urlscan.io logo urlscan.io
SecurityTrails logo

xn--npth-5q5a1g.vn Open in urlscan Pro Puny
nạpthẻ.vn IDN
2606:4700:3037::ac43:c04d  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://xn--npth-5q5a1g.vn/
Effective URL: https://xn--npth-5q5a1g.vn/
Submission: On February 28 via automatic, source openphish — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 4 countries across 19 domains to perform 37 HTTP transactions. The main IP is 2606:4700:3037::ac43:c04d, located in United States and belongs to CLOUDFLARENET, US. The main domain is xn--npth-5q5a1g.vn.
TLS certificate: Issued by R3 on January 5th 2022. Valid for: 3 months.
This is the only time xn--npth-5q5a1g.vn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 103.63.212.15 135920 (EHOST-AS-...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
2 123.30.242.13 45899 (VNPT-AS-V...)
1 2a02:26f0:170... 20940 (AKAMAI-ASN1)
1 167.179.69.52 20473 (AS-CHOOPA)
1 2620:0:862:ed... 14907 (WIKIMEDIA)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 142.250.186.162 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
37 19
2    2606:4700:3037::ac43:c04d (United States)

ASN13335 (CLOUDFLARENET, US)
xn--npth-5q5a1g.vn
3    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
7    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    103.63.212.15 (Viet Nam)

ASN135920 (EHOST-AS-VN Ehost software company limited, VN)
PTR: box-103.ehost.vn
kyoo.info
1    2606:4700:10::6816:b53 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn6.aptoide.com
4    2a00:1450:4001:82a::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play-lh.googleusercontent.com
2    123.30.242.13 (Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: static.vnpt.vn
gamek.mediacdn.vn
img-cdn.2game.vn
1    2a02:26f0:1700:385::2a1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
is2-ssl.mzstatic.com
1    167.179.69.52 (Shinagawa, Japan)

ASN20473 (AS-CHOOPA, US)
PTR: 167.179.69.52.vultr.com
vietapkdl.com
1    2620:0:862:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)
upload.wikimedia.org
1    2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
www.googleadservices.com
5    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Apex Domain
Subdomains		 Transfer
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
41 KB
5 gstatic.com
fonts.gstatic.com
60 KB
4 googleusercontent.com
play-lh.googleusercontent.com — Cisco Umbrella Rank: 431
1 MB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 401
59 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6342
612 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
2 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 99
16 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 250
fonts.googleapis.com — Cisco Umbrella Rank: 35
32 KB
2 xn--npth-5q5a1g.vn
xn--npth-5q5a1g.vn
4 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 800
12 KB
1 wikimedia.org
upload.wikimedia.org — Cisco Umbrella Rank: 1915
11 KB
1 vietapkdl.com
vietapkdl.com
46 KB
1 2game.vn
img-cdn.2game.vn
91 KB
1 mzstatic.com
is2-ssl.mzstatic.com — Cisco Umbrella Rank: 1799
120 KB
1 mediacdn.vn
gamek.mediacdn.vn — Cisco Umbrella Rank: 280465
37 KB
1 aptoide.com
cdn6.aptoide.com — Cisco Umbrella Rank: 254437
357 KB
1 kyoo.info
kyoo.info
433 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 197
11 KB
37 19
Domain Requested by
7 www.googletagmanager.com xn--npth-5q5a1g.vn
5 fonts.gstatic.com fonts.googleapis.com
4 play-lh.googleusercontent.com xn--npth-5q5a1g.vn
3 cdn.jsdelivr.net xn--npth-5q5a1g.vn
2 www.google.de xn--npth-5q5a1g.vn
2 www.google.com 1 redirects xn--npth-5q5a1g.vn
2 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
2 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
2 xn--npth-5q5a1g.vn 1 redirects
1 fonts.googleapis.com xn--npth-5q5a1g.vn
1 use.fontawesome.com xn--npth-5q5a1g.vn
1 upload.wikimedia.org xn--npth-5q5a1g.vn
1 vietapkdl.com xn--npth-5q5a1g.vn
1 img-cdn.2game.vn xn--npth-5q5a1g.vn
1 is2-ssl.mzstatic.com xn--npth-5q5a1g.vn
1 gamek.mediacdn.vn xn--npth-5q5a1g.vn
1 cdn6.aptoide.com xn--npth-5q5a1g.vn
1 kyoo.info xn--npth-5q5a1g.vn
1 ajax.googleapis.com xn--npth-5q5a1g.vn
1 cdnjs.cloudflare.com xn--npth-5q5a1g.vn
37 20

