urlscan.io logo urlscan.io
SecurityTrails logo

3kthanhdo.com Open in urlscan Pro
103.92.26.118  Public Scan

Go To Rescan Add Verdict Report
URL: http://3kthanhdo.com/
Submission: On May 26 via api from RO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 6 countries across 10 domains to perform 48 HTTP transactions. The main IP is 103.92.26.118, located in Viet Nam and belongs to TLSOFT-AS-VN 8 Floor, 96-98 Dao Duy Anh, Phu Nhuan, HCMC, VN. The main domain is 3kthanhdo.com.
This is the only time 3kthanhdo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.92.26.118 135915 (TLSOFT-AS...)
18 27.254.153.12 63940 (DRAGONHIS...)
4 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:303... 13335 (CLOUDFLAR...)
3 2001:4de0:ac1... 20446 (HIGHWINDS3)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f01... 32934 (FACEBOOK)
12 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f11... 32934 (FACEBOOK)
48 11
1    103.92.26.118 (Viet Nam)

ASN135915 (TLSOFT-AS-VN 8 Floor, 96-98 Dao Duy Anh, Phu Nhuan, HCMC, VN)
3kthanhdo.com
18    27.254.153.12 (Thailand)

ASN63940 (DRAGONHISPEED-AS-AP dragonhispeed, TH)
3kingdoms.in.th
4    2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
fonts.googleapis.com
3    2606:4700:3038::681f:5a6 (United States)

ASN13335 (CLOUDFLARENET, US)
www.upsieutoc.com
3    2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
3    2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
12    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
18 3kingdoms.in.th 3kthanhdo.com
12 fonts.gstatic.com 3kthanhdo.com
3 fonts.googleapis.com 3kthanhdo.com
3 cdnjs.cloudflare.com 3kthanhdo.com
3 maxcdn.bootstrapcdn.com 3kthanhdo.com
3 www.upsieutoc.com 3kthanhdo.com
2 connect.facebook.net 3kthanhdo.com
connect.facebook.net
1 www.facebook.com connect.facebook.net
1 www.google-analytics.com 3kthanhdo.com
1 ajax.googleapis.com 3kthanhdo.com
1 3kthanhdo.com
48 11

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
Subject Issuer Validity Valid
3kingdoms.in.th
Let's Encrypt Authority X3		 2020-03-19 -
2020-06-17		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-01-02 -
2020-10-09		 9 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2		 2020-01-07 -
2020-10-09		 9 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-05-14 -
2020-08-05		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://3kthanhdo.com/
Frame ID: C2682BCE4CAE02963F5A1542D50EB323
Requests: 48 HTTP requests in this frame

Frame: https://www.facebook.com/v2.11/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Df1bff63ae8625%26domain%3D3kthanhdo.com%26origin%3Dhttp%253A%252F%252F3kthanhdo.com%252Ff7a9a55f466ce4%26relation%3Dparent.parent&container_width=248&height=305&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fphuongduy747474%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=305
Frame ID: FE08AFB2F3E59A030ECC736E41328FEC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /php\/?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • headers server /Win32|Win64/i
Overall confidence: 100%
Detected patterns
  • script /\/particles(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Overall confidence: 100%
Detected patterns
  • headers server /\b(?:mod_)?DAV\b(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /mod_ssl(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
  • headers server /\b(?:mod_)?DAV\b(?:\/([\d.]+))?/i
  • headers server /mod_ssl(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

48
Requests

98 %
HTTPS

80 %
IPv6

10
Domains

11
Subdomains

11
IPs

6
Countries

3711 kB
Transfer

4310 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • http://connect.facebook.net/en/sdk.js HTTP 307
  • https://connect.facebook.net/en/sdk.js
Request Chain 39
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
3kthanhdo.com/ 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://3kthanhdo.com/
Protocol
HTTP/1.1
Server
103.92.26.118 , Viet Nam, ASN135915 (TLSOFT-AS-VN 8 Floor, 96-98 Dao Duy Anh, Phu Nhuan, HCMC, VN),
Reverse DNS
Software
Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 /
Resource Hash
20b211dfdc1d4e89c69e8cd90c24711b20b254aa61a0bafb79c42c29faaca028

Request headers

Host
3kthanhdo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 26 May 2020 18:36:35 GMT
Server
Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1
Last-Modified
Sat, 23 May 2020 10:44:08 GMT
ETag
"a00000002f3a7-274c-5a64e6ceb6934"
Accept-Ranges
bytes
Content-Length
10060
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html
jane-studio.min.css
3kingdoms.in.th/iyara/assets/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://3kingdoms.in.th/iyara/assets/css/jane-studio.min.css
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.254.153.12 , Thailand, ASN63940 (DRAGONHISPEED-AS-AP dragonhispeed, TH),
Reverse DNS
Software
nginx /
Resource Hash
6d8afc8d632c167a4f0fe684e1071c4baf177cc18e34f3380d3aab9706af4a02

