urlscan.io logo urlscan.io
SecurityTrails logo

baovesusonglcxt.com Open in urlscan Pro
148.66.138.107  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://baovesusonglcxt.com/b/gb/?w7a.V1&6vl-H5342
Effective URL: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Submission: On January 30 via manual from AU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 11 domains to perform 60 HTTP transactions. The main IP is 148.66.138.107, located in Singapore, Singapore and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is baovesusonglcxt.com.
This is the only time baovesusonglcxt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

35    148.66.138.107 (Singapore, Singapore)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
baovesusonglcxt.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    35.209.34.170 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 170.34.209.35.bc.googleusercontent.com
demo.themegrill.com
1    45.32.229.51 (Seattle, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 45.32.229.51.vultr.com
themegrilldemos.com
2    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
11    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
youtu.be
2    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:813::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
Apex Domain
Subdomains		 Transfer
35 baovesusonglcxt.com
baovesusonglcxt.com
376 KB
11 youtube.com
www.youtube.com — Cisco Umbrella Rank: 92
748 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
263 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
static.doubleclick.net — Cisco Umbrella Rank: 356
1 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 13
14 KB
2 themegrill.com
demo.themegrill.com
558 B
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 109
5 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 206
5 KB
1 youtu.be
youtu.be — Cisco Umbrella Rank: 5472
1 KB
1 themegrilldemos.com
themegrilldemos.com
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
1 KB
60 11
Domain Requested by
35 baovesusonglcxt.com 1 redirects baovesusonglcxt.com
11 www.youtube.com baovesusonglcxt.com
www.youtube.com
6 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 www.google.com baovesusonglcxt.com
www.youtube.com
2 demo.themegrill.com 2 redirects
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 youtu.be 1 redirects
1 www.gstatic.com www.google.com
1 themegrilldemos.com baovesusonglcxt.com
1 fonts.googleapis.com baovesusonglcxt.com
60 13

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.youtube.com
themegrill.com
youtu.be
wordpress.org
Subject Issuer Validity Valid
www.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Frame ID: EB8350CDACC6A040BCC0A1A96AB35823
Requests: 51 HTTP requests in this frame

Frame: https://www.youtube.com/embed/kHIKtlT52fI?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=http%3A%2F%2Fbaovesusonglcxt.com&widgetid=1
Frame ID: 39A0C5C6E14CC94FBDC8F0B3DE23CAAC
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Page not found – Nhóm Bảo Vệ Sự Sống Lòng Chúa Xót Thương

Page URL History Show full URLs

  1. http://baovesusonglcxt.com/b/gb/?w7a.V1&6vl-H5342 HTTP 301
    http://baovesusonglcxt.com/d/mpmb/ofrh.aspx Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

60
Requests

32 %
HTTPS

77 %
IPv6

11
Domains

13
Subdomains

12
IPs

3
Countries

1413 kB
Transfer

4119 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://baovesusonglcxt.com/b/gb/?w7a.V1&6vl-H5342 HTTP 301
    http://baovesusonglcxt.com/d/mpmb/ofrh.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • http://demo.themegrill.com/colormag/wp-content/uploads/sites/20/2015/03/728x90.png HTTP 301
  • https://demo.themegrill.com/colormag/wp-content/uploads/sites/20/2015/03/728x90.png HTTP 301
  • https://themegrilldemos.com/colormag/wp-content/uploads/sites/20/2015/03/728x90.png
Request Chain 48
  • https://youtu.be/kHIKtlT52fI?_=1 HTTP 303
  • https://www.youtube.com/watch?_=1&v=kHIKtlT52fI&feature=youtu.be
Request Chain 56
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

