Countries

3874 kB
Transfer

8659 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/thanhmew.mmo/
Title: THANHMEW

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

73 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
vannomroblox1.com/ 1 MB
1023 KB 737ms
189ms Document
text/html 103.221.221.61
AZDIGI-AS-VN AZDI...

General

Check archive.org

Show headers Download Go to

Full URL: https://vannomroblox1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.221.221.61 Ho Chi Minh City, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software: LiteSpeed / PHP/7.4.33
Resource Hash: 13e45351fad327c907ffb74bde12ba43e1c5417b83285f196092921bdb95a59b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 13 May 2023 03:13:25 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
509 B 137ms
51ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Goldman&display=swap

Requested by

Host: vannomroblox1.com
URL: https://vannomroblox1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3524aa4da3719b19369f9e2b940c26ab32291bad05e10d84775cac9e7cd9b027

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vannomroblox1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 May 2023 03:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 May 2023 03:13:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 May 2023 03:13:26 GMT

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
1 KB 135ms
49ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&family=Roboto:wght@900&display=swap

Requested by

Host: vannomroblox1.com
URL: https://vannomroblox1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

223d601e88c26b2ea17543a5b60c7dbfdf2c6bddd92614af40232e894f34b652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vannomroblox1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 May 2023 03:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 May 2023 03:13:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 May 2023 03:13:26 GMT

GET
H2 200 style.css
vannomroblox1.com/template/theme/assets/frontend/css/ 75 KB
13 KB 355ms
351ms Stylesheet
text/css 103.221.221.61
AZDIGI-AS-VN AZDI...

General

Check archive.org

Show headers Download Go to

Full URL: https://vannomroblox1.com/template/theme/assets/frontend/css/style.css?v=1621615725
Requested by: Host: vannomroblox1.com
URL: https://vannomroblox1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.221.221.61 Ho Chi Minh City, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 74a3618917464f013f372535184ef9ccf3a119aa6a20c4696b2770644ff81c45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vannomroblox1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:13:26 GMT
content-encoding: br
last-modified: Sun, 07 May 2023 17:23:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13709
expires: Sat, 20 May 2023 03:13:26 GMT

GET
H2 200 css.css
vannomroblox1.com/template/ 462 B
267 B 355ms
351ms Stylesheet
text/css 103.221.221.61
AZDIGI-AS-VN AZDI...

General

Check archive.org

Show headers Download Go to

Full URL: https://vannomroblox1.com/template/css.css
Requested by: Host: vannomroblox1.com
URL: https://vannomroblox1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.221.221.61 Ho Chi Minh City, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 8c85869906d27589ef9f4af9c7b4e50e7303835e929df4c0b03656f7b0441a18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vannomroblox1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:13:26 GMT
content-encoding: br
last-modified: Sat, 07 Aug 2021 04:26:10 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 234
expires: Sat, 20 May 2023 03:13:26 GMT

GET
H2 200 boxicons.min.css
unpkg.com/boxicons@2.0.7/css/ 62 KB
11 KB 55ms
19ms Stylesheet
text/css 2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/boxicons@2.0.7/css/boxicons.min.css

Requested by

Host: vannomroblox1.com
URL: https://vannomroblox1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fc734c80933766675fda9c9a1f867289de58d1e6ddc85621e1a37eb506a22ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vannomroblox1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:13:26 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 6352018
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01FX0CS9WZ5S337N9BKFA0FBG3-fra
server: cloudflare
etag: W/"f703-kEpTqbib37RBQP2PIpppYa/VnfU"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c67b9ba088b92c9-FRA

GET
H2 200 jquery-2.1.0.min.js Show response
vannomroblox1.com/template/theme/assets/frontend/plugins/jquery/ 82 KB
30 KB 355ms
351ms Script
application/javascript 103.221.221.61
AZDIGI-AS-VN AZDI...

General

Check archive.org

Show headers Download Go to

Full URL: https://vannomroblox1.com/template/theme/assets/frontend/plugins/jquery/jquery-2.1.0.min.js
Requested by: Host: vannomroblox1.com
URL: https://vannomroblox1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.221.221.61 Ho Chi Minh City, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 3f63164ff0f908bb4162cd5c58bd91e3e5e019a5b3b7caefe3733815b3656514

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vannomroblox1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:13:26 GMT
content-encoding: br
last-modified: Sat, 07 Aug 2021 04:26:10 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 30389
expires: Sat, 20 May 2023 03:13:26 GMT

GET
H2 200 bootstrap.min.js Show response
vannomroblox1.com/template/theme/assets/frontend/plugins/bootstrap/js/ 36 KB
10 KB 355ms
351ms Script
application/javascript 103.221.221.61
AZDIGI-AS-VN AZDI...

General

Check archive.org

Show headers Download Go to

Full URL: https://vannomroblox1.com/template/theme/assets/frontend/plugins/bootstrap/js/bootstrap.min.js
Requested by: Host: vannomroblox1.com
URL: https://vannomroblox1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.221.221.61 Ho Chi Minh City, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 612553e6a88fa4e0196ef0c81f332c75ce887d471b1dd0abe2c3bd05ce861353

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vannomroblox1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:13:26 GMT
content-encoding: br
last-modified: Sat, 07 Aug 2021 04:26:10 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10272
expires: Sat, 20 May 2023 03:13:26 GMT

GET
H2 200 lazyload.js Show response
cdn.jsdelivr.net/npm/lazyload@2.0.0-rc.2/ 6 KB
2 KB 49ms
7ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/lazyload@2.0.0-rc.2/lazyload.js

Requested by

Host: vannomroblox1.com
URL: https://vannomroblox1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

874cad10027313f3620a770d4a338369833ed5b3913f0793cb8500361b19e6ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vannomroblox1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 13 May 2023 03:13:26 GMT
x-content-type-options: nosniff
content-encoding: br
age: 953227
x-jsd-version: 2.0.0-rc.2
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1734
x-served-by: cache-fra-eddf8230123-FRA
x-jsd-version-type: version
etag: W/"162a-+bHVRc9Mhd3adT/5YJ7eVp2Ssx8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery.cookie.js Show response
vannomroblox1.com/template/theme/assets/frontend/plugins/jquery-cookie/ 2 KB
938 B 355ms
351ms Script
application/javascript 103.221.221.61
AZDIGI-AS-VN AZDI...

