mail.trungtamroblox.com Open in urlscan Pro
103.200.23.160 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mail.trungtamroblox.com/
Submission Tags: phishingrod
Submission: On October 07 via api (October 7th 2023, 10:07:36 pm UTC) from DE — Scanned from DE

Summary HTTP 74 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 18 domains to perform 74 HTTP transactions. The main IP is 103.200.23.160, located in Viet Nam and belongs to VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN. The main domain is mail.trungtamroblox.com.
TLS certificate: Issued by R3 on October 7th 2023. Valid for: 3 months.

This is the only time mail.trungtamroblox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	103.200.23.160 103.200.23.160	135905 (VNPT-AS-V...) (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP)
5	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::ac43:e8b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	199.232.196.193 199.232.196.193	54113 (FASTLY) (FASTLY)
1	146.75.120.193 146.75.120.193	54113 (FASTLY) (FASTLY)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	42.112.30.39 42.112.30.39	18403 (FPT-AS-AP...) (FPT-AS-AP FPT Telecom Company)
1 1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3038::6815:e9c6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
74	21

18 103.200.23.160 (Viet Nam)

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)
PTR: host160.vietnix.vn

mail.trungtamroblox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:e8b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.datatables.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.196.193 (United States) 1 redirects

ASN54113 (FASTLY, US)

imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 42.112.30.39 (Hanoi, Viet Nam)

ASN18403 (FPT-AS-AP FPT Telecom Company, VN)
PTR: 3039.hostingviet.vn

hanoimobile.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

demonstore.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:e9c6 (United States)

ASN13335 (CLOUDFLARENET, US)

img.upanh.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	trungtamroblox.com mail.trungtamroblox.com	524 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	131 KB
9	youtube.com 1 redirects youtube.com — Cisco Umbrella Rank: 66 www.youtube.com — Cisco Umbrella Rank: 85	1020 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49 jnn-pa.googleapis.com — Cisco Umbrella Rank: 237	35 KB
6	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 250	192 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 static.doubleclick.net — Cisco Umbrella Rank: 304	1 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	24 KB
3	unpkg.com unpkg.com — Cisco Umbrella Rank: 1102	107 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	93 KB
2	imgur.com 1 redirects imgur.com — Cisco Umbrella Rank: 5397 i.imgur.com — Cisco Umbrella Rank: 7529	66 KB
2	datatables.net cdn.datatables.net — Cisco Umbrella Rank: 5484	114 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 224	3 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 104	99 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	15 KB
1	upanh.tv img.upanh.tv — Cisco Umbrella Rank: 405700	4 MB
1	demonstore.shop demonstore.shop
1	hanoimobile.vn hanoimobile.vn	9 KB
0	facebook.com Failed www.facebook.com Failed
74	18

	Domain	Requested by
18	mail.trungtamroblox.com	mail.trungtamroblox.com
10	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
8	www.youtube.com	mail.trungtamroblox.com www.youtube.com
6	cdnjs.cloudflare.com	mail.trungtamroblox.com cdnjs.cloudflare.com
5	fonts.googleapis.com	mail.trungtamroblox.com
4	jnn-pa.googleapis.com	www.youtube.com
3	cdn.jsdelivr.net	mail.trungtamroblox.com
3	unpkg.com	mail.trungtamroblox.com unpkg.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	connect.facebook.net	mail.trungtamroblox.com
2	cdn.datatables.net	mail.trungtamroblox.com
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	img.upanh.tv	mail.trungtamroblox.com
1	demonstore.shop	mail.trungtamroblox.com
1	youtube.com	1 redirects
1	hanoimobile.vn	mail.trungtamroblox.com
1	i.imgur.com	mail.trungtamroblox.com
1	imgur.com	1 redirects
0	www.facebook.com Failed	connect.facebook.net
74	23

This site contains links to these domains. Also see Links.

Domain
zalo.me
discord.gg
trungtamroblox.com
shophct247.com
www.facebook.com
www.youtube.com

Subject Issuer	Validity	Valid
webdisk.trungtamroblox.com R3	`2023-10-07` - `2024-01-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-17` - `2023-10-15`	3 months	crt.sh
hanoimobile.vn R3	`2023-08-25` - `2023-11-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
demonstore.shop GTS CA 1P5	`2023-09-28` - `2023-12-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://mail.trungtamroblox.com/
Frame ID: 6AE328B56BBFA2E9F87C5DBCBA9D6074
Requests: 51 HTTP requests in this frame

Frame: https://www.youtube.com/embed/xIASkC83N0E
Frame ID: E16E5F2F53D4AC14D18CCF92F4A23828
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HOME | TRUNGTAMROBLOX

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

DataTables (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

dataTables.*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/npm/sweetalert2@([\d.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

74
Requests

95 %
HTTPS

82 %
IPv6

18
Domains

23
Subdomains

21
IPs

3
Countries

6797 kB
Transfer

10520 kB
Size

3
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://zalo.me/g/zsgobk415
Title: ZALO GIAO LƯU HỖ TRỢ & CẬP NHẬT THÔNG BÁO: Tại đây

Search URL Search Domain Scan URL

URL: https://discord.gg/ZBQ26fwbZn
Title: DISCORD HỖ TRỢ & GIAO LƯU: Tại đây

Search URL Search Domain Scan URL

URL: https://trungtamroblox.com/Robux120h-tkmk/8

Search URL Search Domain Scan URL

URL: https://trungtamroblox.com/Robux120h/8

Search URL Search Domain Scan URL

URL: https://shophct247.com/nap-tien-qua-ngan-hang/
Title: tại đây

Search URL Search Domain Scan URL

URL: https://www.facebook.com/gdtghct/
Title: HUỲNH CHÍ TRUNG

Search URL Search Domain Scan URL

URL: https://www.facebook.com/gdtghct

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCZ9zqGZFVfJ6e3IHzFBCEXg

Search URL Search Domain Scan URL

URL: https://www.facebook.com/vutapcode
Title: NAV

Search URL Search Domain Scan URL

URL: https://zalo.me/0924999123

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://imgur.com/QLmYw0V.png HTTP 301
https://i.imgur.com/QLmYw0V.png

Request Chain 35

https://youtube.com/embed/xIASkC83N0E HTTP 301
https://www.youtube.com/embed/xIASkC83N0E

Request Chain 57

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

74 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
mail.trungtamroblox.com/ 171 KB
22 KB 1844ms
236ms Document
text/html 103.200.23.160
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.trungtamroblox.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: host160.vietnix.vn
Software: LiteSpeed /
Resource Hash: 98b08f56975bd8717a7490d09919b27efb00f19bd53eef8e225c78d39174a047

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 07 Oct 2023 22:07:28 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
868 B 141ms
49ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Goldman&display=swap

Requested by

Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

06d38e256fa08f4d88fc665202fd56ebe6680ea7c6ad7e0e98b638452c21a825

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.trungtamroblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 07 Oct 2023 22:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 07 Oct 2023 22:07:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 07 Oct 2023 22:07:29 GMT

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
886 B 143ms
51ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&family=Roboto:wght@900&display=swap