This site contains no links.

Subject Issuer Validity Valid
*.xn--npth-5q5a1g.vn
R3		 2022-01-05 -
2022-04-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-03 -
2022-07-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
webmail.yeusimso.com
R3		 2022-01-31 -
2022-05-01		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.mediacdn.vn
Sectigo RSA Domain Validation Secure Server CA		 2021-06-15 -
2022-07-16		 a year crt.sh
itunes.apple.com
Apple Public EV Server RSA CA 2 - G1		 2021-06-22 -
2022-07-22		 a year crt.sh
*.2game.vn
AlphaSSL CA - SHA256 - G2		 2021-08-31 -
2022-10-02		 a year crt.sh
vietapkdl.com
R3		 2022-01-08 -
2022-04-08		 3 months crt.sh
*.wikipedia.org
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-10-19 -
2022-11-17		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://xn--npth-5q5a1g.vn/
Frame ID: 05EC3D62E96424452395C36ED01DC9D2
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cổng thanh toán game online lớn nhất thị trường Việt Nam

Page URL History Show full URLs

  1. http://xn--npth-5q5a1g.vn/ HTTP 301
    https://xn--npth-5q5a1g.vn/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

37
Requests

97 %
HTTPS

79 %
IPv6

19
Domains

20
Subdomains

19
IPs

4
Countries

2638 kB
Transfer

3126 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xn--npth-5q5a1g.vn/ HTTP 301
    https://xn--npth-5q5a1g.vn/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10833439093/?random=13051705&cv=9&fst=1646011154928&num=1&label=XaddCJbhkZEDEPXS5K0o&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2n0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fxn--npth-5q5a1g.vn%2F&tiba=C%E1%BB%95ng%20thanh%20to%C3%A1n%20game%20online%20l%E1%BB%9Bn%20nh%E1%BA%A5t%20th%E1%BB%8B%20tr%C6%B0%E1%BB%9Dng%20Vi%E1%BB%87t%20Nam&auid=1736082728.1646011155&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=EiMcYtu5PLvVx_APptiOyAk&sscte=1&crd=CNPgGw HTTP 302
  • https://www.google.com/pagead/1p-conversion/10833439093/?random=13051705&cv=9&fst=1646011154928&num=1&label=XaddCJbhkZEDEPXS5K0o&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2n0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fxn--npth-5q5a1g.vn%2F&tiba=C%E1%BB%95ng%20thanh%20to%C3%A1n%20game%20online%20l%E1%BB%9Bn%20nh%E1%BA%A5t%20th%E1%BB%8B%20tr%C6%B0%E1%BB%9Dng%20Vi%E1%BB%87t%20Nam&auid=1736082728.1646011155&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=EiMcYtu5PLvVx_APptiOyAk&random=3191369685&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/10833439093/?random=13051705&cv=9&fst=1646011154928&num=1&label=XaddCJbhkZEDEPXS5K0o&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2n0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fxn--npth-5q5a1g.vn%2F&tiba=C%E1%BB%95ng%20thanh%20to%C3%A1n%20game%20online%20l%E1%BB%9Bn%20nh%E1%BA%A5t%20th%E1%BB%8B%20tr%C6%B0%E1%BB%9Dng%20Vi%E1%BB%87t%20Nam&auid=1736082728.1646011155&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=EiMcYtu5PLvVx_APptiOyAk&random=3191369685&resp=GooglemKTybQhCsO&ipr=y&prhg=0