Request headers

Referer
http://3kthanhdo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 26 May 2020 18:36:36 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Feb 2019 08:23:04 GMT
Server
nginx
ETag
W/"5c5d3c68-3a27"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://3kthanhdo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 00:54:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
754909
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 May 2021 00:54:45 GMT
particles.min.js
3kingdoms.in.th/iyara/assets/js/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://3kingdoms.in.th/iyara/assets/js/particles.min.js
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.254.153.12 , Thailand, ASN63940 (DRAGONHISPEED-AS-AP dragonhispeed, TH),
Reverse DNS
Software
nginx /
Resource Hash
faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6

Request headers

Referer
http://3kthanhdo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 26 May 2020 18:36:36 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 May 2018 06:48:51 GMT
Server
nginx
ETag
W/"5aec0253-5b44"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
logo.png
3kingdoms.in.th/iyara/assets/img/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3kingdoms.in.th/iyara/assets/img/logo.png
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.254.153.12 , Thailand, ASN63940 (DRAGONHISPEED-AS-AP dragonhispeed, TH),
Reverse DNS
Software
nginx /
Resource Hash
11bf7783b6b61938651a76323179e6d430be0d783651d88b31f97bbfd2b5b99e

Request headers

Referer
http://3kthanhdo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 26 May 2020 18:36:38 GMT
Last-Modified
Thu, 03 May 2018 17:16:25 GMT
Server
nginx
ETag
"5aeb43e9-1bcc8"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
113864
btn-evn.png
3kingdoms.in.th/iyara/assets/img/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3kingdoms.in.th/iyara/assets/img/btn-evn.png
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.254.153.12 , Thailand, ASN63940 (DRAGONHISPEED-AS-AP dragonhispeed, TH),
Reverse DNS
Software
nginx /
Resource Hash
638fc7d126b057f1caa95b3e1ebf15cf83fabba9960c169b415cc66e486f6f5e

Request headers

Referer
http://3kthanhdo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 26 May 2020 18:36:38 GMT
Last-Modified
Fri, 08 Feb 2019 08:23:23 GMT
Server
nginx
ETag
"5c5d3c7b-fa3f"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
64063
193fef0177e9bd978.jpg
www.upsieutoc.com/images/2020/05/23/ 		559 KB
560 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.upsieutoc.com/images/2020/05/23/193fef0177e9bd978.jpg
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::681f:5a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d349fd6cfd608bef4d1ff3a4cd1dbeb42ed78060a9fb86e3d2d4b6c806d7de5a

Request headers

Referer
http://3kthanhdo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 18:36:38 GMT
cf-cache-status
MISS
last-modified
Sat, 23 May 2020 10:42:52 GMT
server
cloudflare
etag
"5ec8fe2c-8bafc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
59999a4b4b5bdfbf-FRA
content-length
572156
cf-request-id
02f3dec30a0000dfbfa8a29200000001
2baba57ad74c21f61.jpg
www.upsieutoc.com/images/2020/05/23/ 		603 KB
604 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.upsieutoc.com/images/2020/05/23/2baba57ad74c21f61.jpg
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::681f:5a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bd357b2f57e60b26343f07e68c317b6e5c90c31751a68c6be9a6fe0c1d91735

Request headers

Referer
http://3kthanhdo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 18:36:37 GMT
cf-cache-status
MISS
last-modified
Sat, 23 May 2020 10:43:23 GMT
server
cloudflare
etag
"5ec8fe4b-96d9f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
59999a4b4b60dfbf-FRA
content-length
617887
cf-request-id
02f3dec30a0000dfbfa8a2b200000001
310e2007454950025.jpg
www.upsieutoc.com/images/2020/05/23/ 		778 KB
780 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.upsieutoc.com/images/2020/05/23/310e2007454950025.jpg
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::681f:5a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4093e30d564fa3b4662bd1b1f784e5bd51590529936521718696696f06c8a1b3

