Submitted URL: https://marioxitd197530.dbblog.net/37177427/blv-quang-t%C3%B9ng-ch%C3%BAng-ta-h%C3%B2a-indonesia-nh%C6%B0ng-1-tu%E1%BA%A7n-sau-g%E1...
Effective URL: https://marioxitd197530.dbblog.net/37177427/blv-quang-t%C3%B9ng-ch%C3%BAng-ta-h%C3%B2a-indonesia-nh%C6%B0ng-1-tu%E1%BA%A7n-sau-g%E1...
Submission: On December 27 via manual from HK — Scanned from IT

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 23 HTTP transactions. The main IP is 192.227.108.110, located in United States and belongs to CLOUD-SOUTH, US. The main domain is marioxitd197530.dbblog.net.
TLS certificate: Issued by R3 on November 1st 2021. Valid for: 3 months.
This is the only time marioxitd197530.dbblog.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 192.227.108.110 13886 (CLOUD-SOUTH)
3 2606:4700::68... 13335 (CLOUDFLAR...)
9 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 123.30.242.13 45899 (VNPT-AS-V...)
6 2a00:1450:400... 15169 (GOOGLE)
23 6
Domain Requested by
8 media.dbblog.net marioxitd197530.dbblog.net
6 fonts.gstatic.com fonts.googleapis.com
3 cdnjs.cloudflare.com marioxitd197530.dbblog.net
2 sohanews.sohacdn.com marioxitd197530.dbblog.net
2 fonts.googleapis.com marioxitd197530.dbblog.net
media.dbblog.net
1 dbblog.net media.dbblog.net
1 marioxitd197530.dbblog.net
23 7
Subject Issuer Validity Valid
dbblog.net
R3
2021-11-01 -
2022-01-30
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-09-21 -
2022-09-20
a year crt.sh
upload.video.google.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
sohanews.sohacdn.com
Sectigo RSA Domain Validation Secure Server CA
2021-09-30 -
2022-09-30
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh

This page contains 1 frames:

Primary Page: https://marioxitd197530.dbblog.net/37177427/blv-quang-t%C3%B9ng-ch%C3%BAng-ta-h%C3%B2a-indonesia-nh%C6%B0ng-1-tu%E1%BA%A7n-sau-g%E1%BA%B7p-l%E1%BA%A1i-c%C3%B3-khi-th%E1%BA%AFng-three-0
Frame ID: E3F888E5231EF6314D8D46743444C275
Requests: 23 HTTP requests in this frame

Screenshot

Page Title

BLV Quang Tùng: "Chúng ta hòa Indonesia nhưng 1 tuần sau gặp lại có khi thắng three-0!"

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

100 %
HTTPS

67 %
IPv6

5
Domains

7
Subdomains

6
IPs

3
Countries

921 kB
Transfer

1154 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request blv-quang-t%C3%B9ng-ch%C3%BAng-ta-h%C3%B2a-indonesia-nh%C6%B0ng-1-tu%E1%BA%A7n-sau-g%E1%BA%B7p-l%E1%BA%A1i-c%C3%B3-khi-th%E1%BA%AFng-three-0
marioxitd197530.dbblog.net/37177427/
14 KB
14 KB
Document
General
Full URL
https://marioxitd197530.dbblog.net/37177427/blv-quang-t%C3%B9ng-ch%C3%BAng-ta-h%C3%B2a-indonesia-nh%C6%B0ng-1-tu%E1%BA%A7n-sau-g%E1%BA%B7p-l%E1%BA%A1i-c%C3%B3-khi-th%E1%BA%AFng-three-0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.227.108.110 , United States, ASN13886 (CLOUD-SOUTH, US),
Reverse DNS
192.227.108.110.hosted.at.cloudsouth.com
Software
nginx / PHP/7.2.34
Resource Hash
928448192e042a943706d0e0299b8331abedc0c8e406a6c042ed981fca5ff47d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9