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
xn--npth-5q5a1g.vn/
Redirect Chain
  • http://xn--npth-5q5a1g.vn/
  • https://xn--npth-5q5a1g.vn/
10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xn--npth-5q5a1g.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c04d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.15
Resource Hash
6f4ae347b1c2b46e1accb9e858ccb0a5c42ead770a214c229f01e9add99e0c59

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 28 Feb 2022 01:19:14 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/8.0.15
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JAJxegvUm2pWi2AztBYu5vkZ7louYYm6CeDw0GKjtKER5dr4jOKQpOEZsVxRJcHJFoYR0RbBSNe7myWzHofmH7BUi42xs%2FLZcShg5movzWZGDJsV7fCU7P5tDKxazN4oyI8JRnKMkvLbjkTZE%2F2MBn8%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6e45d2d1aafd9247-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date
Mon, 28 Feb 2022 01:19:14 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Mon, 28 Feb 2022 02:19:14 GMT
Location
https://xn--npth-5q5a1g.vn/
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hy6T4e7MaRzPZTZHDqXtgLXpiAKBYfR%2F3uQS4Byrv7xBEWfMWs1wXQBk27sstQXRoXC7eqnFJbs0dSakj02kwtsfUJnYAXf3ntQzSWKvSeCZImclPauR33GZeWn4acvcq4jmMC9rQ0BydKU7hTvhnj0%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6e45d2d14a8692c9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/ 		160 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css
Requested by
Host: xn--npth-5q5a1g.vn
URL: https://xn--npth-5q5a1g.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://xn--npth-5q5a1g.vn/
Origin
https://xn--npth-5q5a1g.vn
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 01:19:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1225366
x-jsd-version
5.1.3
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19149-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6e45d2d42ddd90c7-FRA
js
www.googletagmanager.com/gtag/ 		101 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10833439093
Requested by
Host: xn--npth-5q5a1g.vn
URL: https://xn--npth-5q5a1g.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
83631415e8fa00538501d2b8c78792993c0e59aff8154ac981d2b274753b87df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--npth-5q5a1g.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 01:19:14 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40945
x-xss-protection
0
last-modified
Mon, 28 Feb 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 28 Feb 2022 01:19:14 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Requested by
Host: xn--npth-5q5a1g.vn
URL: https://xn--npth-5q5a1g.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--npth-5q5a1g.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 01:19:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
278829
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10480
timing-allow-origin
*
last-modified
Tue, 16 Mar 2021 19:29:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60510736-e7d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G0CpfYCRCCQWjO7Tjqe4wXDprCLEaPw9u70reoUIuQ7I%2FZNR0%2BVJPOoyTuAVM7PYa9NmScHoRgaQpt8sKRbIfed1GRHe2BSWCtTlNhvb1pxBy4ff1QKW%2FFoqI%2B553txL1ZHVN41rWnoE0%2BHxsnc5yNaD"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e45d2d42b91908b-FRA
expires
Sat, 18 Feb 2023 01:19:14 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: xn--npth-5q5a1g.vn
URL: https://xn--npth-5q5a1g.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--npth-5q5a1g.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 27 Feb 2022 12:37:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45705
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 27 Feb 2023 12:37:29 GMT
bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/ 		72 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/bootstrap-icons.css
Requested by
Host: xn--npth-5q5a1g.vn
URL: https://xn--npth-5q5a1g.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb18ec4bd71814b4e39a5afc8f98be0eabce2c206e811cc4796c5431665e6174
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--npth-5q5a1g.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 01:19:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1225361
x-jsd-version
1.7.2
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19157-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"11e37-gaZqnrLenLCs4BvyXVKzdrhY6WA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6e45d2d42b808fec-FRA
garena-free-fire.png
kyoo.info/wp-content/uploads/2021/07/ 		430 KB
433 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kyoo.info/wp-content/uploads/2021/07/garena-free-fire.png
Requested by
Host: xn--npth-5q5a1g.vn
URL: https://xn--npth-5q5a1g.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.63.212.15 , Viet Nam, ASN135920 (EHOST-AS-VN Ehost software company limited, VN),
Reverse DNS
box-103.ehost.vn
Software
Apache /
Resource Hash
4d23c25dbd1816b9e0c40f87fda6a37b60a32c6489baa5fe5f3ab59d1a5dab1f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--npth-5q5a1g.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 01:19:15 GMT
last-modified
Sat, 31 Jul 2021 03:24:22 GMT
server
Apache
accept-ranges
bytes
content-length
440105
vary
User-Agent
content-type
image/png
556a9a3fb2921cf09febb7e8bc69ef86_icon.png
cdn6.aptoide.com/imgs/5/5/6/ 		356 KB
357 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.aptoide.com/imgs/5/5/6/556a9a3fb2921cf09febb7e8bc69ef86_icon.png
Requested by
Host: xn--npth-5q5a1g.vn
URL: https://xn--npth-5q5a1g.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
898d7eb8ff32eca19bb48752e1f74d7c96d7e52b7db32e4064c59a4349a76632