60 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ofrh.aspx
baovesusonglcxt.com/d/mpmb/
Redirect Chain
  • http://baovesusonglcxt.com/b/gb/?w7a.V1&6vl-H5342
  • http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
28 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Protocol
HTTP/1.1
Server
148.66.138.107 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache / PHP/7.3.33
Resource Hash
22d51baee8626c4ea4914457cfa138fbeb123405bf70422537d0e3dcaf1922c5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Sun, 30 Jan 2022 06:59:18 GMT
Server
Apache
X-Powered-By
PHP/7.3.33
X-LiteSpeed-Tag
78f_HTTP.404
Expires
Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control
no-cache, must-revalidate, max-age=0
Link
<http://baovesusonglcxt.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Sun, 30 Jan 2022 06:59:17 GMT
Server
Apache
X-Powered-By
PHP/7.3.33
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Location
/d/mpmb/ofrh.aspx
Content-Length
0
Keep-Alive
timeout=5
Content-Type
text/html; charset=UTF-8
style.min.css
baovesusonglcxt.com/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://baovesusonglcxt.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.3
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Protocol
HTTP/1.1
Server
148.66.138.107 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 06:59:19 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Sep 2021 04:05:58 GMT
Server
Apache
ETag
"6ca02f3-13abe-5cae72efad580-gzip"
Vary
Accept-Encoding
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
text/css
Keep-Alive
timeout=5
Content-Length
10523
wp-emoji-release.min.js
baovesusonglcxt.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://baovesusonglcxt.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.3
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Protocol
HTTP/1.1
Server
148.66.138.107 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 06:59:19 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Jun 2021 22:15:12 GMT
Server
Apache
ETag
"6ca08fb-4705-5c4487ddedc00-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
4930
dashicons.min.css
baovesusonglcxt.com/wp-includes/css/ 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://baovesusonglcxt.com/wp-includes/css/dashicons.min.css?ver=5.8.3
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Protocol
HTTP/1.1
Server
148.66.138.107 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 06:59:20 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Mar 2021 21:16:22 GMT
Server
Apache
ETag
"6ca034c-e688-5bca85cdbf580-gzip"
Vary
Accept-Encoding
Upgrade
h2,h2c
Transfer-Encoding
chunked
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
text/css
Keep-Alive
timeout=5
everest-forms.css
baovesusonglcxt.com/wp-content/plugins/everest-forms/assets/css/ 		31 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://baovesusonglcxt.com/wp-content/plugins/everest-forms/assets/css/everest-forms.css?ver=1.8.3
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Protocol
HTTP/1.1
Server
148.66.138.107 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
d65c38e7d99edadf29ed29f841b4fb83b0a2d014f6e815fa4c3b0f6439cebd8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 06:59:20 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Jan 2022 11:30:27 GMT
Server
Apache
ETag
"6ca0bf2-7dc9-5d5c57abbc432-gzip"
Vary
Accept-Encoding
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
text/css
Keep-Alive
timeout=5
Content-Length
3987
junkie-shortcodes.css
baovesusonglcxt.com/wp-content/plugins/theme-junkie-shortcodes/assets/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://baovesusonglcxt.com/wp-content/plugins/theme-junkie-shortcodes/assets/css/junkie-shortcodes.css?ver=5.8.3
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Protocol
HTTP/1.1
Server
148.66.138.107 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
43e01213dfe9f3b23f9de93c6d81e78313c61d379eb891f1c41c7a7e39a014c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 06:59:20 GMT
Content-Encoding
gzip
Last-Modified
Thu, 31 Aug 2017 02:32:10 GMT
Server
Apache
ETag
"6b00ea2-2820-5580373881e80-gzip"
Vary
Accept-Encoding
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
text/css
Keep-Alive
timeout=5
Content-Length
2084
style.css
baovesusonglcxt.com/wp-content/themes/colormag/ 		78 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://baovesusonglcxt.com/wp-content/themes/colormag/style.css?ver=2.1.0
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Protocol
HTTP/1.1
Server
148.66.138.107 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
64e6c847b43f135af65a335bdf981f8729399643a1b790bf492226f5db1a5b0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 06:59:20 GMT
Content-Encoding
gzip
Last-Modified
Sun, 26 Sep 2021 07:38:37 GMT
Server
Apache
ETag
"6b0459e-1397e-5cce111821940-gzip"
Vary
Accept-Encoding
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
text/css
Keep-Alive
timeout=5
Content-Length
13182
magnific-popup.min.css
baovesusonglcxt.com/wp-content/themes/colormag/js/magnific-popup/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://baovesusonglcxt.com/wp-content/themes/colormag/js/magnific-popup/magnific-popup.min.css?ver=2.1.0
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Protocol
HTTP/1.1
Server
148.66.138.107 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
e529245e8867300ffd2b6f6c1e5b36d41ce8c71a9eb7cbdec52360c0be7b0017

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 06:59:20 GMT
Content-Encoding
gzip
Last-Modified
Sun, 26 Sep 2021 07:38:34 GMT
Server
Apache
ETag
"6b04577-1463-5cce111545280-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1556
font-awesome.min.css
baovesusonglcxt.com/wp-content/themes/colormag/fontawesome/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://baovesusonglcxt.com/wp-content/themes/colormag/fontawesome/css/font-awesome.min.css?ver=2.1.0
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Protocol
HTTP/1.1
Server
148.66.138.107 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 06:59:20 GMT
Content-Encoding
gzip
Last-Modified
Sun, 26 Sep 2021 07:38:36 GMT
Server
Apache
ETag
"6b2000f-791c-5cce11172d700-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
7057
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600&1&display=swap&ver=2.1.0
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Protocol
HTTP/1.1
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9f48eb2c2d5c8044b5197f52d003cc7af37f13361d7a95d1d5c05baa5668d92c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 06:59:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Sun, 30 Jan 2022 06:59:19 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Sun, 30 Jan 2022 06:59:19 GMT
jquery.min.js
baovesusonglcxt.com/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://baovesusonglcxt.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Protocol
HTTP/1.1
Server
148.66.138.107 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 06:59:20 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Mar 2021 15:07:24 GMT
Server
Apache
ETag
"6ca0863-15db1-5bd3006388300-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
30908
jquery-migrate.min.js
baovesusonglcxt.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://baovesusonglcxt.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Protocol
HTTP/1.1
Server
148.66.138.107 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 06:59:20 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Nov 2020 09:06:06 GMT
Server
Apache
ETag
"6ca085b-2bd8-5b45debe27b80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
4169
cropped-file-png.jpg
baovesusonglcxt.com/wp-content/uploads/2020/04/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://baovesusonglcxt.com/wp-content/uploads/2020/04/cropped-file-png.jpg
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Protocol
HTTP/1.1
Server
148.66.138.107 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
e1a0d15770cc4823d2e7ecd64c3fa7446ffff8640bd90334ede7ab536b2d975f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 06:59:21 GMT
Last-Modified
Wed, 22 Apr 2020 15:06:39 GMT
Server
Apache
ETag
"6b03cd3-cae6-5a3e27aa31dc0"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
51942
728x90.png
themegrilldemos.com/colormag/wp-content/uploads/sites/20/2015/03/
Redirect Chain
  • http://demo.themegrill.com/colormag/wp-content/uploads/sites/20/2015/03/728x90.png
  • https://demo.themegrill.com/colormag/wp-content/uploads/sites/20/2015/03/728x90.png
  • https://themegrilldemos.com/colormag/wp-content/uploads/sites/20/2015/03/728x90.png
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://themegrilldemos.com/colormag/wp-content/uploads/sites/20/2015/03/728x90.png
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Protocol
H2
Server
45.32.229.51 Seattle, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.32.229.51.vultr.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