Request headers

Referer
http://3kthanhdo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 18:36:37 GMT
cf-cache-status
MISS
last-modified
Sat, 23 May 2020 10:43:44 GMT
server
cloudflare
etag
"5ec8fe60-c29a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
59999a4b4b5ddfbf-FRA
content-length
797088
cf-request-id
02f3dec30a0000dfbfa8a2a200000001
post_202005190125382.jpg
3kingdoms.in.th/iyara/upload/product/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3kingdoms.in.th/iyara/upload/product/post_202005190125382.jpg
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.254.153.12 , Thailand, ASN63940 (DRAGONHISPEED-AS-AP dragonhispeed, TH),
Reverse DNS
Software
nginx /
Resource Hash
f16b3e37c86c817c9c7ab4015ffb0d5591208f7265b98bb2c851a426f89c89db

Request headers

Referer
http://3kthanhdo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 26 May 2020 18:36:38 GMT
Last-Modified
Mon, 18 May 2020 18:25:39 GMT
Server
nginx
ETag
"5ec2d323-b1e3"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
45539
janestudio.js
3kingdoms.in.th/iyara/assets/js/ 		1 KB
837 B 		Script
General
Check archive.org
Download Go to
Full URL
https://3kingdoms.in.th/iyara/assets/js/janestudio.js
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.254.153.12 , Thailand, ASN63940 (DRAGONHISPEED-AS-AP dragonhispeed, TH),
Reverse DNS
Software
nginx /
Resource Hash
ef72e95c26175b7afbf41b4d18a4c9a55926e7692203824d55f54892eb4cd2e5

Request headers

Referer
http://3kthanhdo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 26 May 2020 18:36:37 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 May 2018 07:51:41 GMT
Server
nginx
ETag
W/"5aec110d-57d"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
script.js
3kingdoms.in.th/iyara/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://3kingdoms.in.th/iyara/assets/js/script.js
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.254.153.12 , Thailand, ASN63940 (DRAGONHISPEED-AS-AP dragonhispeed, TH),
Reverse DNS
Software
nginx /
Resource Hash
eb5fcd1f7fd25f00cb344fc0d8ecf13cb806fac225532b187f81a4bb406c11ae

Request headers

Referer
http://3kthanhdo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 26 May 2020 18:36:37 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 May 2018 06:51:01 GMT
Server
nginx
ETag
W/"5aec02d5-b15"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://3kthanhdo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 18:36:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:33:51 GMT
status
200
etag
"1544639631"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
9832
jquery.superslides.min.js
cdnjs.cloudflare.com/ajax/libs/superslides/0.6.2/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/superslides/0.6.2/jquery.superslides.min.js
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
049e73b655d259ce96399e5531508982d2a89830553ecb5ab4e180782983219f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
http://3kthanhdo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 18:36:36 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
2816673
status
200
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id
02f3dec2c50000c2810c3da200000001
served-in-seconds
0.000
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:25:41 GMT
server
cloudflare
etag
W/"5afd4a95-1e6f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
59999a4add11c281-FRA
expires
Sun, 16 May 2021 18:36:36 GMT
jquery.timeago.js
3kingdoms.in.th/iyara/assets/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://3kingdoms.in.th/iyara/assets/js/jquery.timeago.js
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.254.153.12 , Thailand, ASN63940 (DRAGONHISPEED-AS-AP dragonhispeed, TH),
Reverse DNS
Software
nginx /
Resource Hash
0f9fb5f575732292d80d624050e21206337ae9b291cf6a19e8d3484b5b1c15ea

Request headers

Referer
http://3kthanhdo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 26 May 2020 18:36:38 GMT
Content-Encoding
gzip
Last-Modified
Sat, 31 Mar 2018 06:36:46 GMT
Server
nginx
ETag
W/"5abf2c7e-1bdb"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
css
fonts.googleapis.com/ 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
83aea4c90fe90bb96a3133a250a36a6ad78fa6fd00f5c3583deb1d62d49794e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://3kthanhdo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 26 May 2020 18:36:36 GMT
server
ESF
date
Tue, 26 May 2020 18:36:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 26 May 2020 18:36:36 GMT
css
fonts.googleapis.com/ 		19 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,300,300italic,400italic,500,500italic,700,700italic
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
07e488fc7ca98a10872edeac01b7baffc4ee033ba9dda67d1de361df52af331b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://3kthanhdo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 26 May 2020 18:36:36 GMT
server
ESF
date
Tue, 26 May 2020 18:36:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 26 May 2020 18:36:36 GMT
css
fonts.googleapis.com/ 		4 KB
634 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Kanit:300,400,500
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cd440a74c313494d95f2103cafd5a775b3969552cbf17ea4f0fef678a6aab101
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://3kthanhdo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 26 May 2020 18:36:36 GMT
server
ESF
date
Tue, 26 May 2020 18:36:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 26 May 2020 18:36:36 GMT
bootstrap.css
3kingdoms.in.th/iyara/assets/css/ 		129 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://3kingdoms.in.th/iyara/assets/css/bootstrap.css
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.254.153.12 , Thailand, ASN63940 (DRAGONHISPEED-AS-AP dragonhispeed, TH),
Reverse DNS
Software
nginx /
Resource Hash
0d3e0cfbb7ece969988a19fd3e55c590134a99965b8314f85d8aa4c32c9b7a4b

