andresskbs76543.vidublog.com Open in urlscan Pro
2606:4700:3037::6815:36ed  Public Scan

URL: https://andresskbs76543.vidublog.com/
Submission: On November 17 via api from US — Scanned from DE

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3037::6815:36ed, located in United States and belongs to CLOUDFLARENET, US. The main domain is andresskbs76543.vidublog.com.
TLS certificate: Issued by WE1 on November 11th 2024. Valid for: 3 months.
This is the only time andresskbs76543.vidublog.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2606:4700:303... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
1 188.114.97.3 13335 (CLOUDFLAR...)
5 172.217.18.3 15169 (GOOGLE)
2 172.67.169.129 13335 (CLOUDFLAR...)
18 5
Apex Domain
Subdomains
Transfer
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
4 KB
6 vidublog.com
andresskbs76543.vidublog.com
cloud.vidublog.com
300 KB
5 gstatic.com
fonts.gstatic.com
103 KB
1 activosblog.com
activosblog.com — Cisco Umbrella Rank: 487450
675 B
18 4
Domain Requested by
6 fonts.googleapis.com cloud.vidublog.com
5 fonts.gstatic.com fonts.googleapis.com
5 cloud.vidublog.com andresskbs76543.vidublog.com
cloud.vidublog.com
1 activosblog.com cloud.vidublog.com
1 andresskbs76543.vidublog.com
18 5
Subject Issuer Validity Valid
vidublog.com
WE1
2024-11-11 -
2025-02-09
3 months crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
activosblog.com
WE1
2024-11-11 -
2025-02-09
3 months crt.sh
*.gstatic.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh

This page contains 1 frames:

Primary Page: https://andresskbs76543.vidublog.com/
Frame ID: ADE8E289FBA8A040AFA9BAB1DE29343A
Requests: 18 HTTP requests in this frame

Screenshot

Page Title

Kenapa Memilih Nagamas69 Sebagai Situs Slot Gacor Terpercaya? - homepage

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Cart

Page Statistics

18
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

408 kB
Transfer

772 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
andresskbs76543.vidublog.com/
9 KB
4 KB
Document
General
Full URL
https://andresskbs76543.vidublog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:36ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
a489e8a7f5a92913aab6997cb144f82fa6f9253be57ddd78a28d3837a7491d1c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8e401ebbd84cebb2-CDG
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Sun, 17 Nov 2024 13:38:15 GMT
expires
Mon, 27 Jul 2011 07:08:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z9AYxaMHTprsoZKNR347445c%2BTCzvzE0Qpki2vnEI9rxWOG%2FWkAeRFwlnLVw3yV2fOVmGkHLHu7YhZY2qk4vUAo3n72QtiheG5PNm5m%2FG%2BO%2F8kiNHtu5C5ixDmKWX3iTHvWQkMUjlpEelZWkKtxNhd2bPezGJ26%2FVDpp"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=49253&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3930&recv_bytes=2298&delivery_rate=81572&cwnd=60&unsent_bytes=0&cid=08424e1edd1aecda&ts=294&x=0"
x-powered-by
PHP/7.2.34
style.css
cloud.vidublog.com/blog/cdn/
415 KB
60 KB
Stylesheet
General
Full URL
https://cloud.vidublog.com/blog/cdn/style.css
Requested by
Host: andresskbs76543.vidublog.com
URL: https://andresskbs76543.vidublog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:36ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeef451500c970a3c1c7a91ae05d95845edbde1f335372952f645e6418528611