General

Check archive.org

Show headers Download Go to

Full URL: https://vannomroblox1.com/template/theme/assets/frontend/plugins/jquery-cookie/jquery.cookie.js
Requested by: Host: vannomroblox1.com
URL: https://vannomroblox1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.221.221.61 Ho Chi Minh City, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: be000dd9f3dde05e61469d7846067b1c346fb9953024b70cbf8ab66fadfc57f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vannomroblox1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:13:26 GMT
content-encoding: br
last-modified: Sat, 07 Aug 2021 04:26:10 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 905
expires: Sat, 20 May 2023 03:13:26 GMT

GET
H2 200 js.cookie.js Show response
vannomroblox1.com/template/theme/assets/frontend/theme/assets/plugins/js-cookie/ 3 KB
1 KB 356ms
353ms Script
application/javascript 103.221.221.61
AZDIGI-AS-VN AZDI...

General

Check archive.org

Show headers Download Go to

Full URL: https://vannomroblox1.com/template/theme/assets/frontend/theme/assets/plugins/js-cookie/js.cookie.js
Requested by: Host: vannomroblox1.com
URL: https://vannomroblox1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.221.221.61 Ho Chi Minh City, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: ae1b952722e8297601f246c542205e30d25321b73153e0bd88f0a694e592f593

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vannomroblox1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:13:26 GMT
content-encoding: br
last-modified: Sat, 07 Aug 2021 04:26:10 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1159
expires: Sat, 20 May 2023 03:13:26 GMT

GET
H2 200 bootstrap-datepicker.min.js Show response
vannomroblox1.com/template/theme/assets/frontend/theme/assets/plugins/bootstrap-datepicker/js/ 33 KB
10 KB 355ms
352ms Script
application/javascript 103.221.221.61
AZDIGI-AS-VN AZDI...

General

Check archive.org

Show headers Download Go to

Full URL: https://vannomroblox1.com/template/theme/assets/frontend/theme/assets/plugins/bootstrap-datepicker/js/bootstrap-datepicker.min.js
Requested by: Host: vannomroblox1.com
URL: https://vannomroblox1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.221.221.61 Ho Chi Minh City, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: e938ccaf6d664fa5663d08d918ef5be0c049b5794fa469c91ed9afee32399c51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vannomroblox1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:13:26 GMT
content-encoding: br
last-modified: Sat, 07 Aug 2021 04:26:10 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10447
expires: Sat, 20 May 2023 03:13:26 GMT

GET
H2 200 rotate.js Show response
vannomroblox1.com/template/js/ 13 KB
3 KB 355ms
352ms Script
application/javascript 103.221.221.61
AZDIGI-AS-VN AZDI...

General

Check archive.org

Show headers Download Go to

Full URL: https://vannomroblox1.com/template/js/rotate.js
Requested by: Host: vannomroblox1.com
URL: https://vannomroblox1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.221.221.61 Ho Chi Minh City, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: b955b705ef904090085a1ca2739f4a2ebc579d52b37d9cde995af996732828aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vannomroblox1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:13:26 GMT
content-encoding: br
last-modified: Sat, 29 Apr 2023 11:01:58 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3167
expires: Sat, 20 May 2023 03:13:26 GMT

GET
H2 200 kun.js Show response
vannomroblox1.com/template/theme/assets/frontend/js/ 4 KB
1 KB 355ms
352ms Script
application/javascript 103.221.221.61
AZDIGI-AS-VN AZDI...

General

Check archive.org

Show headers Download Go to

Full URL: https://vannomroblox1.com/template/theme/assets/frontend/js/kun.js
Requested by: Host: vannomroblox1.com
URL: https://vannomroblox1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.221.221.61 Ho Chi Minh City, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 267d7e881bfe440ec22e504a58edd746fce25c67db57d14ee90f1075310f5940

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vannomroblox1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:13:26 GMT
content-encoding: br
last-modified: Sat, 07 Aug 2021 04:26:10 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1051
expires: Sat, 20 May 2023 03:13:26 GMT

GET
H2 200 backtotop.js Show response
vannomroblox1.com/template/theme/assets/frontend/js/ 944 B
418 B 355ms
351ms Script
application/javascript 103.221.221.61
AZDIGI-AS-VN AZDI...

General

Check archive.org

Show headers Download Go to

Full URL: https://vannomroblox1.com/template/theme/assets/frontend/js/backtotop.js
Requested by: Host: vannomroblox1.com
URL: https://vannomroblox1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.221.221.61 Ho Chi Minh City, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 2944868ff972d8d744004100daa99513d864183764505363d42b9f504d9bfe7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vannomroblox1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:13:26 GMT
content-encoding: br
last-modified: Sat, 07 Aug 2021 04:26:10 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 385
expires: Sat, 20 May 2023 03:13:26 GMT

GET
H2 200 sweetalert2@11 Show response
cdn.jsdelivr.net/npm/ 63 KB
19 KB 49ms
7ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@11

Requested by

Host: vannomroblox1.com
URL: https://vannomroblox1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f40b487eeb315e2d23e335dd4b14626459f4836d8e05d9533b805db1cdb3fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vannomroblox1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 13 May 2023 03:13:26 GMT
x-content-type-options: nosniff
content-encoding: br
age: 11115
x-jsd-version: 11.7.5
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 19188
x-served-by: cache-fra-eddf8230123-FRA
x-jsd-version-type: version
etag: W/"fa8a-LwUSIqInUzxgLZMa9S/Hhkn+Bok"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 64ms
21ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vannomroblox1.com
URL: https://vannomroblox1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vannomroblox1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:13:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 373901
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G6dVSCDNc6su%2FimHEz8nerXYv5GetOXt8AiqB2cP5mK42x0IfdECJS8UXSnipm7utSAmuBRn9%2FeMB3Wr%2FZvmrllDM%2Bvx1med0R89vxJNkN4oVRsD2R3U1abjlssSxxnQwsKbWQR0nq5ryvtkfBVYEDej"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c67b9ba1d2739e5-FRA
expires: Thu, 02 May 2024 03:13:26 GMT