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--npth-5q5a1g.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 01:19:14 GMT
content-encoding
gzip
cf-cache-status
HIT
age
231904
x-cache-status
HIT
cf-ray
6e45d2d55fcc8fd1-FRA
x-lb-source
lb12
last-modified
Tue, 21 Jan 2020 17:22:31 GMT
server
cloudflare
etag
W/"5e273357-5909b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
799171021
via
1.1 varnish (Varnish/6.2)
cache-control
public, max-age=259200
content-type
image/png
DzZ3En2Wuhx8Jw3FsVsSsyfzT2csAOC5n4H8a64mXmiVp-N_lweEMSY62lbX8Ksc7Ps=s180-rw
play-lh.googleusercontent.com/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/DzZ3En2Wuhx8Jw3FsVsSsyfzT2csAOC5n4H8a64mXmiVp-N_lweEMSY62lbX8Ksc7Ps=s180-rw
Requested by
Host: xn--npth-5q5a1g.vn
URL: https://xn--npth-5q5a1g.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2c2e6fcfd8a03f21f0ac639a30c2e07ea0ab9715735ff0bc7501cd2e52d884ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--npth-5q5a1g.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 27 Feb 2022 22:46:30 GMT
x-content-type-options
nosniff
age
9164
content-disposition
inline;filename="unnamed.webp"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35990
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 13 Nov 2021 13:55:17 GMT
lmtc-1598426474432707064124.png
gamek.mediacdn.vn/133514250583805952/2020/8/26/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gamek.mediacdn.vn/133514250583805952/2020/8/26/lmtc-1598426474432707064124.png
Requested by
Host: xn--npth-5q5a1g.vn
URL: https://xn--npth-5q5a1g.vn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
123.30.242.13 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
VCCloud CDN / 246.14708a0642eb101a9edcdfd197f94c09 /
Resource Hash
ad99be5ad46be8a8dfc432d792cb266f70da1baeb2314afd7b62a66ef03110ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--npth-5q5a1g.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 01:19:15 GMT
x-content-type-options
nosniff
last-modified
Thu, 01 Jul 2021 11:10:24 GMT
server
VCCloud CDN / 246.14708a0642eb101a9edcdfd197f94c09
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
x-cache
HIT from VCCloud CDN
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length
36948
x-xss-protection
1; mode=block
JRd05pyBH41qjgsJuWduRJpDeZG0Hnb0yjf2nWqO7VaGKL10-G5UIygxED-WNOc3pg
play-lh.googleusercontent.com/ 		407 KB
407 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/JRd05pyBH41qjgsJuWduRJpDeZG0Hnb0yjf2nWqO7VaGKL10-G5UIygxED-WNOc3pg
Requested by
Host: xn--npth-5q5a1g.vn
URL: https://xn--npth-5q5a1g.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
79e358cc6eeb80ca09ffe177810233ca8a9b7a775d79bdbe2f669c202a99dfde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--npth-5q5a1g.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 27 Feb 2022 22:09:11 GMT
x-content-type-options
nosniff
age
11403