Request headers

Referer
http://3kthanhdo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 26 May 2020 18:36:37 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 May 2018 18:01:35 GMT
Server
nginx
ETag
W/"5aec9fff-20256"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://3kthanhdo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 18:36:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
status
200
etag
"1544639720"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
7050
hover.css
cdnjs.cloudflare.com/ajax/libs/hover.css/2.1.0/css/ 		115 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/hover.css/2.1.0/css/hover.css
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0692ae4b8f823e3fb4360a7b0022be181d78f0a4d218f7aac6b41027b10b2114
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
http://3kthanhdo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 18:36:36 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
999025
status
200
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id
02f3debf380000c2810c3a1200000001
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:20:42 GMT
server
cloudflare
etag
W/"5afd496a-1ccb8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
59999a452f39c281-FRA
expires
Sun, 16 May 2021 18:36:36 GMT
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ 		52 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
http://3kthanhdo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 18:36:36 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
9454719
status
200
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id
02f3debf380000c2810c3a2200000001
served-in-seconds
0.002
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:15:36 GMT
server
cloudflare
etag
W/"5afd4838-ce35"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
59999a452f3ec281-FRA
expires
Sun, 16 May 2021 18:36:36 GMT
superslides.min.css
3kingdoms.in.th/iyara/assets/css/ 		1000 B
858 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://3kingdoms.in.th/iyara/assets/css/superslides.min.css
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.254.153.12 , Thailand, ASN63940 (DRAGONHISPEED-AS-AP dragonhispeed, TH),
Reverse DNS
Software
nginx /
Resource Hash
bdb4d9d66f822b4cefb654a4a3f225bd9e3e95d7de49980cee517107b56eeccc

Request headers

Referer
http://3kthanhdo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 26 May 2020 18:36:37 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 May 2018 17:31:40 GMT
Server
nginx
ETag
"3e8-56b64b15b3700-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
X-Accel-Version
0.01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
537
sdk.js
connect.facebook.net/en/
Redirect Chain
  • http://connect.facebook.net/en/sdk.js
  • https://connect.facebook.net/en/sdk.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en/sdk.js
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
974f7c0b70d18eac5ea6c1850173703c4d8afb7ffe95d3355027b5123c9816b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://3kthanhdo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
+vocz6SYGDChpJBCzwzu6Q==
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
1781
etag
"5e377aab49e2a416cf3943f66ee1dbb3"
x-fb-debug
+wLajvy+p1ePm9DuU12dZ7EtlT/4sb0TdehZTqSAJt9WuJ72oFMzNaW90TeGce+TzepPNkLAgChJTe4Lki2M0Q==
x-fb-trip-id
664085054
x-fb-content-md5
404f0a4111d18d0e858d4d81bc5539e3
x-frame-options
DENY
date
Tue, 26 May 2020 18:36:37 GMT, Tue, 26 May 2020 18:36:37 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 26 May 2020 18:45:16 GMT

Redirect headers

Location
https://connect.facebook.net/en/sdk.js#xfbml=1&version=v2.11
Non-Authoritative-Reason
HSTS
bg.jpg
3kingdoms.in.th/iyara/assets/img/ 		684 KB
684 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3kingdoms.in.th/iyara/assets/img/bg.jpg
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.254.153.12 , Thailand, ASN63940 (DRAGONHISPEED-AS-AP dragonhispeed, TH),
Reverse DNS
Software
nginx /
Resource Hash
7a738332e60221ec7509dfd300425408decbd46dd04d4f3398cde15743044bb3