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://andresskbs76543.vidublog.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"5fb3ec95-67a98"
age
5317
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dcDxGVcP6qBmP3tfHTg2bmAj%2BaXolh4wlUkHGlFuCnPTnOe5LD2f7KvA4w86wg8%2FfTWCawGjmhqOKcPkZDPEbZ9X3CPvMIDYvkVPOvZEK0v5tttZTMRvcirSS5Q7ViTkLvdMREPiownFqqxEl2l2u1E%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e401ebdcd84ebb2-CDG
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=48757&sent=15&recv=16&lost=0&retrans=0&sent_bytes=7910&recv_bytes=2445&delivery_rate=160991&cwnd=62&unsent_bytes=0&cid=08424e1edd1aecda&ts=382&x=0"
date
Sun, 17 Nov 2024 13:38:15 GMT
content-type
text/css
last-modified
Tue, 17 Nov 2020 15:30:29 GMT
vary
Accept-Encoding
server
cloudflare
css2
fonts.googleapis.com/
1 KB
995 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Big+Shoulders+Stencil+Text:wght@800&display=swap
Requested by
Host: cloud.vidublog.com
URL: https://cloud.vidublog.com/blog/cdn/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
22edebdac5134540ee9738099511e00aa1710844276029664e1a3d91fffd142b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloud.vidublog.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 17 Nov 2024 13:38:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 13:38:15 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 17 Nov 2024 13:38:15 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/
851 B
483 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Righteous&display=swap
Requested by
Host: cloud.vidublog.com
URL: https://cloud.vidublog.com/blog/cdn/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8997d29b8998b732bd020956635bf933e30283ab01fb1b4bb64ffc0f2b936256
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloud.vidublog.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 17 Nov 2024 13:38:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 13:38:15 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 17 Nov 2024 13:13:10 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/
3 KB
637 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@500;600&display=swap
Requested by
Host: cloud.vidublog.com
URL: https://cloud.vidublog.com/blog/cdn/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3e3dac930e5d121808329269a7aaf7bf320e679c33a79bd1f37e735c5502abcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloud.vidublog.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 17 Nov 2024 13:38:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 13:38:15 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 17 Nov 2024 13:38:15 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/
1 KB
558 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Questrial&display=swap
Requested by
Host: cloud.vidublog.com
URL: https://cloud.vidublog.com/blog/cdn/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
60021c27be6c8375c33c2a6e892c664104724dfabe7d4e35a6f8a655cbdefb8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloud.vidublog.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 17 Nov 2024 13:38:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 13:38:15 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 17 Nov 2024 12:43:41 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/
3 KB
575 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Archivo+Narrow:wght@400;500&display=swap
Requested by
Host: cloud.vidublog.com
URL: https://cloud.vidublog.com/blog/cdn/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c9f16cf6312336ecf85ae43b0194df2e0c908f1a1b4d829bcc99c75215db2098
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloud.vidublog.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 17 Nov 2024 13:38:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 13:38:15 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 17 Nov 2024 13:38:15 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/
2 KB
658 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Exo+2&display=swap
Requested by
Host: cloud.vidublog.com
URL: https://cloud.vidublog.com/blog/cdn/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d08659844eaa0e292b1200a99b7cd2510b40545b4a021aa66d1060f5adf052f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloud.vidublog.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 17 Nov 2024 13:38:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 13:38:15 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 17 Nov 2024 13:24:19 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
img08.jpg
cloud.vidublog.com/blog/images/
117 KB
117 KB
Image
General
Full URL
https://cloud.vidublog.com/blog/images/img08.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:36ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91a598c2d73a826ef9f2c05a4483273a1794e434da332123e3b14c7e2ad93cba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://andresskbs76543.vidublog.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"5fada7ac-1d227"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5i0DZN6fkL6bP6ZBYRye0%2FOZ4A4mn4WERDfDCaIzyJq70nIEI1n4uFMZ7J0e7QxOmxl3olMFVZMUjllymroD04xLBddUbILrQLUNWRnhJKAaTwCW3%2FgJstAUqGvV6qdxGyf3u5%2FteK6EhsuFlVZIQHo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e401ebf8a56ebb2-CDG
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=53176&sent=71&recv=46&lost=0&retrans=0&sent_bytes=70874&recv_bytes=2635&delivery_rate=1078327&cwnd=97&unsent_bytes=0&cid=08424e1edd1aecda&ts=871&x=0"
content-length
119335
date
Sun, 17 Nov 2024 13:38:15 GMT
content-type
image/jpeg
last-modified
Thu, 12 Nov 2020 21:22:52 GMT
vary
Accept-Encoding
server
cloudflare
foot_patrn.jpg
activosblog.com/blog/images/
0
675 B
Image
General
Full URL
https://activosblog.com/blog/images/foot_patrn.jpg
Requested by
Host: cloud.vidublog.com
URL: https://cloud.vidublog.com/blog/cdn/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloud.vidublog.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
age
167
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B95OUWBRsPqtapvrgueWYCKDwC62lcKub%2F%2FTRqE7rgH3phH3NFJudG%2BsuCzclBRj91%2FHjwQdUb9oiDS5DeXATSdMSlm7sh3RXSFu16LSkpPRhjRolBqF4D6k%2FZza9i0t7J0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e401ebfdb1337f7-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=37327&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4105&recv_bytes=4316&delivery_rate=80690&cwnd=12000&unsent_bytes=0&cid=e3c040ef92b7651d&ts=59&x=1", cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 13:38:15 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.2.34
vary
Accept-Encoding
server
cloudflare
2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
fonts.gstatic.com/s/merriweathersans/v26/
37 KB
37 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweathersans/v26/2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@500;600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
a8a4a852dedcc7e3b6bb2c6acffac1a82a31828a00749ce2a8c2d6dd5f268dd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://andresskbs76543.vidublog.com
Referer
https://fonts.googleapis.com/