date
Sun, 30 Jan 2022 06:59:21 GMT
server
nginx
x-proxy-cache-info
0301 NC:000000 UP:
content-type
text/html; charset=iso-8859-1
location
https://themegrilldemos.com/colormag/wp-content/uploads/sites/20/2015/03/728x90.png
host-header
6b7412fb82ca5edfd0917e3957f05d89
content-length
291
x-proxy-cache
MISS
api.js
www.google.com/recaptcha/ 		919 B
996 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=wp_recaptchaLoadCallback&render=explicit
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
544586e67a5a6fe81af03cc115223704c8c6903f9d7f21a71800e82553d9d090
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 06:59:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
583
x-xss-protection
1; mode=block
expires
Sun, 30 Jan 2022 06:59:20 GMT
mediaelementplayer-legacy.min.css
baovesusonglcxt.com/wp-includes/js/mediaelement/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://baovesusonglcxt.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Protocol
HTTP/1.1
Server
148.66.138.107 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 06:59:20 GMT
Content-Encoding
gzip
Last-Modified
Tue, 29 Sep 2020 15:53:06 GMT
Server
Apache
ETag
"6ca08ca-2bf8-5b075c75d5c80-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
2592
wp-mediaelement.min.css
baovesusonglcxt.com/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://baovesusonglcxt.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.8.3
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Protocol
HTTP/1.1
Server
148.66.138.107 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 06:59:20 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Jun 2019 20:45:02 GMT
Server
Apache
ETag
"6ca08d1-105a-58ac1e7924f80-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1156
core.min.js
baovesusonglcxt.com/wp-includes/js/jquery/ui/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://baovesusonglcxt.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Protocol
HTTP/1.1
Server
148.66.138.107 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 06:59:20 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Mar 2021 17:48:23 GMT
Server
Apache
ETag
"6ca0873-5133-5bdd334ac27c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
6865
accordion.min.js
baovesusonglcxt.com/wp-includes/js/jquery/ui/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://baovesusonglcxt.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.12.1
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Protocol
HTTP/1.1
Server
148.66.138.107 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
638caa40d39dec20d95e4119187482e3c5939616252d96ded196b05c2e1cfc27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 06:59:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Jan 2021 13:35:18 GMT
Server
Apache
ETag
"6ca089b-21d7-5b955069f1180-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
2717
tabs.min.js
baovesusonglcxt.com/wp-includes/js/jquery/ui/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://baovesusonglcxt.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.12.1
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Protocol
HTTP/1.1
Server
148.66.138.107 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
d75561e1329acbfb10dd90ae27ac97aac6d6081e89700a8eaba0ae5ab0156c5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 06:59:20 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Mar 2021 17:48:23 GMT
Server
Apache
ETag
"6ca086b-2e8b-5bdd334ac27c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
3909
junkie-shortcodes.js
baovesusonglcxt.com/wp-content/plugins/theme-junkie-shortcodes/assets/js/ 		529 B
596 B 		Script
General
Check archive.org
Download Go to
Full URL
http://baovesusonglcxt.com/wp-content/plugins/theme-junkie-shortcodes/assets/js/junkie-shortcodes.js
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Protocol
HTTP/1.1
Server
148.66.138.107 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
92b840865fb96e1d7f95ce8e84a5dbd69d93b7fb8d8de532a80f3f261bfe3afe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 06:59:20 GMT
Content-Encoding
gzip
Last-Modified
Thu, 31 Aug 2017 02:32:10 GMT
Server
Apache
ETag
"6b00e9d-211-5580373881e80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
263
jquery.bxslider.min.js
baovesusonglcxt.com/wp-content/themes/colormag/js/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://baovesusonglcxt.com/wp-content/themes/colormag/js/jquery.bxslider.min.js?ver=2.1.0
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Protocol
HTTP/1.1
Server
148.66.138.107 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
0157d11106d6b70289099fd1ce1f7bea3a9dfbb46cee3994edb07ce765bb92fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 06:59:21 GMT
Content-Encoding
gzip
Last-Modified
Sun, 26 Sep 2021 07:38:33 GMT
Server
Apache
ETag
"6b0456a-5d92-5cce111451040-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
6152
jquery.sticky.min.js
baovesusonglcxt.com/wp-content/themes/colormag/js/sticky/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://baovesusonglcxt.com/wp-content/themes/colormag/js/sticky/jquery.sticky.min.js?ver=2.1.0
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Protocol
HTTP/1.1
Server
148.66.138.107 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
f9f94cc2cf984a2a8df89c1250c04396bc950e577b4143d5539ca88fb46de91b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 06:59:21 GMT
Content-Encoding
gzip
Last-Modified
Sun, 26 Sep 2021 07:38:33 GMT
Server
Apache
ETag
"6b04571-1087-5cce111451040-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1478
jquery.newsTicker.min.js
baovesusonglcxt.com/wp-content/themes/colormag/js/news-ticker/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://baovesusonglcxt.com/wp-content/themes/colormag/js/news-ticker/jquery.newsTicker.min.js?ver=2.1.0
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Protocol
HTTP/1.1
Server
148.66.138.107 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
830afbea215ec452ea905a7e4705cf3ea2bad82c2278f755791d85be2d5e2eb1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 06:59:21 GMT
Content-Encoding
gzip
Last-Modified
Sun, 26 Sep 2021 07:38:33 GMT
Server
Apache
ETag
"6b0456e-d6d-5cce111451040-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1077
jquery.magnific-popup.min.js
baovesusonglcxt.com/wp-content/themes/colormag/js/magnific-popup/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://baovesusonglcxt.com/wp-content/themes/colormag/js/magnific-popup/jquery.magnific-popup.min.js?ver=2.1.0
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Protocol
HTTP/1.1
Server
148.66.138.107 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
ea37b726a887afb5fc602e41e00d785142ad4db5f257009f4440d47850660445