Request headers

Referer
https://3kingdoms.in.th/iyara/assets/css/jane-studio.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 26 May 2020 18:36:38 GMT
Last-Modified
Thu, 03 May 2018 20:36:47 GMT
Server
nginx
ETag
"5aeb72df-aae02"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
699906
jane-studio.min.css
3kingdoms.in.th/iyara/assets/css/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3kingdoms.in.th/iyara/assets/css/jane-studio.min.css
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.254.153.12 , Thailand, ASN63940 (DRAGONHISPEED-AS-AP dragonhispeed, TH),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://3kingdoms.in.th/iyara/assets/css/jane-studio.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 26 May 2020 18:36:38 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Feb 2019 08:23:04 GMT
Server
nginx
ETag
W/"5c5d3c68-3a27"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
blackbg_09.png
3kingdoms.in.th/iyara/assets/img/ 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3kingdoms.in.th/iyara/assets/img/blackbg_09.png
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.254.153.12 , Thailand, ASN63940 (DRAGONHISPEED-AS-AP dragonhispeed, TH),
Reverse DNS
Software
nginx /
Resource Hash
9389ef0204905115fc345eacc1e2fae418045eb7d71772408d1a00f7945355ec

Request headers

Referer
https://3kingdoms.in.th/iyara/assets/css/jane-studio.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 26 May 2020 18:36:38 GMT
Last-Modified
Tue, 13 Mar 2018 10:08:26 GMT
Server
nginx
ETag
"5aa7a31a-19b96"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
105366
spector.png
3kingdoms.in.th/iyara/assets/img/ 		230 KB
231 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3kingdoms.in.th/iyara/assets/img/spector.png
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.254.153.12 , Thailand, ASN63940 (DRAGONHISPEED-AS-AP dragonhispeed, TH),
Reverse DNS
Software
nginx /
Resource Hash
4c893cc99d8d2d270eb74956113337d0570b61bd79489f27d4bb42110ff3785d

Request headers

Referer
https://3kingdoms.in.th/iyara/assets/css/jane-studio.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 26 May 2020 18:36:38 GMT
Last-Modified
Thu, 03 May 2018 16:57:43 GMT
Server
nginx
ETag
"5aeb3f87-3991a"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
235802
quickLinksleftImg.png
3kingdoms.in.th/iyara/assets/img/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3kingdoms.in.th/iyara/assets/img/quickLinksleftImg.png
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.254.153.12 , Thailand, ASN63940 (DRAGONHISPEED-AS-AP dragonhispeed, TH),
Reverse DNS
Software
nginx /
Resource Hash
e1c7c77efa1136b09f49bd993f1c33a06bebde8116fe626b98c13ea72507e5cb

Request headers

Referer
https://3kingdoms.in.th/iyara/assets/css/jane-studio.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 26 May 2020 18:36:38 GMT
Last-Modified
Fri, 04 May 2018 07:35:36 GMT
Server
nginx
ETag
"5aec0d48-a0ce"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
41166
btn-updatesv.png
3kingdoms.in.th/iyara/assets/img/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3kingdoms.in.th/iyara/assets/img/btn-updatesv.png
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.254.153.12 , Thailand, ASN63940 (DRAGONHISPEED-AS-AP dragonhispeed, TH),
Reverse DNS
Software
nginx /
Resource Hash
ad3168cc21e49ca7dc45fe07240156c5a1f423d5cb1e5c94a80a32d9484dba12

Request headers

Referer
https://3kingdoms.in.th/iyara/assets/css/jane-studio.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 26 May 2020 18:36:40 GMT
Last-Modified
Fri, 04 May 2018 10:26:04 GMT
Server
nginx
ETag
"5aec353c-cb8e"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
52110
bg-marquee.png
3kingdoms.in.th/iyara/assets/img/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3kingdoms.in.th/iyara/assets/img/bg-marquee.png
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.254.153.12 , Thailand, ASN63940 (DRAGONHISPEED-AS-AP dragonhispeed, TH),
Reverse DNS
Software
nginx /
Resource Hash
e856eec31cce8c9198bf8305941d17da1657aa2ad472116b88d546ba83f97b30

Request headers

Referer
https://3kingdoms.in.th/iyara/assets/css/jane-studio.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 26 May 2020 18:36:38 GMT
Last-Modified
Fri, 04 May 2018 11:19:56 GMT
Server
nginx
ETag
"5aec41dc-4d88"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19848
footer_logo.png
3kingdoms.in.th/iyara/assets/img/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3kingdoms.in.th/iyara/assets/img/footer_logo.png
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.254.153.12 , Thailand, ASN63940 (DRAGONHISPEED-AS-AP dragonhispeed, TH),
Reverse DNS
Software
nginx /
Resource Hash
36b8a6ac87ef56ac467a327fb027ef1de2ba4b96635ba87c1465a7c6b11b8266

Request headers

Referer
https://3kingdoms.in.th/iyara/assets/css/jane-studio.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 26 May 2020 18:36:39 GMT
Last-Modified
Fri, 04 May 2018 09:17:00 GMT
Server
nginx
ETag
"5aec250c-cc6b"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
52331
pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e07f937be00bbef113152fa46b2b2d5df97f405b152881c96e1c5069d8f405d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Origin
http://3kthanhdo.com