Response headers

Server
nginx
Date
Mon, 27 Dec 2021 19:16:27 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.2.34
Cache-Control
no-cache, must-revalidate
Expires
Mon, 27 Jul 2011 07:08:02 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/
85 KB
27 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: marioxitd197530.dbblog.net
URL: https://marioxitd197530.dbblog.net/37177427/blv-quang-t%C3%B9ng-ch%C3%BAng-ta-h%C3%B2a-indonesia-nh%C6%B0ng-1-tu%E1%BA%A7n-sau-g%E1%BA%B7p-l%E1%BA%A1i-c%C3%B3-khi-th%E1%BA%AFng-three-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://marioxitd197530.dbblog.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 19:16:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1019799
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
27433
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-1538f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XzbBjFDKDW0v3yRHVp47FkB7vA57g0hJmhgYvebT%2F4sQVCmBM0Ew81%2F5jiTUwqTWquBearOM4XigF1qEh8RtCufHRnXTJUGyMVSM%2Fmu0evMN0HCKG0Nx1jeJLZvUQQVW4AKfwWwIH99Kemr5kqgEZFVy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6c44e22b49690f72-MXP
expires
Sat, 17 Dec 2022 19:16:28 GMT
blog.js
media.dbblog.net/blog/
24 KB
8 KB
Script
General
Full URL
https://media.dbblog.net/blog/blog.js
Requested by
Host: marioxitd197530.dbblog.net
URL: https://marioxitd197530.dbblog.net/37177427/blv-quang-t%C3%B9ng-ch%C3%BAng-ta-h%C3%B2a-indonesia-nh%C6%B0ng-1-tu%E1%BA%A7n-sau-g%E1%BA%B7p-l%E1%BA%A1i-c%C3%B3-khi-th%E1%BA%AFng-three-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:5985 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df9e971173a22532cf7367900aa9e8a6f1d9d3309a9913976effd05080a4b4a7

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://marioxitd197530.dbblog.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 19:16:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 08 Jun 2021 18:40:06 GMT
server
cloudflare
etag
W/"60bfb986-5f2c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wjE%2FJcq5l4V2IjBUK%2F%2FO9iekCxYoBe7rbQPbwBwia6wKkZjSt3V3PDACcSLLYwbOa8%2FqPhqdkc%2F0mSEHqpjW8fQ0T2i9ZYL8zwFE2b%2Bkq4lWfdfELVqBSxhqbEXc1fqdHVkI5slFZJb%2F8yUPnKAZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c44e22b59890f56-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
css
fonts.googleapis.com/
3 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open%2BSans%3A400%2C300%2C300italic%2C400italic%2C600%2C600italic%2C700%2C700italic%7CMontserrat%3A400%2C700&subset=latin%2Clatin-ext
Requested by
Host: marioxitd197530.dbblog.net
URL: https://marioxitd197530.dbblog.net/37177427/blv-quang-t%C3%B9ng-ch%C3%BAng-ta-h%C3%B2a-indonesia-nh%C6%B0ng-1-tu%E1%BA%A7n-sau-g%E1%BA%B7p-l%E1%BA%A1i-c%C3%B3-khi-th%E1%BA%AFng-three-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
162a3eebb385684e99a8b624b77189f9b5c38cb51d1b814c1c3a84fc17c324a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://marioxitd197530.dbblog.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 27 Dec 2021 19:15:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 27 Dec 2021 19:16:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Dec 2021 19:16:28 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/
28 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/font-awesome.min.css
Requested by
Host: marioxitd197530.dbblog.net
URL: https://marioxitd197530.dbblog.net/37177427/blv-quang-t%C3%B9ng-ch%C3%BAng-ta-h%C3%B2a-indonesia-nh%C6%B0ng-1-tu%E1%BA%A7n-sau-g%E1%BA%B7p-l%E1%BA%A1i-c%C3%B3-khi-th%E1%BA%AFng-three-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://marioxitd197530.dbblog.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 19:16:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3531813
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5324
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7187"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0FxqKXpRH%2BIj%2F6oEayGzhX2eRsXeVX7u%2BRYJFbS4U5J7YKK23437xTuRpXlfzSjKHAeoXARHke6nCZxH47Dpc1MTR2zoQ4%2FPt1WQLNb7zMbMMwS6yUXIyTWD3D89IVywJzb%2FH9hbT6goKccAMePpK7Sl"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6c44e22b495e0f72-MXP
expires
Sat, 17 Dec 2022 19:16:28 GMT
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.0.0-alpha/css/
86 KB
14 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.0.0-alpha/css/bootstrap.min.css
Requested by
Host: marioxitd197530.dbblog.net
URL: https://marioxitd197530.dbblog.net/37177427/blv-quang-t%C3%B9ng-ch%C3%BAng-ta-h%C3%B2a-indonesia-nh%C6%B0ng-1-tu%E1%BA%A7n-sau-g%E1%BA%B7p-l%E1%BA%A1i-c%C3%B3-khi-th%E1%BA%AFng-three-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1875b64bb2190107bcf989322fdf4bc838f5cdd59748f386f8965a7c2b4a8927
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://marioxitd197530.dbblog.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 19:16:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7867021
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14396
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-1591d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BD%2FeIasLe8QOEQ4fLxmHq3vW2P1ogb8NT85EnBm44m0QEKG9mUlgtvz0CKAQ8yGJhb7rnxpsKN3uDvv0UQ%2F4HsB%2B2jP4CtcQljDDrbiQehCl5SFDm2PdTTw6rgXdnLeZHrQ8c9Bi4QzROGCimTnmWJgx"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6c44e22b49650f72-MXP
expires
Sat, 17 Dec 2022 19:16:28 GMT
style.css
media.dbblog.net/blog/images/
81 KB
15 KB
Stylesheet
General
Full URL
https://media.dbblog.net/blog/images/style.css
Requested by
Host: marioxitd197530.dbblog.net
URL: https://marioxitd197530.dbblog.net/37177427/blv-quang-t%C3%B9ng-ch%C3%BAng-ta-h%C3%B2a-indonesia-nh%C6%B0ng-1-tu%E1%BA%A7n-sau-g%E1%BA%B7p-l%E1%BA%A1i-c%C3%B3-khi-th%E1%BA%AFng-three-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:5985 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3e59a5116187319e35c3774e4b76d1d428220181f4ac195d8a29508b0678b7a