GET
H2 200 jquery.dataTables.css
cdn.datatables.net/1.10.24/css/ 16 KB
3 KB 59ms
15ms Stylesheet
text/css 2606:4700:10::6816:325d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/1.10.24/css/jquery.dataTables.css

Requested by

Host: vannomroblox1.com
URL: https://vannomroblox1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57b0cece766a47beabbf2d2da5ae6d6b75e108aa5669555e38123bd9f1d701e8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vannomroblox1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:13:26 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 20910940
content-length: 2369
last-modified: Sun, 11 Sep 2022 22:01:30 GMT
server: cloudflare
etag: "11410a3-3ec4-5e86debe4efd2-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c67b9ba19649b21-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 13 Sep 2023 02:37:45 GMT

GET
H2 200 jquery.dataTables.js Show response
cdn.datatables.net/1.10.24/js/ 440 KB
111 KB 59ms
16ms Script
application/javascript 2606:4700:10::6816:325d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/1.10.24/js/jquery.dataTables.js

Requested by

Host: vannomroblox1.com
URL: https://vannomroblox1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67443c3e2b3a31a2d1039888e7e35979079e927a96d6c95ed3a947facc024d6b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vannomroblox1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:13:26 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 22642673
last-modified: Thu, 14 Jul 2022 08:23:58 GMT
server: cloudflare
etag: "11410c5-6df4f-5e3bf9f8d5a2f-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=31536000
cf-ray: 7c67b9ba19659b21-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Thu, 24 Aug 2023 01:35:32 GMT

GET
H2 200 lazyload.min.js Show response
cdn.jsdelivr.net/npm/vanilla-lazyload@17.3.2/dist/ 7 KB
3 KB 50ms
9ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vanilla-lazyload@17.3.2/dist/lazyload.min.js

Requested by

Host: vannomroblox1.com
URL: https://vannomroblox1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

28762ea362d067f6cdfc31442f0255cbf2998d5f388672e6156378ca30f2514b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vannomroblox1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 13 May 2023 03:13:26 GMT
x-content-type-options: nosniff
content-encoding: br
age: 946444
x-jsd-version: 17.3.2
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2823
x-served-by: cache-fra-eddf8230123-FRA
x-jsd-version-type: version
etag: W/"1d93-ydxKWtG8r6eGCK9bRg4vRr22VFM"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 cute-alert.js Show response
vannomroblox1.com/template/cute-alert/ 4 KB
1 KB 355ms
352ms Script
application/javascript 103.221.221.61
AZDIGI-AS-VN AZDI...

General

Check archive.org

Show headers Download Go to

Full URL: https://vannomroblox1.com/template/cute-alert/cute-alert.js
Requested by: Host: vannomroblox1.com
URL: https://vannomroblox1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.221.221.61 Ho Chi Minh City, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 09157ed9222cf4abc019f4bd7632e6883dc6f264a5969d4bc32f1e9bef98651d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vannomroblox1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:13:26 GMT
content-encoding: br
last-modified: Sat, 07 Aug 2021 04:26:10 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1060
expires: Sat, 20 May 2023 03:13:26 GMT

GET
H2 200 style.css
vannomroblox1.com/template/cute-alert/ 6 KB
1 KB 352ms
350ms Stylesheet
text/css 103.221.221.61
AZDIGI-AS-VN AZDI...

General

Check archive.org

Show headers Download Go to

Full URL: https://vannomroblox1.com/template/cute-alert/style.css
Requested by: Host: vannomroblox1.com
URL: https://vannomroblox1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.221.221.61 Ho Chi Minh City, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: cccef55ef7bf38bf8d0cf226e6e3c3bec27f9b1cc78476b6ace3d60bd93e84ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vannomroblox1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:13:26 GMT
content-encoding: br
last-modified: Sat, 07 Aug 2021 04:26:10 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1280
expires: Sat, 20 May 2023 03:13:26 GMT

GET
H2 200 style.css
vannomroblox1.com/ 12 KB
3 KB 353ms
351ms Stylesheet
text/css 103.221.221.61
AZDIGI-AS-VN AZDI...

General

Check archive.org

Show headers Download Go to

Full URL: https://vannomroblox1.com/style.css
Requested by: Host: vannomroblox1.com
URL: https://vannomroblox1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.221.221.61 Ho Chi Minh City, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 38cdd8374f3dab605c85e9a5da2373f37bc5f535c1f994b4bebcbe945824bf45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vannomroblox1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:13:26 GMT
content-encoding: br
last-modified: Tue, 09 May 2023 19:51:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2833
expires: Sat, 20 May 2023 03:13:26 GMT

GET
H3 200 logo_dark6Z9.png
vannomroblox1.com/assets/storage/theme/ 382 KB
382 KB 192ms
191ms Image
image/png 103.221.221.61
AZDIGI-AS-VN AZDI...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vannomroblox1.com/assets/storage/theme/logo_dark6Z9.png
Requested by: Host: vannomroblox1.com
URL: https://vannomroblox1.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.221.221.61 Ho Chi Minh City, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: df08c2f30f0fcded1ddcccf039b78c4dae59391bb5848f4198e9f0d956a8d678

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vannomroblox1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:13:27 GMT
last-modified: Sat, 15 Apr 2023 18:45:52 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 391093
expires: Sat, 20 May 2023 03:13:27 GMT

GET
H2 429 BkNBMKj.png
i.imgur.com/ 0
250 B 46ms
7ms Image
text/plain 146.75.116.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/BkNBMKj.png