Response headers

date
Wed, 20 May 2020 05:40:33 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Oct 2019 21:22:14 GMT
server
sffe
age
564963
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7960
x-xss-protection
0
expires
Thu, 20 May 2021 05:40:33 GMT
pxiByp8kv8JHgFVrLDz8Z1JlFd2JQEl8qw.woff2
fonts.gstatic.com/s/poppins/v9/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLDz8Z1JlFd2JQEl8qw.woff2
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
342cc36507262aa83a2171825250a3c6b65a3c4b5f167ebfd398d35672b190b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Origin
http://3kthanhdo.com

Response headers

date
Tue, 19 May 2020 02:21:43 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Oct 2019 21:22:17 GMT
server
sffe
age
663293
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5248
x-xss-protection
0
expires
Wed, 19 May 2021 02:21:43 GMT
pxiByp8kv8JHgFVrLDz8Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLDz8Z1xlFd2JQEk.woff2
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0fe2aa289162af5650c4a5ad04948ed0872b83982060632f75b9dbd8520d2c8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Origin
http://3kthanhdo.com

Response headers

date
Fri, 22 May 2020 18:25:26 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Oct 2019 21:22:10 GMT
server
sffe
age
346270
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7988
x-xss-protection
0
expires
Sat, 22 May 2021 18:25:26 GMT
pxiByp8kv8JHgFVrLDD4Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLDD4Z1xlFd2JQEk.woff2
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a24ab5427bc8200b32e36656be5d10a4698cd2f5b2f0f49336b8b2cbb50053ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Origin
http://3kthanhdo.com

Response headers

date
Wed, 20 May 2020 07:24:10 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Oct 2019 21:22:18 GMT
server
sffe
age
558746
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7944
x-xss-protection
0
expires
Thu, 20 May 2021 07:24:10 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
http://3kthanhdo.com

Response headers

date
Tue, 26 May 2020 18:36:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:36:18 GMT
status
200
etag
"1544639778"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
77171
pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Origin
http://3kthanhdo.com

Response headers

date
Sun, 17 May 2020 09:40:01 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Oct 2019 21:22:13 GMT
server
sffe
age
809795
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7836
x-xss-protection
0
expires
Mon, 17 May 2021 09:40:01 GMT
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v9/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v9/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Origin
http://3kthanhdo.com

Response headers

date
Tue, 19 May 2020 04:07:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Oct 2019 21:22:04 GMT
server
sffe
age
656931
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7968
x-xss-protection
0
expires
Wed, 19 May 2021 04:07:45 GMT
pxiByp8kv8JHgFVrLGT9Z1JlFd2JQEl8qw.woff2
fonts.gstatic.com/s/poppins/v9/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLGT9Z1JlFd2JQEl8qw.woff2
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c084a5c5e560bb4f34abe575e4b51a5cbd80aa66654f8bcb002188907bf1ae1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Origin
http://3kthanhdo.com

Response headers

date
Sun, 17 May 2020 09:32:13 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Oct 2019 21:22:15 GMT
server
sffe
age
810263
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5240
x-xss-protection
0
expires
Mon, 17 May 2021 09:32:13 GMT
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://3kthanhdo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
7082
date
Tue, 26 May 2020 16:38:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Tue, 26 May 2020 18:38:35 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
nKKU-Go6G5tXcr4-ORWpVaFrNlJzIu4.woff2
fonts.gstatic.com/s/kanit/v5/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kanit/v5/nKKU-Go6G5tXcr4-ORWpVaFrNlJzIu4.woff2
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
373094768feb7c18edee893a43c31edad0de3755b4d39928cdf861d2baf0a966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Kanit:300,400,500
Origin
http://3kthanhdo.com

Response headers

date
Wed, 20 May 2020 10:58:17 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:59:21 GMT
server
sffe
age
545900
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9212
x-xss-protection
0
expires
Thu, 20 May 2021 10:58:17 GMT
nKKU-Go6G5tXcr5mOBWpVaFrNlJzIu4.woff2
fonts.gstatic.com/s/kanit/v5/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kanit/v5/nKKU-Go6G5tXcr5mOBWpVaFrNlJzIu4.woff2
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7a44c5212ec835598056026a0308b1f70e9a99bf48c4aef0b2f9a12c8ef1925
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Kanit:300,400,500
Origin
http://3kthanhdo.com