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://marioxitd197530.dbblog.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 19:16:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 15 Aug 2017 10:15:18 GMT
server
cloudflare
etag
W/"5992c9b6-145d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FmmTu1qL%2FQDY7v1PB3XIM00BaKusacuNrg%2FtegiFaN0h7jP97HTCiN7wfAQD1QfrZmNLGEV9GPis1eDrbWyUn65nYpHtwz5C8VNDHEv7cBLlMZBJjKi60Evk0i3kB8aeV12OG8TdgMnKvQn14QQ%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c44e22b59860f56-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
photo1639637732214-1639637732317884690013.jpg
sohanews.sohacdn.com/thumb_w/1000/160588918557773824/2021/12/16/
83 KB
83 KB
Image
General
Full URL
https://sohanews.sohacdn.com/thumb_w/1000/160588918557773824/2021/12/16/photo1639637732214-1639637732317884690013.jpg
Requested by
Host: marioxitd197530.dbblog.net
URL: https://marioxitd197530.dbblog.net/37177427/blv-quang-t%C3%B9ng-ch%C3%BAng-ta-h%C3%B2a-indonesia-nh%C6%B0ng-1-tu%E1%BA%A7n-sau-g%E1%BA%B7p-l%E1%BA%A1i-c%C3%B3-khi-th%E1%BA%AFng-three-0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
123.30.242.13 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
VCCloud CDN / 246.5d513fb014006916207594d420954dbf /
Resource Hash
e70be268bb99033ef07c7fabb48875d4925a50151d6d2e0b39dc6b252b46f8ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://marioxitd197530.dbblog.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 19:16:29 GMT
x-content-type-options
nosniff
last-modified
Thu, 16 Dec 2021 07:05:47 GMT
server
VCCloud CDN / 246.5d513fb014006916207594d420954dbf
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
x-cache
HIT from VCCloud CDN
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length
84910
x-xss-protection
1; mode=block
-1639637610580159223254.jpg
sohanews.sohacdn.com/160588918557773824/2021/12/16/
313 KB
314 KB
Image
General
Full URL
https://sohanews.sohacdn.com/160588918557773824/2021/12/16/-1639637610580159223254.jpg
Requested by
Host: marioxitd197530.dbblog.net
URL: https://marioxitd197530.dbblog.net/37177427/blv-quang-t%C3%B9ng-ch%C3%BAng-ta-h%C3%B2a-indonesia-nh%C6%B0ng-1-tu%E1%BA%A7n-sau-g%E1%BA%B7p-l%E1%BA%A1i-c%C3%B3-khi-th%E1%BA%AFng-three-0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
123.30.242.13 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
VCCloud CDN / 246.c28f997ce99d84b35f6eb870c12b2bbf /
Resource Hash
c70d7f77504e3aa1e41337c7265a939519cd5e35eebda41818137fb7a41ebb6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://marioxitd197530.dbblog.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 19:16:29 GMT
x-content-type-options
nosniff
last-modified
Thu, 16 Dec 2021 08:56:00 GMT
server
VCCloud CDN / 246.c28f997ce99d84b35f6eb870c12b2bbf
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
x-cache
HIT from VCCloud CDN
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length
320632
x-xss-protection
1; mode=block
Jaleel-White.jpg
media.dbblog.net/blog/images/ads/small/
37 KB
37 KB
Image
General
Full URL
https://media.dbblog.net/blog/images/ads/small/Jaleel-White.jpg
Requested by
Host: marioxitd197530.dbblog.net
URL: https://marioxitd197530.dbblog.net/37177427/blv-quang-t%C3%B9ng-ch%C3%BAng-ta-h%C3%B2a-indonesia-nh%C6%B0ng-1-tu%E1%BA%A7n-sau-g%E1%BA%B7p-l%E1%BA%A1i-c%C3%B3-khi-th%E1%BA%AFng-three-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:5985 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3574fd69f877a4fe2131a96854d9df1a1ffd174945d4acad7151fc51e60500d