Requested by

Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

223d601e88c26b2ea17543a5b60c7dbfdf2c6bddd92614af40232e894f34b652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.trungtamroblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 07 Oct 2023 22:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 07 Oct 2023 22:07:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 07 Oct 2023 22:07:29 GMT

GET
H2 200 style.css
mail.trungtamroblox.com/template/theme/assets/frontend/css/ 59 KB
12 KB 451ms
443ms Stylesheet
text/css 103.200.23.160
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.trungtamroblox.com/template/theme/assets/frontend/css/style.css?v=1621615725
Requested by: Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: host160.vietnix.vn
Software: LiteSpeed /
Resource Hash: 0c90e30513afce89df4a05bf3421dc6771f0cf918eea82a29bcbd64e8ba53967

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.trungtamroblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:29 GMT
content-encoding: br
last-modified: Sat, 07 Aug 2021 04:26:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 11653
expires: Sat, 14 Oct 2023 22:07:29 GMT

GET
H2 200 css.css
mail.trungtamroblox.com/template/ 462 B
247 B 453ms
444ms Stylesheet
text/css 103.200.23.160
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.trungtamroblox.com/template/css.css
Requested by: Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: host160.vietnix.vn
Software: LiteSpeed /
Resource Hash: 8c85869906d27589ef9f4af9c7b4e50e7303835e929df4c0b03656f7b0441a18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.trungtamroblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:29 GMT
content-encoding: br
last-modified: Sat, 07 Aug 2021 04:26:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 215
expires: Sat, 14 Oct 2023 22:07:29 GMT

GET
H2 200 boxicons.min.css
unpkg.com/boxicons@2.0.7/css/ 62 KB
11 KB 50ms
22ms Stylesheet
text/css 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/boxicons@2.0.7/css/boxicons.min.css

Requested by

Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fc734c80933766675fda9c9a1f867289de58d1e6ddc85621e1a37eb506a22ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.trungtamroblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:29 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 13747043
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GZCCPBBP539TQY47B40A3XWE-fra
server: cloudflare
etag: W/"f703-kEpTqbib37RBQP2PIpppYa/VnfU"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 81297511ecc4bbdd-FRA

GET
H2 200 jquery-2.1.0.min.js Show response
mail.trungtamroblox.com/template/theme/assets/frontend/plugins/jquery/ 82 KB
28 KB 453ms
445ms Script
application/javascript 103.200.23.160
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.trungtamroblox.com/template/theme/assets/frontend/plugins/jquery/jquery-2.1.0.min.js
Requested by: Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: host160.vietnix.vn
Software: LiteSpeed /
Resource Hash: 3f63164ff0f908bb4162cd5c58bd91e3e5e019a5b3b7caefe3733815b3656514

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.trungtamroblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:29 GMT
content-encoding: br
last-modified: Sat, 07 Aug 2021 04:26:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 28603
expires: Sat, 14 Oct 2023 22:07:29 GMT

GET
H2 200 bootstrap.min.js Show response
mail.trungtamroblox.com/template/theme/assets/frontend/plugins/bootstrap/js/ 36 KB
9 KB 468ms
460ms Script
application/javascript 103.200.23.160
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.trungtamroblox.com/template/theme/assets/frontend/plugins/bootstrap/js/bootstrap.min.js
Requested by: Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: host160.vietnix.vn
Software: LiteSpeed /
Resource Hash: 612553e6a88fa4e0196ef0c81f332c75ce887d471b1dd0abe2c3bd05ce861353

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.trungtamroblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:29 GMT
content-encoding: br
last-modified: Sat, 07 Aug 2021 04:26:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9528
expires: Sat, 14 Oct 2023 22:07:29 GMT

GET
H2 200 lazyload.js Show response
cdn.jsdelivr.net/npm/lazyload@2.0.0-rc.2/ 6 KB
2 KB 72ms
16ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/lazyload@2.0.0-rc.2/lazyload.js

Requested by

Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

874cad10027313f3620a770d4a338369833ed5b3913f0793cb8500361b19e6ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.trungtamroblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 14113450
x-jsd-version: 2.0.0-rc.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230063-FRA, cache-yyz4535-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"162a-+bHVRc9Mhd3adT/5YJ7eVp2Ssx8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3tngSMEJWp%2BlJKAh9s%2BF%2FqI4xZ6J77RMAOrPkMFWHnHLQsZok0838ktcgeU%2FruCCNIIa1pwQOJlRjkHldHWTyJa9kHjj4lBB4NeC1YGTQiJl4gGvw7jYiMu55jX0qXuNaWVj274v6yfMJ9iFkec%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8129751218543a8a-FRA

GET
H2 200 jquery.cookie.js Show response
mail.trungtamroblox.com/template/theme/assets/frontend/plugins/jquery-cookie/ 2 KB
851 B 469ms
462ms Script
application/javascript 103.200.23.160
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.trungtamroblox.com/template/theme/assets/frontend/plugins/jquery-cookie/jquery.cookie.js
Requested by: Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: host160.vietnix.vn
Software: LiteSpeed /
Resource Hash: be000dd9f3dde05e61469d7846067b1c346fb9953024b70cbf8ab66fadfc57f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.trungtamroblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:29 GMT
content-encoding: br
last-modified: Sat, 07 Aug 2021 04:26:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 818
expires: Sat, 14 Oct 2023 22:07:29 GMT

GET
H2 200 js.cookie.js Show response
mail.trungtamroblox.com/template/theme/assets/frontend/theme/assets/plugins/js-cookie/ 3 KB
1 KB 469ms
462ms Script
application/javascript 103.200.23.160
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.trungtamroblox.com/template/theme/assets/frontend/theme/assets/plugins/js-cookie/js.cookie.js
Requested by: Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: host160.vietnix.vn
Software: LiteSpeed /
Resource Hash: ae1b952722e8297601f246c542205e30d25321b73153e0bd88f0a694e592f593

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.trungtamroblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:29 GMT
content-encoding: br
last-modified: Sat, 07 Aug 2021 04:26:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1069
expires: Sat, 14 Oct 2023 22:07:29 GMT

GET
H2 200 bootstrap-datepicker.min.js Show response
mail.trungtamroblox.com/template/theme/assets/frontend/theme/assets/plugins/bootstrap-datepicker/js/ 33 KB
10 KB 470ms
463ms Script
application/javascript 103.200.23.160
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.trungtamroblox.com/template/theme/assets/frontend/theme/assets/plugins/bootstrap-datepicker/js/bootstrap-datepicker.min.js
Requested by: Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: host160.vietnix.vn
Software: LiteSpeed /
Resource Hash: e938ccaf6d664fa5663d08d918ef5be0c049b5794fa469c91ed9afee32399c51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.trungtamroblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:29 GMT
content-encoding: br
last-modified: Sat, 07 Aug 2021 04:26:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9768
expires: Sat, 14 Oct 2023 22:07:29 GMT

GET
H2 200 kun.js Show response
mail.trungtamroblox.com/template/theme/assets/frontend/js/ 4 KB
984 B 680ms
674ms Script
application/javascript 103.200.23.160
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.trungtamroblox.com/template/theme/assets/frontend/js/kun.js
Requested by: Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: host160.vietnix.vn
Software: LiteSpeed /
Resource Hash: 267d7e881bfe440ec22e504a58edd746fce25c67db57d14ee90f1075310f5940