Requested by

Host: vannomroblox1.com
URL: https://vannomroblox1.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vannomroblox1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cache-hits: 0
date: Sat, 13 May 2023 03:13:27 GMT
strict-transport-security: max-age=300
server: cat factory 1.0
x-timer: S1683947607.291434,VS0,VE0
x-cache: MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-fra-eddf8230038-FRA

GET
H2 429 t5VHNAh.gif
i.imgur.com/ 0
61 B 46ms
7ms Image
text/plain 146.75.116.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/t5VHNAh.gif

Requested by

Host: vannomroblox1.com
URL: https://vannomroblox1.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vannomroblox1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cache-hits: 0
date: Sat, 13 May 2023 03:13:27 GMT
strict-transport-security: max-age=300
server: cat factory 1.0
x-timer: S1683947607.291429,VS0,VE0
x-cache: MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-fra-eddf8230038-FRA

GET
H3 200 btnMuaNgay.png
vannomroblox1.com/assets/img/ 24 KB
24 KB 230ms
230ms Image
image/png 103.221.221.61
AZDIGI-AS-VN AZDI...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vannomroblox1.com/assets/img/btnMuaNgay.png
Requested by: Host: vannomroblox1.com
URL: https://vannomroblox1.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.221.221.61 Ho Chi Minh City, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 2fe3c96eda683527ebd3cacc729e5a0576ec8a454ecb0185a17f5f9e807f1c7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vannomroblox1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:13:27 GMT
last-modified: Tue, 09 May 2023 18:42:01 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 24381
expires: Sat, 20 May 2023 03:13:27 GMT

GET
H3 200 footer.js Show response
vannomroblox1.com/template/theme/assets/frontend/js/ 1 KB
579 B 184ms
183ms Script
application/javascript 103.221.221.61
AZDIGI-AS-VN AZDI...

General

Check archive.org

Show headers Download Go to

Full URL: https://vannomroblox1.com/template/theme/assets/frontend/js/footer.js
Requested by: Host: vannomroblox1.com
URL: https://vannomroblox1.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.221.221.61 Ho Chi Minh City, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: fb28c76cb5f82cad6884749c775459e5511b6f210b79691e311f06b5d60c0536

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vannomroblox1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:13:27 GMT
content-encoding: br
last-modified: Sat, 07 Aug 2021 04:26:10 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 306
expires: Sat, 20 May 2023 03:13:27 GMT

GET
H2 200 clipboard.min.js Show response
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.6/ 10 KB
3 KB 22ms
21ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.6/clipboard.min.js

Requested by

Host: vannomroblox1.com
URL: https://vannomroblox1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vannomroblox1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 384989
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2953
last-modified: Mon, 04 May 2020 16:09:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e29-28d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rB2aIUJaM%2FNNpMsvVY%2FVbN5ngJRHge8iua2wqWs1riNlmejaQ3G1%2BIVKFVU9EVha1Ge1t8PuU7ihaXmyqsXJ9HpWubg2iro2fJiUkN7CD1a9dy4Pl1rFjihrTocbpoSd1yFteBjpf%2F3%2BwCn4DosYp%2B4M"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c67b9c0c99c39e5-FRA
expires: Thu, 02 May 2024 03:13:27 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/vi_VN/ 3 KB
2 KB 36ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk.js

Requested by

Host: vannomroblox1.com
URL: https://vannomroblox1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f8254315c0dc045a5352c3af44bc30bf208cee25fff5f77df3556039fa17c589

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://vannomroblox1.com/
Origin: https://vannomroblox1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 May 2023 03:13:27 GMT
content-md5: 6qXSChy+HhjkdBQtNZbOPA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1689
x-fb-rlafr: 0
x-fb-debug: 1aJAQ69cpA8AlTuqXUQqMSgcSFJABXd43D/t0jC0NvfFZp8/qErb56AtVsgqTVTPHhuW1JlU/WWmraM926cWiQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: b81f4027cc4b5605eafd924692f4d58b
cross-origin-opener-policy: same-origin-allow-popups
etag: "ecc10fa46c190eca74b79b0c2d5a0676"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=()
x-frame-options: DENY
timing-allow-origin: *
expires: Sat, 13 May 2023 03:25:38 GMT

GET
H3 200 icon-call.png
vannomroblox1.com/assets/img/ 952 B
995 B 231ms
231ms Image
image/png 103.221.221.61
AZDIGI-AS-VN AZDI...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vannomroblox1.com/assets/img/icon-call.png
Requested by: Host: vannomroblox1.com
URL: https://vannomroblox1.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.221.221.61 Ho Chi Minh City, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 6c3669b8e2c8d60c9eb6b00acf6b79c7fa2d976ed3cb7ead7f4de59fbfd52fba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vannomroblox1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:13:27 GMT
last-modified: Fri, 22 Oct 2021 09:24:02 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 952
expires: Sat, 20 May 2023 03:13:27 GMT

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
880 B 49ms
49ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700&display=swap

Requested by

Host: vannomroblox1.com
URL: https://vannomroblox1.com/template/cute-alert/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1888959b5858af3cd658a6aa00118d4db9656ee9d2dec1eb0d0bc68a6c4cc670

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vannomroblox1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 May 2023 03:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 May 2023 03:02:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 May 2023 03:13:27 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
571 B 48ms
48ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Dosis:wght@800&display=swap

Requested by

Host: vannomroblox1.com
URL: https://vannomroblox1.com/template/cute-alert/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5281a845613cc8c45c4b9b30bdbba014d15a0de647b3614d959a4efb0a7ef8cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vannomroblox1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 May 2023 03:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 May 2023 03:13:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 May 2023 03:13:27 GMT

GET
H2 200 AlKUT2mnkdw Show response
www.youtube.com/embed/ Frame 9588 76 KB
33 KB 209ms
105ms Document
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/AlKUT2mnkdw