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://marioxitd197530.dbblog.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 19:16:29 GMT
cf-cache-status
MISS
last-modified
Wed, 26 Jul 2017 13:41:16 GMT
server
cloudflare
etag
"59789bfc-9288"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PARYBTbPexmY7NOD3pfzUTalr2sPB5EaZt%2FEIrFMUPgO%2Bn5gLpZvlK3vOO0m%2FdchNaUwGtLC3IF0VTaSwZvLWEFWz2LX0512uM8ORCoKauvGIzsmi0tKDif1BK24H6t4ieCy6gOw5NAaCsxTaK53"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6c44e22fa94a0f56-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
37512
Suri-Cruise.jpg
media.dbblog.net/blog/images/ads/small/
37 KB
37 KB
Image
General
Full URL
https://media.dbblog.net/blog/images/ads/small/Suri-Cruise.jpg
Requested by
Host: marioxitd197530.dbblog.net
URL: https://marioxitd197530.dbblog.net/37177427/blv-quang-t%C3%B9ng-ch%C3%BAng-ta-h%C3%B2a-indonesia-nh%C6%B0ng-1-tu%E1%BA%A7n-sau-g%E1%BA%B7p-l%E1%BA%A1i-c%C3%B3-khi-th%E1%BA%AFng-three-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:5985 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00126e188dd53b3c9b6ad7a893771d35bae10a5497da86b0a35f59a3c4d4bf66

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://marioxitd197530.dbblog.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 19:16:29 GMT
cf-cache-status
MISS
last-modified
Wed, 26 Jul 2017 13:41:16 GMT
server
cloudflare
etag
"59789bfc-9350"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWadwizTSwmui39tR7yJzIVUZNAnXxBA1dYpjWZp49iA1cjCDwOhO7rwdoGHXSKlRkA8%2Fv9IaQO0f66NXt%2BmhryplAyeZBMUG63WFWHaSK%2BPrgDaldK6C6nfWnjWEYr%2F4GGQ05TYtMQeNP8hKThK"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6c44e22fa94e0f56-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
37712
Kane-2.jpg
media.dbblog.net/blog/images/ads/small/
28 KB
29 KB
Image
General
Full URL
https://media.dbblog.net/blog/images/ads/small/Kane-2.jpg
Requested by
Host: marioxitd197530.dbblog.net
URL: https://marioxitd197530.dbblog.net/37177427/blv-quang-t%C3%B9ng-ch%C3%BAng-ta-h%C3%B2a-indonesia-nh%C6%B0ng-1-tu%E1%BA%A7n-sau-g%E1%BA%B7p-l%E1%BA%A1i-c%C3%B3-khi-th%E1%BA%AFng-three-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:5985 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2095f41a894257f508560b6acbd83a31fc4ed8f0d7488829652ac3514d2b96fd