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.trungtamroblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:29 GMT
content-encoding: br
last-modified: Sat, 07 Aug 2021 04:26:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 951
expires: Sat, 14 Oct 2023 22:07:29 GMT

GET
H2 200 backtotop.js Show response
mail.trungtamroblox.com/template/theme/assets/frontend/js/ 944 B
385 B 681ms
674ms Script
application/javascript 103.200.23.160
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.trungtamroblox.com/template/theme/assets/frontend/js/backtotop.js
Requested by: Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: host160.vietnix.vn
Software: LiteSpeed /
Resource Hash: 2944868ff972d8d744004100daa99513d864183764505363d42b9f504d9bfe7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.trungtamroblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:29 GMT
content-encoding: br
last-modified: Sat, 07 Aug 2021 04:26:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 352
expires: Sat, 14 Oct 2023 22:07:29 GMT

GET
H2 200 sweetalert2@11 Show response
cdn.jsdelivr.net/npm/ 68 KB
19 KB 73ms
19ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@11

Requested by

Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e40bead9cdb36412578196519d28035ee67c47d109d18e7e216f0da55be1e3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.trungtamroblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 188
x-jsd-version: 11.7.32
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230029-FRA, cache-jnb7026-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"110ad-1vwpTWZ+mHiuDTzQ9wZKrTHZo2Q"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s0gKa2hETzy7Hzn8ZLH9WkxCshaGRBPE9TevKLW8fi5y63Tnc1U167RHmnvBxnRTDYJZEGonlZomWvXiJlYYeRCWLphpasHYb6xNN1NUAZmOJ8j71P2J9%2FeBl1iVBOa0mIhZ%2BcyWuSm4AeTM7mA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8129751218563a8a-FRA

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 56ms
22ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.trungtamroblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 10114432
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WssGqqW6TePGaSaMYqvt7TWXBaw8yVFcHPp5%2FMQUT86jWaykIWtLFxu6Ar3SeS0rPRjUXpe8Rjm6O%2FmBv%2Fn9ERxjSgNViDmi6OMglypSyg9b1ckIJ3xItAdqSXtBH0cOm1Ce31qHUgjlmtt9GXrgjYts"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81297511fc00690f-FRA
expires: Thu, 26 Sep 2024 22:07:29 GMT

GET
H2 200 jquery.dataTables.css
cdn.datatables.net/1.10.24/css/ 16 KB
2 KB 58ms
27ms Stylesheet
text/css 2606:4700:10::ac43:e8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/1.10.24/css/jquery.dataTables.css

Requested by

Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e8b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57b0cece766a47beabbf2d2da5ae6d6b75e108aa5669555e38123bd9f1d701e8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.trungtamroblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:29 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 21486368
content-length: 2369
last-modified: Fri, 11 Nov 2022 14:46:27 GMT
server: cloudflare
etag: "114109d-3ec4-5ed32f45c3a68-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 81297511f9303614-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Thu, 01 Feb 2024 05:41:21 GMT

GET
H2 200 jquery.dataTables.js Show response
cdn.datatables.net/1.10.24/js/ 440 KB
112 KB 50ms
19ms Script
application/javascript 2606:4700:10::ac43:e8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/1.10.24/js/jquery.dataTables.js

Requested by

Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e8b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67443c3e2b3a31a2d1039888e7e35979079e927a96d6c95ed3a947facc024d6b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.trungtamroblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:29 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 21486355
last-modified: Fri, 11 Nov 2022 14:46:27 GMT
server: cloudflare
etag: "11410bb-6df4f-5ed32f45c4a08-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=31536000
cf-ray: 81297511f9313614-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Thu, 01 Feb 2024 05:41:34 GMT

GET
H2 200 lazyload.min.js Show response
cdn.jsdelivr.net/npm/vanilla-lazyload@17.3.2/dist/ 7 KB
3 KB 68ms
15ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vanilla-lazyload@17.3.2/dist/lazyload.min.js

Requested by

Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28762ea362d067f6cdfc31442f0255cbf2998d5f388672e6156378ca30f2514b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.trungtamroblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 11455495
x-jsd-version: 17.3.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230069-FRA, cache-yyz4560-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"1d93-ydxKWtG8r6eGCK9bRg4vRr22VFM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2cEtaQ7FJqP5uvdo5WQGiawhaElPINj7zF3tV9SuCco6F0tpYUoewNLcxksmSCdAZzXozXGWfePJq8hiYPnMF7JLL2kVdZFp5HvwoRLh15gL%2B63OxxIfzzJ%2B%2FADwWVU%2FFbEAAIYN9Y8Utd0mYA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8129751218573a8a-FRA

GET
H2 200 cute-alert.js Show response
mail.trungtamroblox.com/template/cute-alert/ 4 KB
999 B 681ms
675ms Script
application/javascript 103.200.23.160
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.trungtamroblox.com/template/cute-alert/cute-alert.js
Requested by: Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: host160.vietnix.vn
Software: LiteSpeed /
Resource Hash: 09157ed9222cf4abc019f4bd7632e6883dc6f264a5969d4bc32f1e9bef98651d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.trungtamroblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:29 GMT
content-encoding: br
last-modified: Sat, 07 Aug 2021 04:26:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 966
expires: Sat, 14 Oct 2023 22:07:29 GMT

GET
H2 200 style.css
mail.trungtamroblox.com/template/cute-alert/ 6 KB
1 KB 467ms
462ms Stylesheet
text/css 103.200.23.160
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.trungtamroblox.com/template/cute-alert/style.css
Requested by: Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: host160.vietnix.vn
Software: LiteSpeed /
Resource Hash: cccef55ef7bf38bf8d0cf226e6e3c3bec27f9b1cc78476b6ace3d60bd93e84ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.trungtamroblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:29 GMT
content-encoding: br
last-modified: Sat, 07 Aug 2021 04:26:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1162
expires: Sat, 14 Oct 2023 22:07:29 GMT

GET
H2 200 style.css
mail.trungtamroblox.com/ 12 KB
3 KB 468ms
463ms Stylesheet
text/css 103.200.23.160
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.trungtamroblox.com/style.css
Requested by: Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: host160.vietnix.vn
Software: LiteSpeed /
Resource Hash: 38cdd8374f3dab605c85e9a5da2373f37bc5f535c1f994b4bebcbe945824bf45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.trungtamroblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:29 GMT
content-encoding: br
last-modified: Fri, 22 Oct 2021 09:22:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2671
expires: Sat, 14 Oct 2023 22:07:29 GMT

GET
H2 200 iziToast.min.js Show response
cdnjs.cloudflare.com/ajax/libs/izitoast/1.4.0/js/ 18 KB
5 KB 43ms
18ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/izitoast/1.4.0/js/iziToast.min.js

Requested by

Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df6d4fc52f8f3af6ef59c215a1165e4667f7daaedf4c5409db56d7c133564446