Requested by

Host: vannomroblox1.com
URL: https://vannomroblox1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ed174896be1adfcfb1e6fe2d496e5eb93b919dd7040fffc70eb40752e281058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vannomroblox1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 03:13:27 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 1 MB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0051450681db3b95e46324faa4aaf2fe9288b8d6db121f35f90bae55d5418a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H3 200 backgroundNZQ.png
vannomroblox1.com/assets/storage/theme/ 815 KB
815 KB 287ms
286ms Image
image/png 103.221.221.61
AZDIGI-AS-VN AZDI...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vannomroblox1.com/assets/storage/theme/backgroundNZQ.png
Requested by: Host: vannomroblox1.com
URL: https://vannomroblox1.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.221.221.61 Ho Chi Minh City, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 3509f9908863ea87e9597f0d16dc6e78ede422c16c6feeb813fedf11bb3a205f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vannomroblox1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:13:27 GMT
last-modified: Tue, 02 May 2023 20:01:30 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 834435
expires: Sat, 20 May 2023 03:13:27 GMT

GET
H2 200 sparkling.gif
static.nulled.to/public/assets/ 22 KB
22 KB 59ms
16ms Image
image/gif 2606:4700:20::ac43:4911
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.nulled.to/public/assets/sparkling.gif

Requested by

Host: vannomroblox1.com
URL: https://vannomroblox1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4911 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d053beda954a4ecaef2c6aea4c68aa7a524d8c79056f68ec44c96636a1fe18f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vannomroblox1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:13:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 36884
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22261
cf-bgj: imgq:85,h2pri
last-modified: Tue, 07 Jun 2016 18:17:36 GMT
server: cloudflare
etag: "57570fc0-56f5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6afbQfa4zQu9QItUQ4jOzyfi16Or7NWc9PH2LkVCBye3TVVuZZ3lH%2FC3I2f8%2B04IbXjjTxgbMOIXIXnClwf4Eh11rqXLI24Vx4qNE%2BKoKU5c9ToZ2MfqLyUfYUZW31o9EWVhs%2Bg6F2QaNZrYl2Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7c67b9c22f0e5c20-FRA

GET
H2 200 animated-text-fill.png
i.ibb.co/RDTnNrT/ 5 KB
5 KB 157ms
18ms Image
image/png 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/RDTnNrT/animated-text-fill.png
Requested by: Host: vannomroblox1.com
URL: https://vannomroblox1.com/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: 69899b3221e58ef971887b231c932f3123ea9c051cbb64982642d68c58570d11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vannomroblox1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:13:27 GMT
last-modified: Thu, 18 Mar 2021 22:11:08 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 5032
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 146ms
48ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&family=Roboto:wght@900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vannomroblox1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 17:47:46 GMT
x-content-type-options: nosniff
age: 552341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15660
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 17:47:46 GMT

GET
H2 200 boxicons.woff2
unpkg.com/boxicons@2.0.7/fonts/ 91 KB
91 KB 31ms
15ms Font
font/woff2 2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/boxicons@2.0.7/fonts/boxicons.woff2

Requested by

Host: unpkg.com
URL: https://unpkg.com/boxicons@2.0.7/css/boxicons.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43193176ef77030ad34673f96fad80aebc860b2a8b11418e3cc9170688d7ff35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://unpkg.com/boxicons@2.0.7/css/boxicons.min.css
Origin: https://vannomroblox1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:13:27 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 8724545
content-length: 93260
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GR5H6NQYQ9N7FC8AYZNA5B5J-fra
server: cloudflare
etag: "16c4c-pVld0x4LunUHF9iDN+x/LvuPssw"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c67b9c20ea33a73-FRA

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
16 KB 135ms
38ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&family=Roboto:wght@900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vannomroblox1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 23:01:51 GMT
x-content-type-options: nosniff
age: 533496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 23:01:51 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCsYb8td.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 5 KB
6 KB 189ms
94ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCsYb8td.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&family=Roboto:wght@900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf3fbb19e9654fa5727bc1312cd4b8bd54d23adb70168da4315cead4666f7dc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vannomroblox1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 14:38:14 GMT
x-content-type-options: nosniff
age: 563713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5564
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:11:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 14:38:14 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCoYb8td.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 11 KB
12 KB 175ms
81ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCoYb8td.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&family=Roboto:wght@900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7eaf0683081d1ec178eafefff2c407475fe4e69e0d7104e0121f72dcdd1c4d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vannomroblox1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 08:15:15 GMT
x-content-type-options: nosniff
age: 586692
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11760
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:07:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 08:15:15 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-1927DRs5.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 6 KB
6 KB 177ms
91ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-1927DRs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&family=Roboto:wght@900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a443599b665cfcd9a13fc46056624c65f518c06ee47925c4a940c58164b1b799

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vannomroblox1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 18:10:43 GMT
x-content-type-options: nosniff
age: 550964
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5696
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 18:10:43 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/cfa9e7cb/ Frame 9588 405 KB
48 KB 39ms
38ms Stylesheet
text/css 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/cfa9e7cb/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/AlKUT2mnkdw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eccf57b62dbae261e99c42c11f1d643aa66362fc72a0696be044a75466ba5202

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/AlKUT2mnkdw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 02:24:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2938
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48645
x-xss-protection: 0
last-modified: Wed, 10 May 2023 01:29:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 12 May 2024 02:24:29 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/cfa9e7cb/www-embed-player.vflset/ Frame 9588 338 KB
95 KB 61ms
59ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/cfa9e7cb/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/AlKUT2mnkdw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48a391f29bc14459aa881d701beed00820c0b7ef72aa0a85fc08d6e21d169ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/AlKUT2mnkdw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 22:36:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16644
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97217
x-xss-protection: 0
last-modified: Wed, 10 May 2023 01:29:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 11 May 2024 22:36:03 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/cfa9e7cb/player_ias.vflset/de_DE/ Frame 9588 2 MB
733 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/cfa9e7cb/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/AlKUT2mnkdw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4eb5fefb8416c598f01847e5b53605cc6d3ffb3784067dba4185954a19ef2fe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/AlKUT2mnkdw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 15:52:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213646
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750263
x-xss-protection: 0
last-modified: Wed, 10 May 2023 01:29:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 09 May 2024 15:52:41 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/cfa9e7cb/fetch-polyfill.vflset/ Frame 9588 9 KB
3 KB 102ms
101ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/cfa9e7cb/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/AlKUT2mnkdw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/AlKUT2mnkdw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 02:35:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2277
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2604
x-xss-protection: 0
last-modified: Wed, 10 May 2023 01:29:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 12 May 2024 02:35:30 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/vi_VN/ 306 KB
87 KB 9ms
7ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk.js?hash=109f151691d173f3304e44a69c659a85