Response headers

date
Tue, 19 May 2020 04:07:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:57:27 GMT
server
sffe
age
656921
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9116
x-xss-protection
0
expires
Wed, 19 May 2021 04:07:56 GMT
nKKU-Go6G5tXcr4-ORWoVaFrNlJzIu4.woff2
fonts.gstatic.com/s/kanit/v5/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kanit/v5/nKKU-Go6G5tXcr4-ORWoVaFrNlJzIu4.woff2
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a37df5a58e02444dd6f0d712fa9ecbd0c3b3869b5b81cc59bbdb294f6e49936
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Kanit:300,400,500
Origin
http://3kthanhdo.com

Response headers

date
Wed, 20 May 2020 17:23:26 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:59:22 GMT
server
sffe
age
522791
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3664
x-xss-protection
0
expires
Thu, 20 May 2021 17:23:26 GMT
nKKU-Go6G5tXcr5mOBWoVaFrNlJzIu4.woff2
fonts.gstatic.com/s/kanit/v5/ 		3 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kanit/v5/nKKU-Go6G5tXcr5mOBWoVaFrNlJzIu4.woff2
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e795623db9bde4aafcba705da958a6a6271c4ad50133e28f573568f8e445dd14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Kanit:300,400,500
Origin
http://3kthanhdo.com

Response headers

date
Sat, 16 May 2020 16:37:21 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:57:26 GMT
server
sffe
age
871156
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3488
x-xss-protection
0
expires
Sun, 16 May 2021 16:37:21 GMT
sdk.js
connect.facebook.net/en_US/ 		197 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=1b30459a7c0549a92c8071755e6a3335&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
42727745b264da0c28c4d56b7f67f3d7296cbaec93c462a41644b887a713302d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://3kthanhdo.com/
Origin
http://3kthanhdo.com

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
0uGIgpbbR9GzF2rWzzv6vw==
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
60902
etag
"506908713e0c8d858e1473cfec760711"
x-fb-debug
OipfVunILG4Xde2jSPAzSAhu8GYQ35c9hsIwGFvN5kDgfe9ngshwcISRT2Gin/J3OuDLDDPnW9s0zjzk1xvdtQ==
x-fb-trip-id
664085054
x-fb-content-md5
926a66615a9ae5809c70f5ef06dfc264
x-frame-options
DENY
date
Tue, 26 May 2020 18:36:37 GMT, Tue, 26 May 2020 18:36:37 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Wed, 26 May 2021 17:56:20 GMT
page.php
www.facebook.com/v2.11/plugins/ Frame FE08 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.11/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Df1bff63ae8625%26domain%3D3kthanhdo.com%26origin%3Dhttp%253A%252F%252F3kthanhdo.com%252Ff7a9a55f466ce4%26relation%3Dparent.parent&container_width=248&height=305&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fphuongduy747474%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=305
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=1b30459a7c0549a92c8071755e6a3335&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v2.11/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Df1bff63ae8625%26domain%3D3kthanhdo.com%26origin%3Dhttp%253A%252F%252F3kthanhdo.com%252Ff7a9a55f466ce4%26relation%3Dparent.parent&container_width=248&height=305&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fphuongduy747474%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=305
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://3kthanhdo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://3kthanhdo.com/

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary
Accept-Encoding
x-content-type-options
nosniff
facebook-api-version
v3.0
x-xss-protection
0
content-type
text/html; charset="utf-8"
x-fb-debug
ScCFedv+BIQfVt5IdawIAozYMmOc2Q89tJ6lBoKxWb4Dc2c8VG3/qZ1xPayxKtPEru4FGLf3e5uvNGW7udYmxw==
date
Tue, 26 May 2020 18:36:37 GMT Tue, 26 May 2020 18:36:37 GMT
alt-svc
h3-27=":443"; ma=3600
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
nKKU-Go6G5tXcr4-ORWzVaFrNlJzIu4.woff2
fonts.gstatic.com/s/kanit/v5/ 		6 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kanit/v5/nKKU-Go6G5tXcr4-ORWzVaFrNlJzIu4.woff2
Requested by
Host: 3kthanhdo.com
URL: http://3kthanhdo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70d9738805ac4cd90648d80b6c09275ff54e69a9cce8667a7701a4392b4fce4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Kanit:300,400,500
Origin
http://3kthanhdo.com

Response headers

date
Wed, 20 May 2020 02:33:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:59:17 GMT
server
sffe
age
576159
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6548
x-xss-protection
0
expires
Thu, 20 May 2021 02:33:58 GMT

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| hexToRgb function| clamp function| isInArray function| pJS function| requestAnimFrame function| cancelRequestAnimFrame object| pJSDom function| particlesJS string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| FB