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://mail.trungtamroblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2690547
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4441
last-modified: Thu, 22 Jun 2023 11:05:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b10-1159"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3YfrSe9xdZi0nr4%2Fjmbx6QFoU8A3nhFGQhmez0cSZVXYHdrRc%2B8v8n%2BFOE5IPxp%2B3Tp2ZKsr9Gb54kl8Y9QnN%2B%2FgL%2BF8HJNAl03%2Bgw5e3JWlzFgeQ9MVur9uCsOz1KcG2uP%2B%2FWzawU4l%2Bojnd16YTWm0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81297511ee392c22-FRA
expires: Thu, 26 Sep 2024 22:07:29 GMT

GET
H2 200 iziToast.min.css
cdnjs.cloudflare.com/ajax/libs/izitoast/1.4.0/css/ 41 KB
10 KB 45ms
21ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/izitoast/1.4.0/css/iziToast.min.css

Requested by

Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fa7d6e3b4039b59b4d4721ea7e523a42a4dc0b56405829df9f8696f8550fa01

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://mail.trungtamroblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5291222
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 9409
last-modified: Thu, 22 Jun 2023 11:05:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b10-24c1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=31kl5VTOe6uQDTXbwk0UDAAgOOIvnfyCtp9DfFOoCyX84pfxGMQXQ6pWkB1h4fDZiP5Cb0cccAU9BPU%2F2v1LabRtPBHhM%2FhWb%2BEWQHWfKIcfBOb8%2FTN8xCx7V1cbhu9bObvrC45HUlfIY9WzrhZbSlqm"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81297511ee362c22-FRA
expires: Thu, 26 Sep 2024 22:07:29 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/ 98 KB
17 KB 44ms
20ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.css

Requested by

Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0df5a33710e433de1f5415b1d47e4130ca7466aee5b81955f1045c4844bbb3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://mail.trungtamroblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 333324
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 17041
last-modified: Tue, 22 Mar 2022 17:32:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "623a082a-4291"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=br3IR0MO8WFZHNfgP9y%2F0HoCOfmu6f4RKwrrGj7CLV6HDM1Fn5VHjKVAu5UdNoLOW9c8srqCP57o489ncNKN0%2BwQ%2FWfAld8vTZUXDFZrOiQ3H1t%2BJCVa8K63krtxvEDyLfUyGaRLcM0dq8%2BrD4ELkBIu"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81297511ee382c22-FRA
expires: Thu, 26 Sep 2024 22:07:29 GMT

GET
H2 200 logo_dark7V4.png
mail.trungtamroblox.com/assets/storage/theme/ 387 KB
388 KB 231ms
230ms Image
image/png 103.200.23.160
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mail.trungtamroblox.com/assets/storage/theme/logo_dark7V4.png
Requested by: Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: host160.vietnix.vn
Software: LiteSpeed /
Resource Hash: 5427973b9a0315cb6951147e4b7ac4c9b1f4fffadf827c566d21c82423c69623

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.trungtamroblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:29 GMT
last-modified: Fri, 31 Mar 2023 14:20:16 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 396538
expires: Sat, 14 Oct 2023 22:07:29 GMT

GET
H2

200

QLmYw0V.png
i.imgur.com/
Redirect Chain

https://imgur.com/QLmYw0V.png
https://i.imgur.com/QLmYw0V.png

65 KB
66 KB

31ms
8ms

Image
image/png

146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/QLmYw0V.png

Requested by

Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/

Protocol

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

2f4f901450186bdce3b853b9225953d36fdf83b835637bcfdfed60594d92694e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.trungtamroblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:30 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 599631
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 66583
x-served-by: cache-iad-kcgs7200146-IAD, cache-fra-etou8220024-FRA
last-modified: Sat, 05 Aug 2023 09:37:05 GMT
server: cat factory 1.0
x-timer: S1696716450.405723,VS0,VE2
etag: "f086563bc7c59e09b9913e9d74b18a27"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Zhkb8SdcDfNXKXSem6gLvk-AGYXhYYpRfe0Tw_HAOpIHcqjngq1jzw==
x-cache-hits: 4, 1

Redirect headers

x-cache-hits: 0
date: Sat, 07 Oct 2023 22:07:30 GMT
strict-transport-security: max-age=300
server: cat factory 1.0
x-timer: S1696716450.342664,VS0,VE0
x-frame-options: DENY
x-cache: HIT
location: https://i.imgur.com/QLmYw0V.png
access-control-allow-origin: https://imgur.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-fra-eddf8230068-FRA

GET
H2 200 footer.js Show response
mail.trungtamroblox.com/template/theme/assets/frontend/js/ 1 KB
312 B 230ms
230ms Script
application/javascript 103.200.23.160
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.trungtamroblox.com/template/theme/assets/frontend/js/footer.js
Requested by: Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: host160.vietnix.vn
Software: LiteSpeed /
Resource Hash: fb28c76cb5f82cad6884749c775459e5511b6f210b79691e311f06b5d60c0536

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.trungtamroblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:29 GMT
content-encoding: br
last-modified: Sat, 07 Aug 2021 04:26:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 280
expires: Sat, 14 Oct 2023 22:07:29 GMT

GET
H2 200 clipboard.min.js Show response
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.6/ 10 KB
3 KB 20ms
19ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.6/clipboard.min.js

Requested by

Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.trungtamroblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4513709
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2953
last-modified: Thu, 22 Jun 2023 10:57:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942929-b89"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mmcJUJphrFwfVkTbGk3ys5IDjvWkmap7y3rqHlesY464eF6QIkGaqFuDbYBNtUGd4YHgd3CAY3kHpClIQmKUcFR0Cl1AhScYYIC29lNqLS2InK8fJ%2FGKRCw0Me%2Bb95aK%2BwWSEM2zUWpiNAXTNe6uItu7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 812975161e6b690f-FRA
expires: Thu, 26 Sep 2024 22:07:30 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/vi_VN/ 3 KB
2 KB 24ms
7ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk.js

Requested by

Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7d143e7f0831eec9d70d319ea48e7c6c333e42bd9df13c198c0b39a3cc6a51f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://mail.trungtamroblox.com/
Origin: https://mail.trungtamroblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 07 Oct 2023 22:07:30 GMT
content-md5: y6hsy8JG5h+nRSF8bCo2XA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-debug: mV8ooby5oGx/G/68773gEcWzAhBOaXd9E46eNF7WXYYt8+r9PO5zjZ6yPGeifwpKooCSGas9KokLDf9v8uNRkg==
x-fb-content-md5: a10cfcb41da1734690e050e5bd099f74
cross-origin-opener-policy: same-origin-allow-popups
etag: "aa3803e1523793182252c1af414c3f54"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 07 Oct 2023 22:18:42 GMT

GET
H2 200 boxicons.js Show response
unpkg.com/boxicons@2.1.1/dist/ 13 KB
4 KB 16ms
16ms Script
application/javascript 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/boxicons@2.1.1/dist/boxicons.js

Requested by

Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

771792c29967271ab7d5dc2d674b532eb7e621105faaa0f1375672e920f319ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.trungtamroblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:30 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 24413813
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GNEG1XKWYZ6NV3N990621RAQ-fra
server: cloudflare
etag: W/"3303-GVZxmno9jwZ5q1NdVs23GVOuXzw"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 812975166891bbdd-FRA