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 06:59:21 GMT
Content-Encoding
gzip
Last-Modified
Sun, 26 Sep 2021 07:38:34 GMT
Server
Apache
ETag
"6b04576-4d9e-5cce111545280-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
7198
navigation.min.js
baovesusonglcxt.com/wp-content/themes/colormag/js/ 		2 KB
988 B 		Script
General
Check archive.org
Download Go to
Full URL
http://baovesusonglcxt.com/wp-content/themes/colormag/js/navigation.min.js?ver=2.1.0
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Protocol
HTTP/1.1
Server
148.66.138.107 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
5b84335d42b38d3122349f53b20dd6a5cb0f45d1e45e5683fd572bcdda8c04a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 06:59:21 GMT
Content-Encoding
gzip
Last-Modified
Sun, 26 Sep 2021 07:38:34 GMT
Server
Apache
ETag
"6b0457b-61f-5cce111545280-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
655
jquery.fitvids.min.js
baovesusonglcxt.com/wp-content/themes/colormag/js/fitvids/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://baovesusonglcxt.com/wp-content/themes/colormag/js/fitvids/jquery.fitvids.min.js?ver=2.1.0
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Protocol
HTTP/1.1
Server
148.66.138.107 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
8994924c0f3ab4474ee0a7c04417ad84933c4467cc9192fcb60b9774f15f5990

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 06:59:21 GMT
Content-Encoding
gzip
Last-Modified
Sun, 26 Sep 2021 07:38:33 GMT
Server
Apache
ETag
"6b04567-6da-5cce111451040-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
774
skip-link-focus-fix.min.js
baovesusonglcxt.com/wp-content/themes/colormag/js/ 		325 B
575 B 		Script
General
Check archive.org
Download Go to
Full URL
http://baovesusonglcxt.com/wp-content/themes/colormag/js/skip-link-focus-fix.min.js?ver=2.1.0
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Protocol
HTTP/1.1
Server
148.66.138.107 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
53f829ae556bf7011727483015d83a98bcdb4b5796eecb728827c1282c971536

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 06:59:21 GMT
Content-Encoding
gzip
Last-Modified
Sun, 26 Sep 2021 07:38:34 GMT
Server
Apache
ETag
"6b0457e-145-5cce111545280-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
242
colormag-custom.min.js
baovesusonglcxt.com/wp-content/themes/colormag/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://baovesusonglcxt.com/wp-content/themes/colormag/js/colormag-custom.min.js?ver=2.1.0
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Protocol
HTTP/1.1
Server
148.66.138.107 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
2b32be0979cb9f2119bd22563ed89560525c15a8edfd6e662a1968314783f689