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://marioxitd197530.dbblog.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 19:16:29 GMT
cf-cache-status
MISS
last-modified
Wed, 26 Jul 2017 13:41:16 GMT
server
cloudflare
etag
"59789bfc-7140"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QyQpstvn4qFj7e6l3MEy101XWQaPnmepQ3s6ZxPlrXYk18Yt2E5e0pqtHRc9UoiCJzQFiwJhX5f1okc4NzeDQalxXY%2FwnZ3i%2F8b6LAt1GnzE9uj%2FYndKA6HBYbyAwUymVP7rtjVq%2BGS3UfKxHs6r"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6c44e22fa9500f56-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
28992
terry-Farrell.jpg
media.dbblog.net/blog/images/ads/small/
32 KB
33 KB
Image
General
Full URL
https://media.dbblog.net/blog/images/ads/small/terry-Farrell.jpg
Requested by
Host: marioxitd197530.dbblog.net
URL: https://marioxitd197530.dbblog.net/37177427/blv-quang-t%C3%B9ng-ch%C3%BAng-ta-h%C3%B2a-indonesia-nh%C6%B0ng-1-tu%E1%BA%A7n-sau-g%E1%BA%B7p-l%E1%BA%A1i-c%C3%B3-khi-th%E1%BA%AFng-three-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:5985 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
381ab80d17862ae60ee2ae6ea09cf855340ff00b1a17a9c63b2d1ce082393217

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://marioxitd197530.dbblog.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 19:16:29 GMT
cf-cache-status
MISS
last-modified
Wed, 26 Jul 2017 13:41:16 GMT
server
cloudflare
etag
"59789bfc-812c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PtwhjrB6UC4WPMMqlLCa40nMH0W8h82II1bxZSdQKBvDawMqHYbhA9AStep6mCNC4OTZrYXFu52eatKmAhZ4jCplWfxRvgo21xfqmhENagaPrIol%2FS84BHrQNO4ajHU47HPGZlP5xn9Y24w0Fx16"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6c44e22fa9520f56-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
33068
stephen-Hawking.jpg
media.dbblog.net/blog/images/ads/small/
33 KB
33 KB
Image
General
Full URL
https://media.dbblog.net/blog/images/ads/small/stephen-Hawking.jpg
Requested by
Host: marioxitd197530.dbblog.net
URL: https://marioxitd197530.dbblog.net/37177427/blv-quang-t%C3%B9ng-ch%C3%BAng-ta-h%C3%B2a-indonesia-nh%C6%B0ng-1-tu%E1%BA%A7n-sau-g%E1%BA%B7p-l%E1%BA%A1i-c%C3%B3-khi-th%E1%BA%AFng-three-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:5985 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38b108a62857ebcf7991ad1625e5f17345eeffb8affc5d122bf78b8a3189a6e8

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://marioxitd197530.dbblog.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 19:16:29 GMT
cf-cache-status
MISS
last-modified
Wed, 26 Jul 2017 13:41:16 GMT
server
cloudflare
etag
"59789bfc-8267"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gLdascYJdUsmOlDu1aU%2Bulbc6eBWzEjJ0iRShKofkETMCMmFlUxUkXtcua8gLyI8%2BVOm6OC%2FoRcHUjwaEJIqgLjU1Hybe9fbZ5ir%2FzbhcXLaPxuBW55MqgZwyyqGz4XzbTqVvPcqvffESHhIhZij"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6c44e22fa9530f56-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
33383
css
fonts.googleapis.com/
3 KB
658 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Fira+Sans|Halant
Requested by
Host: media.dbblog.net
URL: https://media.dbblog.net/blog/images/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b724fbb43ad07c6fa33159d09e17040fd6403223d7536ff2c77fba8ffacc52c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://media.dbblog.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 27 Dec 2021 19:16:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 27 Dec 2021 19:16:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Dec 2021 19:16:28 GMT
img05.jpg
media.dbblog.net/blog/images/
154 KB
155 KB
Image
General
Full URL
https://media.dbblog.net/blog/images/img05.jpg
Requested by
Host: marioxitd197530.dbblog.net
URL: https://marioxitd197530.dbblog.net/37177427/blv-quang-t%C3%B9ng-ch%C3%BAng-ta-h%C3%B2a-indonesia-nh%C6%B0ng-1-tu%E1%BA%A7n-sau-g%E1%BA%B7p-l%E1%BA%A1i-c%C3%B3-khi-th%E1%BA%AFng-three-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:5985 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae897aac9b7dcfd44b85ea062fedb3afdfd429f82c189589716d1ab11ec5a207