GET
H2 200 icon-zalo-chat-white.png
hanoimobile.vn/themes/template/images/ 9 KB
9 KB 2164ms
217ms Image
image/png 42.112.30.39
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hanoimobile.vn/themes/template/images/icon-zalo-chat-white.png
Requested by: Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 42.112.30.39 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS: 3039.hostingviet.vn
Software: LiteSpeed /
Resource Hash: 7b7b1fa1deb5354522f67f666901417b9acce4ab0e0ffc7b7c7bc585bead1e30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.trungtamroblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:32 GMT
last-modified: Fri, 11 Dec 2020 16:44:17 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=7776000
accept-ranges: bytes
content-length: 9263
expires: Fri, 05 Jan 2024 22:07:32 GMT

GET
H2 200 css2
fonts.googleapis.com/ 418 B
390 B 48ms
46ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Redressed&display=swap

Requested by

Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3cc9781a58054c05b9412130f3edba56b5aab53aa6da702a5ee6702b0329857f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.trungtamroblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 07 Oct 2023 22:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 07 Oct 2023 22:07:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 07 Oct 2023 22:07:30 GMT

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
903 B 48ms
47ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700&display=swap

Requested by

Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/template/cute-alert/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a14d71c9fa9719eae556f9589eaa64b6e9e2b9c89a7f0784f1c9f06ff4fbf2d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.trungtamroblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 07 Oct 2023 22:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 07 Oct 2023 20:07:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 07 Oct 2023 22:07:30 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
548 B 49ms
49ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Dosis:wght@800&display=swap

Requested by

Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/template/cute-alert/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

92aa27aae201bbb1fafe8a4be71ab94c1c3d8ef17a085ff40636775c794cee13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.trungtamroblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 07 Oct 2023 22:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 07 Oct 2023 22:00:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 07 Oct 2023 22:07:30 GMT

GET
H2 200 backgroundENB.png
mail.trungtamroblox.com/assets/storage/theme/ 47 KB
47 KB 457ms
455ms Image
image/png 103.200.23.160
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mail.trungtamroblox.com/assets/storage/theme/backgroundENB.png
Requested by: Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: host160.vietnix.vn
Software: LiteSpeed /
Resource Hash: eb4e9a7c8f0e7cf65b165b82069819cd3ef2fe3ce52cc8b4fccfd1ad38295e1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.trungtamroblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:29 GMT
last-modified: Mon, 28 Nov 2022 07:43:51 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 48294
expires: Sat, 14 Oct 2023 22:07:29 GMT

GET
H2

200

xIASkC83N0E Show response
www.youtube.com/embed/ Frame E16E
Redirect Chain

https://youtube.com/embed/xIASkC83N0E
https://www.youtube.com/embed/xIASkC83N0E

89 KB
39 KB

216ms
128ms

Document
text/html

2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/xIASkC83N0E

Requested by

Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

94cfd328275495589e7aded5913745ec4c552bdeb9bc87da732af766b491fa36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.trungtamroblox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';script-src 'report-sample' 'nonce-h8BBoiwpcbaa6V1wr9QnTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline';report-uri /cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 07 Oct 2023 22:07:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=31536000
content-length: 0
content-type: application/binary
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 07 Oct 2023 22:07:30 GMT
expires: Sat, 07 Oct 2023 22:07:30 GMT
location: https://www.youtube.com/embed/xIASkC83N0E
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 xfbml.customerchat.js Show response
connect.facebook.net/vi_VN/sdk/ 318 KB
91 KB 22ms
7ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk/xfbml.customerchat.js

Requested by

Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

44d5fe80ae053f2d7dca114254c1ca1ae7abc095cd99d36af113e78fa3493a2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.trungtamroblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 07 Oct 2023 22:07:30 GMT
content-md5: 1VffQzV2oCrd/ogvnEA2zQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 91971
x-fb-debug: Im7u4/8l0gvrS/pCYawVLVTcWLb9MfHdalObwVKc66eSvqz32msYjVXiMQkCsfmpzvswSy00Uf+zjYzI2sB+SQ==
x-fb-content-md5: cfd0c141c4c26b6d2f41066875a67371
cross-origin-opener-policy: same-origin-allow-popups
etag: "cc2314d1ef3da225a9c7f5213a67de65"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 07 Oct 2023 22:19:03 GMT

GET
H2 404 flicker.gif
demonstore.shop/assets/img/ 0
0 51ms
17ms Image
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://demonstore.shop/assets/img/flicker.gif
Requested by: Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.trungtamroblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
16 KB 121ms
35ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&family=Roboto:wght@900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mail.trungtamroblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 03:46:14 GMT
x-content-type-options: nosniff
age: 238876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 03:46:14 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 130ms
44ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&family=Roboto:wght@900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mail.trungtamroblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 21:26:35 GMT
x-content-type-options: nosniff
age: 175255
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15660
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 21:26:35 GMT

GET
H2 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/webfonts/ 151 KB
151 KB 15ms
14ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3d7854a5e060542337a731983a1f0c053e1d7412dd69b4ffdebc37e9028eeac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.css
Origin: https://mail.trungtamroblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:30 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6414844
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 154228
last-modified: Thu, 22 Jun 2023 11:02:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942a3c-25a74"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ycVQ7UAFTNbzHjs5nuRzmdkxLa%2B8g%2FSYgd%2FZoPh7Pdte3J4YftLH7IcubX4EHKAF0%2BlklLBtya5zMz3rvKL7hqxPLDfKHClb961ERrcrkPrgZnk1hMlBU040QTpRP36ZfKWEZjPk46eL3r2EY1E2QLbM"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81297516aa462c22-FRA
expires: Thu, 26 Sep 2024 22:07:30 GMT

GET
H2 200 boxicons.woff2
unpkg.com/boxicons@2.0.7/fonts/ 91 KB
91 KB 49ms
23ms Font
font/woff2 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/boxicons@2.0.7/fonts/boxicons.woff2

Requested by

Host: unpkg.com
URL: https://unpkg.com/boxicons@2.0.7/css/boxicons.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43193176ef77030ad34673f96fad80aebc860b2a8b11418e3cc9170688d7ff35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://unpkg.com/boxicons@2.0.7/css/boxicons.min.css
Origin: https://mail.trungtamroblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:30 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 14226404
content-length: 93260
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GYY3HAN79E1N0HMTBES5WE1D-fra
server: cloudflare
etag: "16c4c-pVld0x4LunUHF9iDN+x/LvuPssw"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 81297516cd8d35ff-FRA

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCsYb8td.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 5 KB
6 KB 155ms
74ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCsYb8td.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&family=Roboto:wght@900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf3fbb19e9654fa5727bc1312cd4b8bd54d23adb70168da4315cead4666f7dc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mail.trungtamroblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:31:04 GMT
x-content-type-options: nosniff
age: 408986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5564
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:11:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Oct 2024 04:31:04 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCoYb8td.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 11 KB
12 KB 161ms
80ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCoYb8td.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&family=Roboto:wght@900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7eaf0683081d1ec178eafefff2c407475fe4e69e0d7104e0121f72dcdd1c4d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mail.trungtamroblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 07:52:58 GMT
x-content-type-options: nosniff
age: 483272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11760
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:07:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Oct 2024 07:52:58 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 12 KB
12 KB 165ms
87ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&family=Roboto:wght@900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30fa70635379ae1b58491bc41572760c1f3c8445265436a5fec4c36a197e4121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mail.trungtamroblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 21:11:13 GMT
x-content-type-options: nosniff
age: 176177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11816
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:52:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 21:11:13 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-1927DRs5.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 6 KB
6 KB 172ms
95ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-1927DRs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&family=Roboto:wght@900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a443599b665cfcd9a13fc46056624c65f518c06ee47925c4a940c58164b1b799