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a399925d7da5b7db7c9dfe4eef63bb4325b754ebf2ef540394c92795f9dce7d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://vannomroblox1.com/
Origin: https://vannomroblox1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 May 2023 03:13:27 GMT
content-md5: WyEZOemoC0UXq/05Q/9Irw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88758
x-fb-rlafr: 0
x-fb-debug: GPFWPlM20ZHKG5gS1N1JkFNV8oXjCULdoeOSylR9ipOKiTQtvob2TzZUuCV2bF0VA44dm62CwbPyF2Jf8ZTZkw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 2ff444b91880be65e2a74fe35b628a8d
cross-origin-opener-policy: same-origin-allow-popups
etag: "2289d131d089cc78d5e9c339e613f505"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=()
x-frame-options: DENY
timing-allow-origin: *
expires: Sun, 12 May 2024 03:05:38 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9588 15 KB
15 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/AlKUT2mnkdw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 23:28:35 GMT
x-content-type-options: nosniff
age: 531892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 23:28:35 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9588 15 KB
15 KB 46ms
46ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/AlKUT2mnkdw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 17:47:45 GMT
x-content-type-options: nosniff
age: 552342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 17:47:45 GMT

GET
H3 200 loaithe.php Show response
vannomroblox1.com/api/ 260 B
180 B 188ms
184ms XHR
text/html 103.221.221.61
AZDIGI-AS-VN AZDI...

General

Check archive.org

Show headers Download Go to

Full URL: https://vannomroblox1.com/api/loaithe.php
Requested by: Host: vannomroblox1.com
URL: https://vannomroblox1.com/template/theme/assets/frontend/plugins/jquery/jquery-2.1.0.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.221.221.61 Ho Chi Minh City, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software: LiteSpeed / PHP/7.4.33
Resource Hash: 4f003217cd06d6754c2115c527e86589672b4284b51731350a9f38ed5e0c4d25

Request headers

Accept: */*
Referer: https://vannomroblox1.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:13:27 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.4.33
content-length: 123
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H3 200 menhgia.php Show response
vannomroblox1.com/api/ 468 B
122 B 217ms
214ms XHR
text/html 103.221.221.61
AZDIGI-AS-VN AZDI...

General

Check archive.org

Show headers Download Go to

Full URL: https://vannomroblox1.com/api/menhgia.php
Requested by: Host: vannomroblox1.com
URL: https://vannomroblox1.com/template/theme/assets/frontend/plugins/jquery/jquery-2.1.0.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.221.221.61 Ho Chi Minh City, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software: LiteSpeed / PHP/7.4.33
Resource Hash: 2bbbed2725f41f69a200e46abefce03738265ef891ec0f942fa5c403586f8921

Request headers

Accept: */*
Referer: https://vannomroblox1.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:13:27 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.4.33
content-length: 104
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 429 fc70K0M.gif
i.imgur.com/ 0
60 B 18ms
17ms Image
text/plain 146.75.116.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/fc70K0M.gif

Requested by

Host: vannomroblox1.com
URL: https://vannomroblox1.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vannomroblox1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cache-hits: 0
date: Sat, 13 May 2023 03:13:27 GMT
strict-transport-security: max-age=300
server: cat factory 1.0
x-timer: S1683947608.797281,VS0,VE0
x-cache: MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-fra-eddf8230038-FRA

GET
H2 429 MdGX1zl.gif
i.imgur.com/ 0
60 B 20ms
19ms Image
text/plain 146.75.116.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/MdGX1zl.gif

Requested by

Host: vannomroblox1.com
URL: https://vannomroblox1.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vannomroblox1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cache-hits: 0
date: Sat, 13 May 2023 03:13:27 GMT
strict-transport-security: max-age=300
server: cat factory 1.0
x-timer: S1683947608.797370,VS0,VE0
x-cache: MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-fra-eddf8230038-FRA

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 41ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=281459696201789&ev=fb_page_view&dl=https%3A%2F%2Fvannomroblox1.com%2F&rl=&if=false&ts=1683947607900&sw=1600&sh=1200&at=

Requested by

Host: vannomroblox1.com
URL: https://vannomroblox1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vannomroblox1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 13 May 2023 03:13:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 12 KB
12 KB 42ms
41ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&family=Roboto:wght@900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30fa70635379ae1b58491bc41572760c1f3c8445265436a5fec4c36a197e4121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vannomroblox1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 19:40:45 GMT
x-content-type-options: nosniff
age: 113562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11816
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:52:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 May 2024 19:40:45 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 9588
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

55ms
50ms

XHR
application/json

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/AlKUT2mnkdw

Protocol

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad7bfd36456feabd5ed1ecd50535b4b19518f93d56c0b4900060e4e9f3cab750

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 13 May 2023 03:13:28 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 9588 29 B
495 B 168ms
41ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/cfa9e7cb/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:07:07 GMT
x-content-type-options: nosniff
age: 381
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 May 2023 03:22:07 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 151ms
47ms Preflight
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 13 May 2023 03:13:28 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 9588 68 KB
31 KB 57ms
55ms XHR
application/json+protobuf 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/cfa9e7cb/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1038b5e24e2a71307f0d4fb6b87ea661f351c7d28343b2e761eca0c98e97bf1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 13 May 2023 03:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31819
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/cfa9e7cb/player_ias.vflset/de_DE/ Frame 9588 116 KB
33 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/cfa9e7cb/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/cfa9e7cb/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad4781a7a8a0213ffbfda27884eb31924f8f55c52565c6440c2f517d8e32ddbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/AlKUT2mnkdw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 15:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 213646
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33682
x-xss-protection: 0
last-modified: Wed, 10 May 2023 01:29:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 09 May 2024 15:52:42 GMT