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3kingdoms.in.th
3kthanhdo.com
ajax.googleapis.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
www.facebook.com
www.google-analytics.com
www.upsieutoc.com
103.92.26.118
2001:4de0:ac19::1:b:3a
2606:4700:3038::681f:5a6
2606:4700::6810:85e5
27.254.153.12
2a00:1450:4001:801::200e
2a00:1450:4001:809::2003
2a00:1450:4001:815::200a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
049e73b655d259ce96399e5531508982d2a89830553ecb5ab4e180782983219f
0692ae4b8f823e3fb4360a7b0022be181d78f0a4d218f7aac6b41027b10b2114
07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a
07e488fc7ca98a10872edeac01b7baffc4ee033ba9dda67d1de361df52af331b
0d3e0cfbb7ece969988a19fd3e55c590134a99965b8314f85d8aa4c32c9b7a4b
0f9fb5f575732292d80d624050e21206337ae9b291cf6a19e8d3484b5b1c15ea
0fe2aa289162af5650c4a5ad04948ed0872b83982060632f75b9dbd8520d2c8b
11bf7783b6b61938651a76323179e6d430be0d783651d88b31f97bbfd2b5b99e
1a37df5a58e02444dd6f0d712fa9ecbd0c3b3869b5b81cc59bbdb294f6e49936
20b211dfdc1d4e89c69e8cd90c24711b20b254aa61a0bafb79c42c29faaca028
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
342cc36507262aa83a2171825250a3c6b65a3c4b5f167ebfd398d35672b190b0
36b8a6ac87ef56ac467a327fb027ef1de2ba4b96635ba87c1465a7c6b11b8266
373094768feb7c18edee893a43c31edad0de3755b4d39928cdf861d2baf0a966
3bd357b2f57e60b26343f07e68c317b6e5c90c31751a68c6be9a6fe0c1d91735
4093e30d564fa3b4662bd1b1f784e5bd51590529936521718696696f06c8a1b3
42727745b264da0c28c4d56b7f67f3d7296cbaec93c462a41644b887a713302d
4c893cc99d8d2d270eb74956113337d0570b61bd79489f27d4bb42110ff3785d
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5e07f937be00bbef113152fa46b2b2d5df97f405b152881c96e1c5069d8f405d
638fc7d126b057f1caa95b3e1ebf15cf83fabba9960c169b415cc66e486f6f5e
6d8afc8d632c167a4f0fe684e1071c4baf177cc18e34f3380d3aab9706af4a02
70d9738805ac4cd90648d80b6c09275ff54e69a9cce8667a7701a4392b4fce4f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a738332e60221ec7509dfd300425408decbd46dd04d4f3398cde15743044bb3
83aea4c90fe90bb96a3133a250a36a6ad78fa6fd00f5c3583deb1d62d49794e3
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
9389ef0204905115fc345eacc1e2fae418045eb7d71772408d1a00f7945355ec
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
974f7c0b70d18eac5ea6c1850173703c4d8afb7ffe95d3355027b5123c9816b8
a24ab5427bc8200b32e36656be5d10a4698cd2f5b2f0f49336b8b2cbb50053ea
ad3168cc21e49ca7dc45fe07240156c5a1f423d5cb1e5c94a80a32d9484dba12
bdb4d9d66f822b4cefb654a4a3f225bd9e3e95d7de49980cee517107b56eeccc
c084a5c5e560bb4f34abe575e4b51a5cbd80aa66654f8bcb002188907bf1ae1b
cd440a74c313494d95f2103cafd5a775b3969552cbf17ea4f0fef678a6aab101
d349fd6cfd608bef4d1ff3a4cd1dbeb42ed78060a9fb86e3d2d4b6c806d7de5a
d7a44c5212ec835598056026a0308b1f70e9a99bf48c4aef0b2f9a12c8ef1925
e1c7c77efa1136b09f49bd993f1c33a06bebde8116fe626b98c13ea72507e5cb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e795623db9bde4aafcba705da958a6a6271c4ad50133e28f573568f8e445dd14
e856eec31cce8c9198bf8305941d17da1657aa2ad472116b88d546ba83f97b30
eb5fcd1f7fd25f00cb344fc0d8ecf13cb806fac225532b187f81a4bb406c11ae
ef72e95c26175b7afbf41b4d18a4c9a55926e7692203824d55f54892eb4cd2e5
f16b3e37c86c817c9c7ab4015ffb0d5591208f7265b98bb2c851a426f89c89db
fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388
faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6