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mail.trungtamroblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 22:23:20 GMT
x-content-type-options: nosniff
age: 603850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5696
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Sep 2024 22:23:20 GMT

GET /
www.facebook.com/plugins/customer_chat/SDK/ 0
0

GET /
www.facebook.com/plugins/customer_chat/facade/ 0
0

GET
H2 200 loaithe.php Show response
mail.trungtamroblox.com/api/ 289 B
222 B 512ms
512ms XHR
text/html 103.200.23.160
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.trungtamroblox.com/api/loaithe.php
Requested by: Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/template/theme/assets/frontend/plugins/jquery/jquery-2.1.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: host160.vietnix.vn
Software: LiteSpeed /
Resource Hash: 1134ba75ccbe496459b707b549d37c6a6b204d86f02ee678ba64c07980f89eb6

Request headers

Accept: */*
Referer: https://mail.trungtamroblox.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:30 GMT
content-encoding: br
server: LiteSpeed
content-length: 162
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 menhgia.php Show response
mail.trungtamroblox.com/api/ 392 B
179 B 512ms
512ms XHR
text/html 103.200.23.160
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.trungtamroblox.com/api/menhgia.php
Requested by: Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/template/theme/assets/frontend/plugins/jquery/jquery-2.1.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: host160.vietnix.vn
Software: LiteSpeed /
Resource Hash: 60ce1d4a2bfc9670c16c208944d2299aac3168f08bf926c0067738f46f7858bd

Request headers

Accept: */*
Referer: https://mail.trungtamroblox.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:30 GMT
content-encoding: br
server: LiteSpeed
content-length: 142
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 zknca76k52.gif
img.upanh.tv/2022/06/20/ 4 MB
4 MB 1350ms
1320ms Image
image/gif 2606:4700:3038::6815:e9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.upanh.tv/2022/06/20/zknca76k52.gif
Requested by: Host: mail.trungtamroblox.com
URL: https://mail.trungtamroblox.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:e9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 479906420d561ae742df7a9778b926625ad167bc36adff3dd7189597684e439c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.trungtamroblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:31 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 28AFA7CC6C6CFA47:A
alt-svc: h3=":443"; ma=86400
content-length: 4465701
x-amz-id-2: AvkdDhnEFy6AnKLuI6SShmQieJ8rJozUMKLhjHFW3uyxAETLNmap0MgG7xAwRa17DJN1n2n45VJ6
last-modified: Mon, 20 Jun 2022 07:10:07 GMT
server: cloudflare
etag: "f8232bcd45fa73ee19afc75b91c9c651"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=28GzI7m8qtoZJM0Jnup2JOrJ59xxJfL78%2F%2Bvk8But7ZL1%2F0LemGOeQD3jRwYYPnOIk8xb9xhakZO0PZ6%2BXfhhH9TsGBvGKfyevSSglCIZYuCF2qeriCa4se2IJ719ycQwwzdN%2Fsn6wx%2BNYg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 812975181a7e3a43-FRA

GET
H2 200 www-player.css
www.youtube.com/s/player/4a66ccde/ Frame E16E 378 KB
48 KB 43ms
42ms Stylesheet
text/css 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4a66ccde/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xIASkC83N0E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48fe791bbe3e345fa2d9495266964a1580e390ed5d4792ecad49c714925a4600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/xIASkC83N0E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 21:29:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2262
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48950
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 01:54:50 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 06 Oct 2024 21:29:48 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E16E 15 KB
15 KB 36ms
35ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xIASkC83N0E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 06:47:09 GMT
x-content-type-options: nosniff
age: 55221
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Oct 2024 06:47:09 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E16E 15 KB
15 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xIASkC83N0E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 21:26:35 GMT
x-content-type-options: nosniff
age: 175255
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 21:26:35 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/4a66ccde/player_ias.vflset/de_DE/ Frame E16E 54 KB
17 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xIASkC83N0E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08b13a5961fffca30fc0a549563aa898c554f5f9d3e6c381c398547f6b02b644

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/xIASkC83N0E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 08:56:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306662
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17035
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 01:54:50 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 03 Oct 2024 08:56:28 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/4a66ccde/www-embed-player.vflset/ Frame E16E 316 KB
95 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4a66ccde/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xIASkC83N0E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c666eed618c53177e2e8233f33fd4d1f3ff8afc61ea339a15ffa2d1d6461538a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/xIASkC83N0E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 21:38:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1766
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96853
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 01:54:50 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 06 Oct 2024 21:38:04 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/4a66ccde/player_ias.vflset/de_DE/ Frame E16E 2 MB
787 KB 79ms
79ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xIASkC83N0E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f1f4f1ba51ead3481418ac13fc4a1e511a2db55afc68869bcbe3384a1e59071

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/xIASkC83N0E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 08:56:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 306662
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 805318
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 01:54:50 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 03 Oct 2024 08:56:28 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame E16E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

48ms
47ms

XHR
application/json

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xIASkC83N0E

Protocol

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82934244f634b8e3363382769f4b7718a2e7bfcdac3b813607267d3bc1c61b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 07 Oct 2023 22:07:31 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame E16E 29 B
495 B 124ms
39ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:00:32 GMT
x-content-type-options: nosniff
age: 419
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Oct 2023 22:15:32 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 131ms
45ms Preflight
text/html 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 07 Oct 2023 22:07:31 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame E16E 68 KB
32 KB 55ms
54ms XHR
application/json+protobuf 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cb47af9f67a6dbf2ed24f58cc05573662e9a96c95ffaa32377ee4fcc0e84e820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 07 Oct 2023 22:07:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32091
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4a66ccde/player_ias.vflset/de_DE/ Frame E16E 116 KB
33 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c89f8e1feb8fbe2f9cc3c82546df36f66a3a65cf3772799e4c6f448e03bd678e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/xIASkC83N0E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 08:57:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33715
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 01:54:50 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 03 Oct 2024 08:57:29 GMT

GET
H2 200 t4fJDjrajMFffKEPgt5ujlKGQZX2brfqiHRjwjXPczQ.js Show response
www.google.com/js/th/ Frame E16E 37 KB
15 KB 122ms
38ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/t4fJDjrajMFffKEPgt5ujlKGQZX2brfqiHRjwjXPczQ.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b787c90e3ada8cc15f7ca10f82de6e8e52864195f66eb7ea887463c235cf7334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 02:25:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14630
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 17:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Oct 2024 02:25:00 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/xIASkC83N0E/ Frame E16E 99 KB
99 KB 138ms
39ms Image
image/jpeg 2a00:1450:4001:812::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/xIASkC83N0E/maxresdefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xIASkC83N0E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5118ddf58525d18b5c56b26ef4e61ce909e5e1cbd853124a7d6767ce7264123a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:30 GMT
x-content-type-options: nosniff
age: 1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100896
x-xss-protection: 0
server: sffe
etag: "1694226674"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 08 Oct 2023 00:07:30 GMT