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 06:59:21 GMT
Content-Encoding
gzip
Last-Modified
Sun, 26 Sep 2021 07:38:34 GMT
Server
Apache
ETag
"6b0457d-b0a-5cce111545280-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1089
wp-embed.min.js
baovesusonglcxt.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://baovesusonglcxt.com/wp-includes/js/wp-embed.min.js?ver=5.8.3
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Protocol
HTTP/1.1
Server
148.66.138.107 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 06:59:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Jan 2021 15:29:24 GMT
Server
Apache
ETag
"6ca083f-592-5b83cfce57d00-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
765
mediaelement-and-player.min.js
baovesusonglcxt.com/wp-includes/js/mediaelement/ 		154 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://baovesusonglcxt.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Protocol
HTTP/1.1
Server
148.66.138.107 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 06:59:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 29 Sep 2020 15:53:06 GMT
Server
Apache
ETag
"6ca08db-267aa-5b075c75d5c80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
38657
mediaelement-migrate.min.js
baovesusonglcxt.com/wp-includes/js/mediaelement/ 		1 KB
877 B 		Script
General
Check archive.org
Download Go to
Full URL
http://baovesusonglcxt.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.8.3
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Protocol
HTTP/1.1
Server
148.66.138.107 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
7f34b768792b90cf0b04fced2470e43d8fab7644f6565d5178fbfb49c4859cee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 06:59:22 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Jan 2021 15:29:24 GMT
Server
Apache
ETag
"6ca08c9-4a9-5b83cfce57d00-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
544
wp-mediaelement.min.js
baovesusonglcxt.com/wp-includes/js/mediaelement/ 		906 B
808 B 		Script
General
Check archive.org
Download Go to
Full URL
http://baovesusonglcxt.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.8.3
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Protocol
HTTP/1.1
Server
148.66.138.107 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 06:59:22 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Jan 2021 13:35:18 GMT
Server
Apache
ETag
"6ca08d3-38a-5b955069f1180-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
475
vimeo.min.js
baovesusonglcxt.com/wp-includes/js/mediaelement/renderers/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://baovesusonglcxt.com/wp-includes/js/mediaelement/renderers/vimeo.min.js?ver=4.2.16
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Protocol
HTTP/1.1
Server
148.66.138.107 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
722a90d42ef2bd0ea38f0fdac6b4c0523aa4a027e9ffe889972100746e165582

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 06:59:22 GMT
Content-Encoding
gzip
Last-Modified
Tue, 29 Sep 2020 15:53:06 GMT
Server
Apache
ETag
"6ca08d6-1940-5b075c75d5c80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
2284
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600&1&display=swap&ver=2.1.0
Protocol
HTTP/1.1
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://baovesusonglcxt.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 26 Jan 2022 11:15:35 GMT
X-Content-Type-Options
nosniff
Age
330225
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
44656
X-XSS-Protection
0
Last-Modified
Thu, 28 Oct 2021 00:30:43 GMT
Server
sffe
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="apps-themes"
Expires
Thu, 26 Jan 2023 11:15:35 GMT
fontawesome-webfont.woff2
baovesusonglcxt.com/wp-content/themes/colormag/fontawesome/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://baovesusonglcxt.com/wp-content/themes/colormag/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/wp-content/themes/colormag/fontawesome/css/font-awesome.min.css?ver=2.1.0
Protocol
HTTP/1.1
Server
148.66.138.107 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
http://baovesusonglcxt.com/wp-content/themes/colormag/fontawesome/css/font-awesome.min.css?ver=2.1.0
Origin
http://baovesusonglcxt.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 06:59:21 GMT
Last-Modified
Sun, 26 Sep 2021 07:38:34 GMT
Server
Apache
ETag
"6b20009-12d68-5cce111545280"
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
77160
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v27/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600&1&display=swap&ver=2.1.0
Protocol
HTTP/1.1
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3bbdc376b0d9f6584950084b59e7fffc02ca3da87ea543bafe19d4a5e1b9f0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://baovesusonglcxt.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 20:18:18 GMT
X-Content-Type-Options
nosniff
Age
384062
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
31272
X-XSS-Protection
0
Last-Modified
Thu, 28 Oct 2021 00:30:45 GMT
Server
sffe
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="apps-themes"
Expires
Wed, 25 Jan 2023 20:18:18 GMT
35266393_1289646064471968_5048804399422373888_n-350x210.jpg
baovesusonglcxt.com/wp-content/uploads/2018/06/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://baovesusonglcxt.com/wp-content/uploads/2018/06/35266393_1289646064471968_5048804399422373888_n-350x210.jpg
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Protocol
HTTP/1.1
Server
148.66.138.107 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
14b55f7574dab8ed26ad6e73e1db81cd45d65b147057d3b4b21a9cdd4ace4895