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://marioxitd197530.dbblog.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 19:16:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
573
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
157668
last-modified
Thu, 10 Aug 2017 04:50:48 GMT
server
cloudflare
etag
"598be628-267e4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S6AK224bBG%2BH1oucRGCtTq6Fz%2BQAzTbibI6r0IAO8hL1oHp84dKwzgrM2HLlTbe%2F8NDqNgfhLQKwPN92lAb07XIiewPG7fStT2s5SqqpNH4hJiS2mMpznkfX9irHx%2BipLqAfw%2FtoLFwJGcvMPeIh"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6c44e230ee6d375b-MXP
gplaypattern.png
dbblog.net/blog/images/
12 KB
12 KB
Image
General
Full URL
https://dbblog.net/blog/images/gplaypattern.png
Requested by
Host: media.dbblog.net
URL: https://media.dbblog.net/blog/images/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:5985 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
982d48c247caadbecbbbf4c1611243249f8127f97c3bfebd7e6044387d967967

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://media.dbblog.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 19:16:29 GMT
cf-cache-status
MISS
last-modified
Tue, 15 Aug 2017 10:14:14 GMT
server
cloudflare
etag
"5992c976-2f0f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rqpKozpa1vYeLkcV5ZrIwF72qPuoICiHNBDu1kKJt7jDlPwFwLyBML30ILuBERCK%2BOvkYnbjbCxOL%2BLPMpYYWB8OOxeacRqfAHALrTELxL%2BEJnOq9BeOY7Y7omWft8JkmD4%2FcDggUCBn"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6c44e230fbf40f56-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12047
va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v11/
22 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasans/v11/va9E4kDNxMZdWfMOD5Vvl4jL.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans|Halant
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a41dd567a7d51dac3d65a716b505f5bba7526e36405ed8a832d72a4ada3665c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://marioxitd197530.dbblog.net
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 18:15:22 GMT
x-content-type-options
nosniff
age
522067
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22748
x-xss-protection
0
last-modified
Thu, 01 Apr 2021 22:05:49 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 21 Dec 2022 18:15:22 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%2BSans%3A400%2C300%2C300italic%2C400italic%2C600%2C600italic%2C700%2C700italic%7CMontserrat%3A400%2C700&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://marioxitd197530.dbblog.net
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 06:44:42 GMT
x-content-type-options
nosniff
age
304307
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20040
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 24 Dec 2022 06:44:42 GMT
u-4-0qaujRI2Pbsn2Nhn.woff2
fonts.gstatic.com/s/halant/v8/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/halant/v8/u-4-0qaujRI2Pbsn2Nhn.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans|Halant
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fab3bfd2981c654082c4cf7654de88ff3cfbc4972ee08ebf4113af438e7007f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://marioxitd197530.dbblog.net
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 11:07:50 GMT
x-content-type-options
nosniff
age
461319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18668
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 05:41:25 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Dec 2022 11:07:50 GMT
u-4-0qaujRI2Pbsn1thnoy0.woff2
fonts.gstatic.com/s/halant/v8/
4 KB
4 KB
Font
General
Full URL
https://fonts.gstatic.com/s/halant/v8/u-4-0qaujRI2Pbsn1thnoy0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans|Halant
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d789ee95bffebd0a4f99d8e0c41a4315488c918d4f1e3d63b00002da99f22b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://marioxitd197530.dbblog.net
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 11:30:44 GMT
x-content-type-options
nosniff
age
287145
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3684
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 04:29:51 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 24 Dec 2022 11:30:44 GMT
va9E4kDNxMZdWfMOD5VvmYjLeTY.woff2
fonts.gstatic.com/s/firasans/v11/
30 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasans/v11/va9E4kDNxMZdWfMOD5VvmYjLeTY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans|Halant
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0836c53bcb811a0f8a48b140007bf6a466a01fba4d49ada2e6fdb4b00972e4c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://marioxitd197530.dbblog.net
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 11:11:32 GMT
x-content-type-options
nosniff
age
547497
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30532
x-xss-protection
0
last-modified
Thu, 01 Apr 2021 22:05:38 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 21 Dec 2022 11:11:32 GMT
va9E4kDNxMZdWfMOD5VvmIjLeTY.woff2
fonts.gstatic.com/s/firasans/v11/
7 KB
7 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasans/v11/va9E4kDNxMZdWfMOD5VvmIjLeTY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans|Halant
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c165e1b20939b703b8e5826d7e519737f31d4f4d3a86aca8ad5f405d8b1d5807
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://marioxitd197530.dbblog.net
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 20:32:40 GMT
x-content-type-options
nosniff
age
427429
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7436
x-xss-protection
0
last-modified
Thu, 01 Apr 2021 22:05:54 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Dec 2022 20:32:40 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| _0xcbc0 function| _0x0cbc function| get_domain_name string| domain function| randomIntFromInterval function| get_random_numbers_unique function| getRandomArrayElements function| calculateAge function| show_ads_big_left function| show_ads_right number| index string| style_ads_right