GET
DATA 200
OK truncated
/ Frame E16E 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 OkJie0vYXJI2rmqotBHSvvnW_GgPjZA2bJTwNno9GOqPEk2BvZ_FiO-HLfd5H-g9LcmhnUzfwA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame E16E 3 KB
3 KB 138ms
36ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/OkJie0vYXJI2rmqotBHSvvnW_GgPjZA2bJTwNno9GOqPEk2BvZ_FiO-HLfd5H-g9LcmhnUzfwA=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xIASkC83N0E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

58f9571c64566825f334e8be6d6d8801bdd8d6c37a79089a916132f81355f68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 20:28:57 GMT
x-content-type-options: nosniff
age: 5914
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2925
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 08 Oct 2023 20:28:57 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E16E 12 KB
12 KB 39ms
38ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xIASkC83N0E

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:22:47 GMT
x-content-type-options: nosniff
age: 258284
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11936
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Oct 2024 22:22:47 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E16E 5 KB
5 KB 39ms
38ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7WxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xIASkC83N0E

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dfa6a82824cf2be6bb8543de6ef56b87daae5dd63f9e68c88f02697f94af740

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 11:25:34 GMT
x-content-type-options: nosniff
age: 384117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5224
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Oct 2024 11:25:34 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame E16E 4 KB
2 KB 130ms
46ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 07 Oct 2023 22:07:31 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame E16E 0
10 B 38ms
37ms Image
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?2JgKUg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/xIASkC83N0E
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/xIASkC83N0E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 22:07:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 47ms
46ms Preflight
text/html 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 07 Oct 2023 22:07:31 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame E16E 90 B
134 B 49ms
48ms XHR
application/json+protobuf 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

95703816fe50c444131907a527dbbc76f2ca793c55b52253ff11f3d923a3c623

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 07 Oct 2023 22:07:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/117/ Frame E16E 51 KB
15 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/117/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 15:57:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15373
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 15:05:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 08 Oct 2023 15:57:56 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame E16E 28 B
54 B 55ms
53ms XHR
application/json 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
X-Goog-Request-Time: 1696716453380
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/xIASkC83N0E
X-YouTube-Client-Version: 1.20231003.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: Cgt5QkNqcmJUbkxJcyiirYepBjIICgJERRICEgA%3D
X-YouTube-Ad-Signals: dt=1696716450833&flash=0&frm=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C753%2C350&vis=1&wgl=true&ca_type=image

Response headers

date: Sat, 07 Oct 2023 22:07:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sat, 07 Oct 2023 22:07:33 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.facebook.com
URL: https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2518ba9a2538dc%26domain%3Dmail.trungtamroblox.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmail.trungtamroblox.com%252Ff38e39f3a07c6dc%26relation%3Dparent.parent&current_url=https%3A%2F%2Fmail.trungtamroblox.com%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=vi_VN&log_id=c733ac23-5889-4732-b2f7-0035ceaab7ae&page_id=113074611388259&request_time=1696716450481&sdk=joey&should_use_new_domain=false&suppress_http_code=1

Domain: www.facebook.com
URL: https://www.facebook.com/plugins/customer_chat/facade/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2518ba9a2538dc%26domain%3Dmail.trungtamroblox.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmail.trungtamroblox.com%252Ff38e39f3a07c6dc%26relation%3Dparent.parent&current_url=https%3A%2F%2Fmail.trungtamroblox.com%2F&is_loaded_by_facade=true&locale=vi_VN&log_id=c733ac23-5889-4732-b2f7-0035ceaab7ae&page_id=113074611388259&request_time=1696716450481&sdk=joey&should_use_new_domain=false&suppress_http_code=1

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mail.trungtamroblox.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0faa4c419002fa31916e7a53255aafb5
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: Xg0ab1HPnfg
.youtube.com/	1970-01-20 19:37:48	Name: VISITOR_INFO1_LIVE Value: yBCjrbTnLIs