Response headers

age
227909
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 14 Nov 2025 22:19:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 22:19:46 GMT
last-modified
Thu, 27 Apr 2023 00:13:26 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
38268
x-xss-protection
0
server
sffe
tss0ApVBdCYD5Q7hcxTE1ArZ0bbwiXw.woff2
fonts.gstatic.com/s/archivonarrow/v30/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/archivonarrow/v30/tss0ApVBdCYD5Q7hcxTE1ArZ0bbwiXw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Archivo+Narrow:wght@400;500&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
19b584eb9a102079d73c7747d7a300e5dcac31b87fe3bfe7dff40434026583d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://andresskbs76543.vidublog.com
Referer
https://fonts.googleapis.com/

Response headers

age
338440
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 13 Nov 2025 15:37:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 15:37:35 GMT
last-modified
Wed, 13 Sep 2023 23:27:08 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18752
x-xss-protection
0
server
sffe
1cXxaUPXBpj2rGoU7C9WiHGF.woff2
fonts.gstatic.com/s/righteous/v17/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/righteous/v17/1cXxaUPXBpj2rGoU7C9WiHGF.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Righteous&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
99ac2accca3d9670c1fd8f197db636fec37cecfa403150f78cc1107c047e1ef6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://andresskbs76543.vidublog.com
Referer
https://fonts.googleapis.com/

Response headers

age
268819
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 14 Nov 2025 10:57:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 10:57:56 GMT
last-modified
Thu, 24 Aug 2023 20:51:36 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
12608
x-xss-protection
0
server
sffe
7cH1v4okm5zmbvwkAx_sfcEuiD8jvvKsOdC_.woff2
fonts.gstatic.com/s/exo2/v24/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/exo2/v24/7cH1v4okm5zmbvwkAx_sfcEuiD8jvvKsOdC_.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Exo+2&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
49c9cd329161f5c5feed3ae80a788199f2dce127c00828e027a61261cf602491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://andresskbs76543.vidublog.com
Referer
https://fonts.googleapis.com/

Response headers

age
260423
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 14 Nov 2025 13:17:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 13:17:52 GMT
last-modified
Wed, 06 Nov 2024 17:31:08 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
16720
x-xss-protection
0
server
sffe
1fj11w.woff2
cloud.vidublog.com/blog/cdn/
57 KB
58 KB
Font
General
Full URL
https://cloud.vidublog.com/blog/cdn/1fj11w.woff2
Requested by
Host: cloud.vidublog.com
URL: https://cloud.vidublog.com/blog/cdn/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.169.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18badd302023c3a0e11fd12ab2c436725ad1f2f539bfd6e0a1005ad9a724edda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://andresskbs76543.vidublog.com
Referer
https://cloud.vidublog.com/blog/cdn/style.css

Response headers

cf-cache-status
MISS
etag
"5f88b664-e4a0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=snFFDZCK3oBP71mc4SsqCgRwBRrAQZyMs555JLLnDlQy7ljrONO1j2sl5SZQuaQvdV2PdRVmsQGfYgCemtI3nywliwSVTNWVO%2FCJGg%2BNWyT2wSvZhDmJMC8EuvEFQrZUZ2ZmhEw%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=279700&sent=21&recv=11&lost=0&retrans=0&sent_bytes=16213&recv_bytes=4771&delivery_rate=91&cwnd=12000&unsent_bytes=0&cid=17162aa286393fb3&ts=885&x=1", cfExtPri, cfHdrFlush;dur=277
date
Sun, 17 Nov 2024 13:38:16 GMT
content-type
font/woff2
last-modified
Thu, 15 Oct 2020 20:51:48 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e401ec228fc25f3-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
58528
server
cloudflare
42om2k.woff2
cloud.vidublog.com/blog/cdn/
60 KB
61 KB
Font
General
Full URL
https://cloud.vidublog.com/blog/cdn/42om2k.woff2
Requested by
Host: cloud.vidublog.com
URL: https://cloud.vidublog.com/blog/cdn/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.169.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41363378e9fe2ebbc2f7460af182cbbd0531b969ca5fc66dfc23afc57a36ec70

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://andresskbs76543.vidublog.com
Referer
https://cloud.vidublog.com/blog/cdn/style.css