0 Cookies

1 Console Messages

Source Level URL
Text
security warning URL: https://marioxitd197530.dbblog.net/37177427/blv-quang-t%C3%B9ng-ch%C3%BAng-ta-h%C3%B2a-indonesia-nh%C6%B0ng-1-tu%E1%BA%A7n-sau-g%E1%BA%B7p-l%E1%BA%A1i-c%C3%B3-khi-th%E1%BA%AFng-three-0
Message:
Mixed Content: The page at 'https://marioxitd197530.dbblog.net/37177427/blv-quang-t%C3%B9ng-ch%C3%BAng-ta-h%C3%B2a-indonesia-nh%C6%B0ng-1-tu%E1%BA%A7n-sau-g%E1%BA%B7p-l%E1%BA%A1i-c%C3%B3-khi-th%E1%BA%AFng-three-0' was loaded over HTTPS, but requested an insecure element 'http://dbblog.net/blog/images/gplaypattern.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
dbblog.net
fonts.googleapis.com
fonts.gstatic.com
marioxitd197530.dbblog.net
media.dbblog.net
sohanews.sohacdn.com
123.30.242.13
192.227.108.110
2606:4700:3037::6815:5985
2606:4700::6810:135e
2a00:1450:4001:803::200a
2a00:1450:4001:80e::2003
00126e188dd53b3c9b6ad7a893771d35bae10a5497da86b0a35f59a3c4d4bf66
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
0836c53bcb811a0f8a48b140007bf6a466a01fba4d49ada2e6fdb4b00972e4c3
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
162a3eebb385684e99a8b624b77189f9b5c38cb51d1b814c1c3a84fc17c324a7
1875b64bb2190107bcf989322fdf4bc838f5cdd59748f386f8965a7c2b4a8927
2095f41a894257f508560b6acbd83a31fc4ed8f0d7488829652ac3514d2b96fd
2fab3bfd2981c654082c4cf7654de88ff3cfbc4972ee08ebf4113af438e7007f
381ab80d17862ae60ee2ae6ea09cf855340ff00b1a17a9c63b2d1ce082393217
38b108a62857ebcf7991ad1625e5f17345eeffb8affc5d122bf78b8a3189a6e8
7d789ee95bffebd0a4f99d8e0c41a4315488c918d4f1e3d63b00002da99f22b9
928448192e042a943706d0e0299b8331abedc0c8e406a6c042ed981fca5ff47d
982d48c247caadbecbbbf4c1611243249f8127f97c3bfebd7e6044387d967967
a41dd567a7d51dac3d65a716b505f5bba7526e36405ed8a832d72a4ada3665c2
ae897aac9b7dcfd44b85ea062fedb3afdfd429f82c189589716d1ab11ec5a207
b724fbb43ad07c6fa33159d09e17040fd6403223d7536ff2c77fba8ffacc52c5
c165e1b20939b703b8e5826d7e519737f31d4f4d3a86aca8ad5f405d8b1d5807
c3574fd69f877a4fe2131a96854d9df1a1ffd174945d4acad7151fc51e60500d
c70d7f77504e3aa1e41337c7265a939519cd5e35eebda41818137fb7a41ebb6a
df9e971173a22532cf7367900aa9e8a6f1d9d3309a9913976effd05080a4b4a7
e70be268bb99033ef07c7fabb48875d4925a50151d6d2e0b39dc6b252b46f8ff
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
f3e59a5116187319e35c3774e4b76d1d428220181f4ac195d8a29508b0678b7a