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 06:59:21 GMT
Last-Modified
Thu, 14 Jun 2018 16:14:50 GMT
Server
Apache
ETag
"6b03228-4786-56e9c66129280"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
18310
truncated
/ 		547 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		177 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		351 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		242 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
recaptcha__de.js
www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/ 		355 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=wp_recaptchaLoadCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaf591220d6075ab9638f2ddebc32f5fc1d996c359f8c3a9b1f056a7e46dd6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://baovesusonglcxt.com/
Origin
http://baovesusonglcxt.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 29 Jan 2022 20:11:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38884
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143285
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 05:03:25 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 29 Jan 2023 20:11:17 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
fonts.gstatic.com/s/opensans/v27/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600&1&display=swap&ver=2.1.0
Protocol
HTTP/1.1
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f15a96cccf7336dc4e930d84c395a235bc4536b6d47b69305680f426a51552df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://baovesusonglcxt.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 26 Jan 2022 11:12:00 GMT
X-Content-Type-Options
nosniff
Age
330440
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
14020
X-XSS-Protection
0
Last-Modified
Thu, 28 Oct 2021 00:30:46 GMT
Server
sffe
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="apps-themes"
Expires
Thu, 26 Jan 2023 11:12:00 GMT
player_api
www.youtube.com/ 		980 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/player_api
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
329a39ab474db744dd4b3ab9ab10fa5d1a45e36a0428232f18390409b9b64b01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 06:59:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
expires
Sun, 30 Jan 2022 06:59:22 GMT
mejs-controls.svg
baovesusonglcxt.com/wp-includes/js/mediaelement/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://baovesusonglcxt.com/wp-includes/js/mediaelement/mejs-controls.svg
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Protocol
HTTP/1.1
Server
148.66.138.107 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
ad55816ac6c62f214e60a1913ff4f0215ab329034cbc7436a5514941449ca7b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 30 Jan 2022 06:59:22 GMT
Last-Modified
Tue, 01 Aug 2017 04:43:51 GMT
Server
Apache
ETag
"6ca08dc-11f6-555a9cb3a8fc0"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
4598
watch
www.youtube.com/
Redirect Chain
  • https://youtu.be/kHIKtlT52fI?_=1
  • https://www.youtube.com/watch?_=1&v=kHIKtlT52fI&feature=youtu.be
0
0 		Media
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/watch?_=1&v=kHIKtlT52fI&feature=youtu.be
Requested by
Host: baovesusonglcxt.com
URL: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Protocol
H2
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