GET
H2 200 lnYuOV6CFLlQNBsFrKUp6iqofwcw6ChoCpHRG3e43aU.js Show response
www.google.com/js/th/ Frame 9588 37 KB
15 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/lnYuOV6CFLlQNBsFrKUp6iqofwcw6ChoCpHRG3e43aU.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/cfa9e7cb/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96762e395e8214b950341b05aca529ea2aa87f0730e828680a91d11b77b8dda5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 05:07:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 252337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14590
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 16:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 May 2024 05:07:51 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/AlKUT2mnkdw/ Frame 9588 46 KB
47 KB 159ms
52ms Image
image/jpeg 2a00:1450:4001:82f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/AlKUT2mnkdw/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgZShlMA8=&rs=AOn4CLCn6cydEWEtAXbbfkKMGhzM9zskqw

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/AlKUT2mnkdw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b97f81d430c2df9187bc1ab44955e2a41169bc548acacb0c2349887dec0b469

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:13:28 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47566
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 13 May 2023 05:13:28 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/cfa9e7cb/player_ias.vflset/de_DE/ Frame 9588 29 KB
8 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/cfa9e7cb/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/cfa9e7cb/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

642a400039a41170589c933fd106710a2100d06d2c0d5e8150d21a5d89f30ce8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/AlKUT2mnkdw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 16:37:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 124546
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8308
x-xss-protection: 0
last-modified: Wed, 10 May 2023 01:29:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 10 May 2024 16:37:42 GMT

GET
DATA 200
OK truncated
/ Frame 9588 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AGIKgqO8H2809-NbqmOvYFrgQDzeD3UblsBK3Kwx2UhwaQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 9588 4 KB
4 KB 336ms
213ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AGIKgqO8H2809-NbqmOvYFrgQDzeD3UblsBK3Kwx2UhwaQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/AlKUT2mnkdw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b4522f98ded1501cd057a10331cea3acb32975dfb49091ee129528664f7ef57a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:13:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v3fbc"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3763
x-xss-protection: 0
expires: Sun, 14 May 2023 03:13:28 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9588 12 KB
12 KB 42ms
41ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/AlKUT2mnkdw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 21:30:29 GMT
x-content-type-options: nosniff
age: 538979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11936
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 21:30:29 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9588 5 KB
5 KB 42ms
42ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7WxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/AlKUT2mnkdw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dfa6a82824cf2be6bb8543de6ef56b87daae5dd63f9e68c88f02697f94af740

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 18:04:22 GMT
x-content-type-options: nosniff
age: 551346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5224
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 18:04:22 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 9588 90 B
134 B 51ms
50ms XHR
application/json+protobuf 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/cfa9e7cb/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e53a7476cbe7818ecff02c098a9cf338701c44acc6ae525089af7fac24a8aa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 13 May 2023 03:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 46ms
46ms Preflight
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 13 May 2023 03:13:28 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 9588 4 KB
2 KB 148ms
52ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/cfa9e7cb/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 13 May 2023 03:13:28 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 9588 0
10 B 41ms
40ms Image
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?URi6Qg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/AlKUT2mnkdw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/AlKUT2mnkdw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:13:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/113/ Frame 9588 51 KB
15 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/113/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a54e29a4b1f0cdf4f5cb2e77963987ff5051d96515bf7ee4cf0a17a28756539

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 19:32:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15228
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 15:06:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 13 May 2023 19:32:10 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 9588 28 B
54 B 56ms
54ms XHR
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/cfa9e7cb/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
X-Goog-Request-Time: 1683947610896
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/AlKUT2mnkdw
X-YouTube-Client-Version: 1.20230509.02.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtJSEs3MFpySjBTTSjXgPyiBg%3D%3D
X-YouTube-Ad-Signals: dt=1683947607808&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C768%2C350&vis=1&wgl=true&ca_type=image

Response headers

date: Sat, 13 May 2023 03:13:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sat, 13 May 2023 03:13:30 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
vannomroblox1.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 9a363442ea101d5face9d123e92c0d24
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 4RNpFsKRpJg
.youtube.com/	1970-01-20 16:04:59	Name: VISITOR_INFO1_LIVE Value: IHK70ZrJ0SM