Response headers

cf-cache-status
MISS
etag
"5f88b664-f138"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EDNP0U5n5hbNEqLWA8cQVINDQ2M6LdPaig1KwJShQNdBeKdAgFFJitwTAolIeeUSkWZ1mWf2hjqqbBK0inVDD0ccydCH6%2Ba93jvEyVBMuOR9nTWx9vwvaOLeJaUn2xVaoUhDUAI%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=279700&sent=11&recv=11&lost=0&retrans=0&sent_bytes=4213&recv_bytes=4771&delivery_rate=91&cwnd=12000&unsent_bytes=0&cid=17162aa286393fb3&ts=881&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 13:38:16 GMT
content-type
font/woff2
last-modified
Thu, 15 Oct 2020 20:51:48 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e401ec2290025f3-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
61752
server
cloudflare
QdVUSTchPBm7nuUeVf70viFl.woff2
fonts.gstatic.com/s/questrial/v18/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Questrial&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://andresskbs76543.vidublog.com
Referer
https://fonts.googleapis.com/

Response headers

age
180630
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 15 Nov 2025 11:27:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 15 Nov 2024 11:27:45 GMT
last-modified
Wed, 27 Apr 2022 16:12:54 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
19292
x-xss-protection
0
server
sffe
favicon.ico
cloud.vidublog.com/
254 B
735 B
Other
General
Full URL
https://cloud.vidublog.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:36ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f98899d22ee8795e5ab076c21f9db7f9b8046750a3512b3519159e3c17ec388

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://andresskbs76543.vidublog.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"5fdf670c-fe"
age
4054
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nx3TIwd1QTMf1jKhKFpqFnevRX3HI2EY4BFa2OeilIfhiE7SUj7%2BSSYTDq9MgULZW7ipWplIjfKzS2pRNG17NJJ5B4voiQmmgLt6QLoS8Y7QZ98NUmzyPJ7P5Hcqt%2FmfgyJUuvBNkk19aTt5q7feA24%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e401ebf9a9bebb2-CDG
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=47778&sent=68&recv=44&lost=0&retrans=0&sent_bytes=70073&recv_bytes=2635&delivery_rate=1078327&cwnd=94&unsent_bytes=0&cid=08424e1edd1aecda&ts=667&x=0"
date
Sun, 17 Nov 2024 13:38:15 GMT
content-type
image/x-icon
last-modified
Sun, 20 Dec 2020 15:00:28 GMT
vary
Accept-Encoding
server
cloudflare

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://activosblog.com/blog/images/foot_patrn.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

activosblog.com
andresskbs76543.vidublog.com
cloud.vidublog.com
fonts.googleapis.com
fonts.gstatic.com
172.217.18.3
172.67.169.129
188.114.97.3
2606:4700:3037::6815:36ed
2a00:1450:4001:809::200a
18badd302023c3a0e11fd12ab2c436725ad1f2f539bfd6e0a1005ad9a724edda
19b584eb9a102079d73c7747d7a300e5dcac31b87fe3bfe7dff40434026583d4
22edebdac5134540ee9738099511e00aa1710844276029664e1a3d91fffd142b
3e3dac930e5d121808329269a7aaf7bf320e679c33a79bd1f37e735c5502abcb
41363378e9fe2ebbc2f7460af182cbbd0531b969ca5fc66dfc23afc57a36ec70
49c9cd329161f5c5feed3ae80a788199f2dce127c00828e027a61261cf602491
4f98899d22ee8795e5ab076c21f9db7f9b8046750a3512b3519159e3c17ec388
60021c27be6c8375c33c2a6e892c664104724dfabe7d4e35a6f8a655cbdefb8f
8997d29b8998b732bd020956635bf933e30283ab01fb1b4bb64ffc0f2b936256
91a598c2d73a826ef9f2c05a4483273a1794e434da332123e3b14c7e2ad93cba
99ac2accca3d9670c1fd8f197db636fec37cecfa403150f78cc1107c047e1ef6
a489e8a7f5a92913aab6997cb144f82fa6f9253be57ddd78a28d3837a7491d1c
a8a4a852dedcc7e3b6bb2c6acffac1a82a31828a00749ce2a8c2d6dd5f268dd9
c9f16cf6312336ecf85ae43b0194df2e0c908f1a1b4d829bcc99c75215db2098
d08659844eaa0e292b1200a99b7cd2510b40545b4a021aa66d1060f5adf052f6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eeef451500c970a3c1c7a91ae05d95845edbde1f335372952f645e6418528611
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546