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://demonstore.shop/assets/img/flicker.gif Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://mail.trungtamroblox.com/ Message: Access to XMLHttpRequest at 'https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2518ba9a2538dc%26domain%3Dmail.trungtamroblox.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmail.trungtamroblox.com%252Ff38e39f3a07c6dc%26relation%3Dparent.parent&current_url=https%3A%2F%2Fmail.trungtamroblox.com%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=vi_VN&log_id=c733ac23-5889-4732-b2f7-0035ceaab7ae&page_id=113074611388259&request_time=1696716450481&sdk=joey&should_use_new_domain=false&suppress_http_code=1' from origin 'https://mail.trungtamroblox.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2518ba9a2538dc%26domain%3Dmail.trungtamroblox.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmail.trungtamroblox.com%252Ff38e39f3a07c6dc%26relation%3Dparent.parent&current_url=https%3A%2F%2Fmail.trungtamroblox.com%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=vi_VN&log_id=c733ac23-5889-4732-b2f7-0035ceaab7ae&page_id=113074611388259&request_time=1696716450481&sdk=joey&should_use_new_domain=false&suppress_http_code=1 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://mail.trungtamroblox.com/ Message: Access to XMLHttpRequest at 'https://www.facebook.com/plugins/customer_chat/facade/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2518ba9a2538dc%26domain%3Dmail.trungtamroblox.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmail.trungtamroblox.com%252Ff38e39f3a07c6dc%26relation%3Dparent.parent&current_url=https%3A%2F%2Fmail.trungtamroblox.com%2F&is_loaded_by_facade=true&locale=vi_VN&log_id=c733ac23-5889-4732-b2f7-0035ceaab7ae&page_id=113074611388259&request_time=1696716450481&sdk=joey&should_use_new_domain=false&suppress_http_code=1' from origin 'https://mail.trungtamroblox.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.facebook.com/plugins/customer_chat/facade/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2518ba9a2538dc%26domain%3Dmail.trungtamroblox.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmail.trungtamroblox.com%252Ff38e39f3a07c6dc%26relation%3Dparent.parent&current_url=https%3A%2F%2Fmail.trungtamroblox.com%2F&is_loaded_by_facade=true&locale=vi_VN&log_id=c733ac23-5889-4732-b2f7-0035ceaab7ae&page_id=113074611388259&request_time=1696716450481&sdk=joey&should_use_new_domain=false&suppress_http_code=1 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.datatables.net
cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
demonstore.shop
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hanoimobile.vn
i.imgur.com
i.ytimg.com
img.upanh.tv
imgur.com
jnn-pa.googleapis.com
mail.trungtamroblox.com
static.doubleclick.net
unpkg.com
www.facebook.com
www.google.com
www.gstatic.com
www.youtube.com
youtube.com
yt3.ggpht.com
www.facebook.com
103.200.23.160
146.75.120.193
199.232.196.193
2606:4700:10::ac43:e8b
2606:4700:3038::6815:e9c6
2606:4700::6810:5614
2606:4700::6810:7caf
2606:4700::6811:180e
2a00:1450:4001:801::2003
2a00:1450:4001:801::200a
2a00:1450:4001:806::200a
2a00:1450:4001:806::200e
2a00:1450:4001:80f::2006
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:812::2004
2a00:1450:4001:812::2016
2a00:1450:4001:829::2001
2a00:1450:4001:829::200e
2a03:2880:f084:105:face:b00c:0:3
2a06:98c1:3121::3
42.112.30.39
06d38e256fa08f4d88fc665202fd56ebe6680ea7c6ad7e0e98b638452c21a825
08b13a5961fffca30fc0a549563aa898c554f5f9d3e6c381c398547f6b02b644
09157ed9222cf4abc019f4bd7632e6883dc6f264a5969d4bc32f1e9bef98651d
0c90e30513afce89df4a05bf3421dc6771f0cf918eea82a29bcbd64e8ba53967
0df5a33710e433de1f5415b1d47e4130ca7466aee5b81955f1045c4844bbb3ed
0dfa6a82824cf2be6bb8543de6ef56b87daae5dd63f9e68c88f02697f94af740
1134ba75ccbe496459b707b549d37c6a6b204d86f02ee678ba64c07980f89eb6
1f1f4f1ba51ead3481418ac13fc4a1e511a2db55afc68869bcbe3384a1e59071
1fc734c80933766675fda9c9a1f867289de58d1e6ddc85621e1a37eb506a22ba
223d601e88c26b2ea17543a5b60c7dbfdf2c6bddd92614af40232e894f34b652
267d7e881bfe440ec22e504a58edd746fce25c67db57d14ee90f1075310f5940
28762ea362d067f6cdfc31442f0255cbf2998d5f388672e6156378ca30f2514b
2944868ff972d8d744004100daa99513d864183764505363d42b9f504d9bfe7a
2e40bead9cdb36412578196519d28035ee67c47d109d18e7e216f0da55be1e3a
2f4f901450186bdce3b853b9225953d36fdf83b835637bcfdfed60594d92694e
30fa70635379ae1b58491bc41572760c1f3c8445265436a5fec4c36a197e4121
38cdd8374f3dab605c85e9a5da2373f37bc5f535c1f994b4bebcbe945824bf45
3cc9781a58054c05b9412130f3edba56b5aab53aa6da702a5ee6702b0329857f
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f63164ff0f908bb4162cd5c58bd91e3e5e019a5b3b7caefe3733815b3656514
43193176ef77030ad34673f96fad80aebc860b2a8b11418e3cc9170688d7ff35
44d5fe80ae053f2d7dca114254c1ca1ae7abc095cd99d36af113e78fa3493a2c
479906420d561ae742df7a9778b926625ad167bc36adff3dd7189597684e439c
48fe791bbe3e345fa2d9495266964a1580e390ed5d4792ecad49c714925a4600
5118ddf58525d18b5c56b26ef4e61ce909e5e1cbd853124a7d6767ce7264123a
5427973b9a0315cb6951147e4b7ac4c9b1f4fffadf827c566d21c82423c69623
57b0cece766a47beabbf2d2da5ae6d6b75e108aa5669555e38123bd9f1d701e8
58f9571c64566825f334e8be6d6d8801bdd8d6c37a79089a916132f81355f68a
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
60ce1d4a2bfc9670c16c208944d2299aac3168f08bf926c0067738f46f7858bd
612553e6a88fa4e0196ef0c81f332c75ce887d471b1dd0abe2c3bd05ce861353
67443c3e2b3a31a2d1039888e7e35979079e927a96d6c95ed3a947facc024d6b
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
771792c29967271ab7d5dc2d674b532eb7e621105faaa0f1375672e920f319ef
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b7b1fa1deb5354522f67f666901417b9acce4ab0e0ffc7b7c7bc585bead1e30
7d143e7f0831eec9d70d319ea48e7c6c333e42bd9df13c198c0b39a3cc6a51f2
7fa7d6e3b4039b59b4d4721ea7e523a42a4dc0b56405829df9f8696f8550fa01
82934244f634b8e3363382769f4b7718a2e7bfcdac3b813607267d3bc1c61b5a
874cad10027313f3620a770d4a338369833ed5b3913f0793cb8500361b19e6ea
8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2
8c85869906d27589ef9f4af9c7b4e50e7303835e929df4c0b03656f7b0441a18
92aa27aae201bbb1fafe8a4be71ab94c1c3d8ef17a085ff40636775c794cee13
94cfd328275495589e7aded5913745ec4c552bdeb9bc87da732af766b491fa36
95703816fe50c444131907a527dbbc76f2ca793c55b52253ff11f3d923a3c623
98b08f56975bd8717a7490d09919b27efb00f19bd53eef8e225c78d39174a047
9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8
a14d71c9fa9719eae556f9589eaa64b6e9e2b9c89a7f0784f1c9f06ff4fbf2d5
a443599b665cfcd9a13fc46056624c65f518c06ee47925c4a940c58164b1b799
ae1b952722e8297601f246c542205e30d25321b73153e0bd88f0a694e592f593
b787c90e3ada8cc15f7ca10f82de6e8e52864195f66eb7ea887463c235cf7334
b7eaf0683081d1ec178eafefff2c407475fe4e69e0d7104e0121f72dcdd1c4d2
be000dd9f3dde05e61469d7846067b1c346fb9953024b70cbf8ab66fadfc57f8
bf3fbb19e9654fa5727bc1312cd4b8bd54d23adb70168da4315cead4666f7dc8
c666eed618c53177e2e8233f33fd4d1f3ff8afc61ea339a15ffa2d1d6461538a
c89f8e1feb8fbe2f9cc3c82546df36f66a3a65cf3772799e4c6f448e03bd678e
cb47af9f67a6dbf2ed24f58cc05573662e9a96c95ffaa32377ee4fcc0e84e820
cccef55ef7bf38bf8d0cf226e6e3c3bec27f9b1cc78476b6ace3d60bd93e84ce
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
df6d4fc52f8f3af6ef59c215a1165e4667f7daaedf4c5409db56d7c133564446
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e938ccaf6d664fa5663d08d918ef5be0c049b5794fa469c91ed9afee32399c51
eb4e9a7c8f0e7cf65b165b82069819cd3ef2fe3ce52cc8b4fccfd1ad38295e1c
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f3d7854a5e060542337a731983a1f0c053e1d7412dd69b4ffdebc37e9028eeac
fb28c76cb5f82cad6884749c775459e5511b6f210b79691e311f06b5d60c0536

mail.trungtamroblox.com Open in urlscan Pro 103.200.23.160 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

74 Requests

95 %HTTPS

82 %IPv6

18 Domains

23 Subdomains

21 IPs

3 Countries

6797 kBTransfer

10520 kBSize

3 Cookies

10 Outgoing links

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

mail.trungtamroblox.com Open in urlscan Pro
103.200.23.160 Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

95 %
HTTPS

82 %
IPv6

18
Domains

23
Subdomains

21
IPs

3
Countries

6797 kB
Transfer

10520 kB
Size

3
Cookies

74 HTTP transactions
1 data transactions