date
Sun, 30 Jan 2022 06:59:22 GMT
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
location
https://www.youtube.com/watch?_=1&v=kHIKtlT52fI&feature=youtu.be
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"ATmXEA-sBTmFNeq0fgnf2lbHCfMYdIvvSknZD-c-","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA-sBTmFNeq0fgnf2lbHCfMYdIvvSknZD-c-"}]}
content-type
application/binary
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA-sBTmFNeq0fgnf2lbHCfMYdIvvSknZD-c-"
expires
Mon, 01 Jan 1990 00:00:00 GMT
www-widgetapi.js
www.youtube.com/s/player/495d0f2b/www-widgetapi.vflset/ 		146 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/495d0f2b/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/player_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13981d9c52845e37ee092024bca57dac8e3a897e6261d22b6cab604659e41cc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 06:25:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
2009
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48252
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 01:14:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 30 Jan 2023 06:25:53 GMT
kHIKtlT52fI
www.youtube.com/embed/ Frame 39A0 		60 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/kHIKtlT52fI?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=http%3A%2F%2Fbaovesusonglcxt.com&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/495d0f2b/www-widgetapi.vflset/www-widgetapi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
66f6ce207e4fd6c9516c6329bcd27faa6f786e2c2c3b9a67d4cadf3590f7c930
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://baovesusonglcxt.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 30 Jan 2022 06:59:22 GMT
strict-transport-security
max-age=31536000
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
report-to
{"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
www-player-webp.css
www.youtube.com/s/player/495d0f2b/ Frame 39A0 		340 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/495d0f2b/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/kHIKtlT52fI?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=http%3A%2F%2Fbaovesusonglcxt.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59e623fb78cdfb931ce91f7d2b52fd78f3051ddfcc12ff164dc42e766cd51d3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/kHIKtlT52fI?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=http%3A%2F%2Fbaovesusonglcxt.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 16:56:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
223343
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47680
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 01:14:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 27 Jan 2023 16:56:59 GMT
www-embed-player.js
www.youtube.com/s/player/495d0f2b/www-embed-player.vflset/ Frame 39A0 		272 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/495d0f2b/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/kHIKtlT52fI?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=http%3A%2F%2Fbaovesusonglcxt.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e1a64a841a7b050a878fcdf203634dd56456d0f869eecd28adb6fbf13ba29d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/kHIKtlT52fI?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=http%3A%2F%2Fbaovesusonglcxt.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 16:56:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
223350
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
85839
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 01:14:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 27 Jan 2023 16:56:52 GMT
base.js
www.youtube.com/s/player/495d0f2b/player_ias.vflset/de_DE/ Frame 39A0 		2 MB
534 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/495d0f2b/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/kHIKtlT52fI?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=http%3A%2F%2Fbaovesusonglcxt.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c209fa187d4db456c8a122677a9946b89aca10889d31db77c6b1166d0de6a0f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/kHIKtlT52fI?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=http%3A%2F%2Fbaovesusonglcxt.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 16:57:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
223302
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
546412
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 01:14:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 27 Jan 2023 16:57:40 GMT
fetch-polyfill.js
www.youtube.com/s/player/495d0f2b/fetch-polyfill.vflset/ Frame 39A0 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/495d0f2b/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/kHIKtlT52fI?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=http%3A%2F%2Fbaovesusonglcxt.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/kHIKtlT52fI?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=http%3A%2F%2Fbaovesusonglcxt.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 16:56:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
223350
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 01:14:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 27 Jan 2023 16:56:52 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 39A0 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/kHIKtlT52fI?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=http%3A%2F%2Fbaovesusonglcxt.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 11:18:05 GMT
x-content-type-options
nosniff
age
416477
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 25 Jan 2023 11:18:05 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 39A0
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/kHIKtlT52fI?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=http%3A%2F%2Fbaovesusonglcxt.com&widgetid=1
Protocol
H3
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ecdac654997293d5fe5eb12496fe9dabd147f93de30ce07738b5de20dfebff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 06:59:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 30 Jan 2022 06:59:23 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 39A0 		29 B
586 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/495d0f2b/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 06:59:18 GMT
x-content-type-options
nosniff
age
5
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 30 Jan 2022 07:14:18 GMT
Wb0DkGRDS8rigmwPgFLRuQusKZQPatlmaEupOYZWOXc.js
www.google.com/js/th/ Frame 39A0 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/Wb0DkGRDS8rigmwPgFLRuQusKZQPatlmaEupOYZWOXc.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/495d0f2b/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59bd039064434bcae2826c0f8052d1b90bac29940f6ad966684ba93986563977
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 29 Jan 2022 13:43:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
62141
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13292
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 29 Jan 2023 13:43:42 GMT
embed.js
www.youtube.com/s/player/495d0f2b/player_ias.vflset/de_DE/ Frame 39A0 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/495d0f2b/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/495d0f2b/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98b07d86cfbf0838199a30ec5d4d5c33050562238bf6ff05627ebee7db819e17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/kHIKtlT52fI?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=http%3A%2F%2Fbaovesusonglcxt.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 16:57:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
223302
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7617
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 01:14:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 27 Jan 2023 16:57:41 GMT
truncated
/ Frame 39A0 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
AKedOLTFlZ7hWYkdQj6R7JII_cO-b9EbkLVmKoXYQce6uQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 39A0 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLTFlZ7hWYkdQj6R7JII_cO-b9EbkLVmKoXYQce6uQ=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/kHIKtlT52fI?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=http%3A%2F%2Fbaovesusonglcxt.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e09d6f5b77670a49fe6d210d64a64002ade987d9098ea60dea250b9277fa022d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 06:59:23 GMT
x-content-type-options
nosniff
server
fife
etag
"vd7d"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4418
x-xss-protection
0
expires
Mon, 31 Jan 2022 06:59:23 GMT
default.webp
i.ytimg.com/vi_webp/kHIKtlT52fI/ Frame 39A0 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/kHIKtlT52fI/default.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/kHIKtlT52fI?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=http%3A%2F%2Fbaovesusonglcxt.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcc9c98f9806a9e43979738a9aa7d100a9cb3f4f7683f4877fb5959c38b429a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 06:59:23 GMT
x-content-type-options
nosniff
server
sffe
etag
"1493197893"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4978
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 30 Jan 2022 08:59:23 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 39A0 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/kHIKtlT52fI?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=http%3A%2F%2Fbaovesusonglcxt.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 18:59:49 GMT
x-content-type-options
nosniff
age
388774
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11936
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:01 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 25 Jan 2023 18:59:49 GMT
generate_204
www.youtube.com/ Frame 39A0 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?YpUYhQ
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/kHIKtlT52fI?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=http%3A%2F%2Fbaovesusonglcxt.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/kHIKtlT52fI?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=http%3A%2F%2Fbaovesusonglcxt.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 06:59:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 39A0 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/kHIKtlT52fI?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=http%3A%2F%2Fbaovesusonglcxt.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0dfa6a82824cf2be6bb8543de6ef56b87daae5dd63f9e68c88f02697f94af740
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 20:22:38 GMT
x-content-type-options
nosniff
age
297405
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5224
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 20:22:38 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 39A0 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/495d0f2b/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/kHIKtlT52fI?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=http%3A%2F%2Fbaovesusonglcxt.com&widgetid=1
X-YouTube-Client-Version
1.20220126.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgsxQ3pHV2YwZ1lnNCjK7tiPBg%3D%3D
X-YouTube-Ad-Signals
dt=1643525962928&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C310%2C174&vis=1&wgl=true&ca_type=image

Response headers

date
Sun, 30 Jan 2022 06:59:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Sun, 30 Jan 2022 06:59:25 GMT

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _wpemojiSettings object| twemoji object| wp undefined| $ function| jQuery object| recaptcha_widgets function| wp_recaptchaLoadCallback string| c object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| mejsL10n object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady function| DefaultPlayer function| MediaElementPlayer object| _wpmejsSettings object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions

2 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: IsxBSYMaQN4
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 1CzGWf0gYg4

3 Console Messages

Source Level URL
Text
network error URL: http://baovesusonglcxt.com/d/mpmb/ofrh.aspx
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://themegrilldemos.com/colormag/wp-content/uploads/sites/20/2015/03/728x90.png
Message:
Failed to load resource: the server responded with a status of 500 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-full-version-list'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

baovesusonglcxt.com
demo.themegrill.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
static.doubleclick.net
themegrilldemos.com
www.google.com
www.gstatic.com
www.youtube.com
youtu.be
yt3.ggpht.com
148.66.138.107
2a00:1450:4001:803::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:811::2006
2a00:1450:4001:813::2001
2a00:1450:4001:813::2016
2a00:1450:4001:829::200e
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2004
35.209.34.170
45.32.229.51
0157d11106d6b70289099fd1ce1f7bea3a9dfbb46cee3994edb07ce765bb92fc
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
0dfa6a82824cf2be6bb8543de6ef56b87daae5dd63f9e68c88f02697f94af740
0eaf591220d6075ab9638f2ddebc32f5fc1d996c359f8c3a9b1f056a7e46dd6e
13981d9c52845e37ee092024bca57dac8e3a897e6261d22b6cab604659e41cc4
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
14b55f7574dab8ed26ad6e73e1db81cd45d65b147057d3b4b21a9cdd4ace4895
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
1fcc9c98f9806a9e43979738a9aa7d100a9cb3f4f7683f4877fb5959c38b429a
22d51baee8626c4ea4914457cfa138fbeb123405bf70422537d0e3dcaf1922c5
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b32be0979cb9f2119bd22563ed89560525c15a8edfd6e662a1968314783f689
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
329a39ab474db744dd4b3ab9ab10fa5d1a45e36a0428232f18390409b9b64b01
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550
43e01213dfe9f3b23f9de93c6d81e78313c61d379eb891f1c41c7a7e39a014c8
443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008
53f829ae556bf7011727483015d83a98bcdb4b5796eecb728827c1282c971536
544586e67a5a6fe81af03cc115223704c8c6903f9d7f21a71800e82553d9d090
59bd039064434bcae2826c0f8052d1b90bac29940f6ad966684ba93986563977
59e623fb78cdfb931ce91f7d2b52fd78f3051ddfcc12ff164dc42e766cd51d3c
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5b84335d42b38d3122349f53b20dd6a5cb0f45d1e45e5683fd572bcdda8c04a2
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
638caa40d39dec20d95e4119187482e3c5939616252d96ded196b05c2e1cfc27
64e6c847b43f135af65a335bdf981f8729399643a1b790bf492226f5db1a5b0e
66f6ce207e4fd6c9516c6329bcd27faa6f786e2c2c3b9a67d4cadf3590f7c930
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6e1a64a841a7b050a878fcdf203634dd56456d0f869eecd28adb6fbf13ba29d4
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
722a90d42ef2bd0ea38f0fdac6b4c0523aa4a027e9ffe889972100746e165582
7ecdac654997293d5fe5eb12496fe9dabd147f93de30ce07738b5de20dfebff6
7f34b768792b90cf0b04fced2470e43d8fab7644f6565d5178fbfb49c4859cee
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
830afbea215ec452ea905a7e4705cf3ea2bad82c2278f755791d85be2d5e2eb1
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8994924c0f3ab4474ee0a7c04417ad84933c4467cc9192fcb60b9774f15f5990
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
92b840865fb96e1d7f95ce8e84a5dbd69d93b7fb8d8de532a80f3f261bfe3afe
98b07d86cfbf0838199a30ec5d4d5c33050562238bf6ff05627ebee7db819e17
9f48eb2c2d5c8044b5197f52d003cc7af37f13361d7a95d1d5c05baa5668d92c
ad55816ac6c62f214e60a1913ff4f0215ab329034cbc7436a5514941449ca7b9
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c209fa187d4db456c8a122677a9946b89aca10889d31db77c6b1166d0de6a0f8
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
d65c38e7d99edadf29ed29f841b4fb83b0a2d014f6e815fa4c3b0f6439cebd8a
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d75561e1329acbfb10dd90ae27ac97aac6d6081e89700a8eaba0ae5ab0156c5f
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e09d6f5b77670a49fe6d210d64a64002ade987d9098ea60dea250b9277fa022d
e1a0d15770cc4823d2e7ecd64c3fa7446ffff8640bd90334ede7ab536b2d975f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bbdc376b0d9f6584950084b59e7fffc02ca3da87ea543bafe19d4a5e1b9f0e
e529245e8867300ffd2b6f6c1e5b36d41ce8c71a9eb7cbdec52360c0be7b0017
ea37b726a887afb5fc602e41e00d785142ad4db5f257009f4440d47850660445
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f15a96cccf7336dc4e930d84c395a235bc4536b6d47b69305680f426a51552df
f9f94cc2cf984a2a8df89c1250c04396bc950e577b4143d5539ca88fb46de91b