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://vannomroblox1.com/(Line 121) Message: Unrecognized feature: 'web-share'.
network	error	URL: https://i.imgur.com/BkNBMKj.png Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://i.imgur.com/t5VHNAh.gif Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://i.imgur.com/fc70K0M.gif Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://i.imgur.com/MdGX1zl.gif Message: Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.datatables.net
cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ibb.co
i.imgur.com
i.ytimg.com
jnn-pa.googleapis.com
static.doubleclick.net
static.nulled.to
unpkg.com
vannomroblox1.com
www.facebook.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
103.221.221.61
146.75.116.193
162.19.58.157
2606:4700:10::6816:325d
2606:4700:20::ac43:4911
2606:4700::6810:7daf
2606:4700::6811:190e
2a00:1450:4001:803::2006
2a00:1450:4001:806::2003
2a00:1450:4001:810::2004
2a00:1450:4001:828::2001
2a00:1450:4001:828::200a
2a00:1450:4001:82b::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2016
2a00:1450:4001:831::2002
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:400::485
09157ed9222cf4abc019f4bd7632e6883dc6f264a5969d4bc32f1e9bef98651d
0dfa6a82824cf2be6bb8543de6ef56b87daae5dd63f9e68c88f02697f94af740
1038b5e24e2a71307f0d4fb6b87ea661f351c7d28343b2e761eca0c98e97bf1f
13e45351fad327c907ffb74bde12ba43e1c5417b83285f196092921bdb95a59b
1888959b5858af3cd658a6aa00118d4db9656ee9d2dec1eb0d0bc68a6c4cc670
1b97f81d430c2df9187bc1ab44955e2a41169bc548acacb0c2349887dec0b469
1ed174896be1adfcfb1e6fe2d496e5eb93b919dd7040fffc70eb40752e281058
1fc734c80933766675fda9c9a1f867289de58d1e6ddc85621e1a37eb506a22ba
223d601e88c26b2ea17543a5b60c7dbfdf2c6bddd92614af40232e894f34b652
267d7e881bfe440ec22e504a58edd746fce25c67db57d14ee90f1075310f5940
28762ea362d067f6cdfc31442f0255cbf2998d5f388672e6156378ca30f2514b
2944868ff972d8d744004100daa99513d864183764505363d42b9f504d9bfe7a
2a54e29a4b1f0cdf4f5cb2e77963987ff5051d96515bf7ee4cf0a17a28756539
2bbbed2725f41f69a200e46abefce03738265ef891ec0f942fa5c403586f8921
2fe3c96eda683527ebd3cacc729e5a0576ec8a454ecb0185a17f5f9e807f1c7a
30fa70635379ae1b58491bc41572760c1f3c8445265436a5fec4c36a197e4121
3509f9908863ea87e9597f0d16dc6e78ede422c16c6feeb813fedf11bb3a205f
3524aa4da3719b19369f9e2b940c26ab32291bad05e10d84775cac9e7cd9b027
38cdd8374f3dab605c85e9a5da2373f37bc5f535c1f994b4bebcbe945824bf45
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f63164ff0f908bb4162cd5c58bd91e3e5e019a5b3b7caefe3733815b3656514
43193176ef77030ad34673f96fad80aebc860b2a8b11418e3cc9170688d7ff35
48a391f29bc14459aa881d701beed00820c0b7ef72aa0a85fc08d6e21d169ec1
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4eb5fefb8416c598f01847e5b53605cc6d3ffb3784067dba4185954a19ef2fe5
4f003217cd06d6754c2115c527e86589672b4284b51731350a9f38ed5e0c4d25
5281a845613cc8c45c4b9b30bdbba014d15a0de647b3614d959a4efb0a7ef8cb
57b0cece766a47beabbf2d2da5ae6d6b75e108aa5669555e38123bd9f1d701e8
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
612553e6a88fa4e0196ef0c81f332c75ce887d471b1dd0abe2c3bd05ce861353
642a400039a41170589c933fd106710a2100d06d2c0d5e8150d21a5d89f30ce8
67443c3e2b3a31a2d1039888e7e35979079e927a96d6c95ed3a947facc024d6b
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
69899b3221e58ef971887b231c932f3123ea9c051cbb64982642d68c58570d11
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6c3669b8e2c8d60c9eb6b00acf6b79c7fa2d976ed3cb7ead7f4de59fbfd52fba
74a3618917464f013f372535184ef9ccf3a119aa6a20c4696b2770644ff81c45
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e53a7476cbe7818ecff02c098a9cf338701c44acc6ae525089af7fac24a8aa4
874cad10027313f3620a770d4a338369833ed5b3913f0793cb8500361b19e6ea
8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2
8c85869906d27589ef9f4af9c7b4e50e7303835e929df4c0b03656f7b0441a18
96762e395e8214b950341b05aca529ea2aa87f0730e828680a91d11b77b8dda5
a399925d7da5b7db7c9dfe4eef63bb4325b754ebf2ef540394c92795f9dce7d6
a443599b665cfcd9a13fc46056624c65f518c06ee47925c4a940c58164b1b799
ad4781a7a8a0213ffbfda27884eb31924f8f55c52565c6440c2f517d8e32ddbf
ad7bfd36456feabd5ed1ecd50535b4b19518f93d56c0b4900060e4e9f3cab750
ae1b952722e8297601f246c542205e30d25321b73153e0bd88f0a694e592f593
b4522f98ded1501cd057a10331cea3acb32975dfb49091ee129528664f7ef57a
b7eaf0683081d1ec178eafefff2c407475fe4e69e0d7104e0121f72dcdd1c4d2
b955b705ef904090085a1ca2739f4a2ebc579d52b37d9cde995af996732828aa
be000dd9f3dde05e61469d7846067b1c346fb9953024b70cbf8ab66fadfc57f8
bf3fbb19e9654fa5727bc1312cd4b8bd54d23adb70168da4315cead4666f7dc8
cccef55ef7bf38bf8d0cf226e6e3c3bec27f9b1cc78476b6ace3d60bd93e84ce
d053beda954a4ecaef2c6aea4c68aa7a524d8c79056f68ec44c96636a1fe18f5
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
df08c2f30f0fcded1ddcccf039b78c4dae59391bb5848f4198e9f0d956a8d678
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e938ccaf6d664fa5663d08d918ef5be0c049b5794fa469c91ed9afee32399c51
eccf57b62dbae261e99c42c11f1d643aa66362fc72a0696be044a75466ba5202
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f0051450681db3b95e46324faa4aaf2fe9288b8d6db121f35f90bae55d5418a6
f40b487eeb315e2d23e335dd4b14626459f4836d8e05d9533b805db1cdb3fed6
f8254315c0dc045a5352c3af44bc30bf208cee25fff5f77df3556039fa17c589
fb28c76cb5f82cad6884749c775459e5511b6f210b79691e311f06b5d60c0536

vannomroblox1.com Open in urlscan Pro 103.221.221.61 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

73 Requests

99 %HTTPS

85 %IPv6

17 Domains

20 Subdomains

21 IPs

4 Countries

3874 kBTransfer

8659 kBSize

3 Cookies

1 Outgoing links

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

vannomroblox1.com Open in urlscan Pro
103.221.221.61 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

99 %
HTTPS

85 %
IPv6

17
Domains

20
Subdomains

21
IPs

4
Countries

3874 kB
Transfer

8659 kB
Size

3
Cookies

73 HTTP transactions
2 data transactions