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
416955
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 23 Feb 2022 06:04:01 GMT
512x512bb.jpg
is2-ssl.mzstatic.com/image/thumb/Purple62/v4/91/5f/18/915f185c-84f8-1b8b-0f1c-c0ccebca52ba/source/ 		119 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is2-ssl.mzstatic.com/image/thumb/Purple62/v4/91/5f/18/915f185c-84f8-1b8b-0f1c-c0ccebca52ba/source/512x512bb.jpg
Requested by
Host: xn--npth-5q5a1g.vn
URL: https://xn--npth-5q5a1g.vn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:385::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
daiquiri/3.0.0 /
Resource Hash
14af60065bac437cbaf6a6cc48fc88ed9b9c56b16855ff7f7e68d848c0f947aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--npth-5q5a1g.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-apple-jingle-correlation-key
S5J7J6I6SXMQFLBNHH32E7UDDA
strict-transport-security
max-age=31536000; includeSubDomains
etag
"MSwxLjE4LjItMjJBLDIwRTI0MSwxNjQyNzQwNjQwMDMxLGlzQnVpbGRWZXJzaW9uTm90U2V0LDcwNTE1LG5vRWZmZWN0"
x-b3-traceid
9753f4f91e95d902ac2d39f7a27e8318
x-daiquiri-instance
daiquiri:43624002:st44p00it-hyhk15014701:7987:21RELEASE207:daiquiri-amp-processing-shared-int-001-st
x-apple-request-uuid
9753f4f9-1e95-d902-ac2d-39f7a27e8318
b3
9753f4f91e95d902ac2d39f7a27e8318-c2ce4b3fb827a558
content-length
121779
server
daiquiri/3.0.0
x-cache
TCP_MISS from a184-86-102-24.deploy.akamaitechnologies.com (AkamaiGHost/10.7.2-39280538) (-)
apple-tk
false
last-modified
Fri, 21 Jan 2022 04:50:40 GMT
x-cache-remote
TCP_MISS from a2-20-143-149.deploy.akamaitechnologies.com (AkamaiGHost/10.7.2-39280538) (-)
apple-seq
0.0
date
Mon, 28 Feb 2022 01:19:14 GMT
apple-originating-system
UnknownOriginatingSystem
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
cache-control
no-transform, max-age=13364032
x-b3-spanid
c2ce4b3fb827a558
cdnuuid
d2c06e98-6757-46ec-b1a2-fdcab26d4c64-599538879
cw0x8EiZYDwL6x4XKKXDmfQsFDYKO4Q6xIfiyPOvgIjHCpe41QAM_rl4y0dLu0SJOdM
play-lh.googleusercontent.com/ 		493 KB
493 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/cw0x8EiZYDwL6x4XKKXDmfQsFDYKO4Q6xIfiyPOvgIjHCpe41QAM_rl4y0dLu0SJOdM
Requested by
Host: xn--npth-5q5a1g.vn
URL: https://xn--npth-5q5a1g.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
74613bd391b4567091bceb3c94bfda5752e6db101507551057a4d6adf1c679c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--npth-5q5a1g.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 00:06:18 GMT
x-content-type-options
nosniff
age
4376
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
504747
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 22 Feb 2022 13:56:02 GMT
Lien-Minh-Huyen-Thoai-ky-niem-10-nam-1.jpg
img-cdn.2game.vn/pictures/xemgame/2019/09/18/ 		90 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn.2game.vn/pictures/xemgame/2019/09/18/Lien-Minh-Huyen-Thoai-ky-niem-10-nam-1.jpg
Requested by
Host: xn--npth-5q5a1g.vn
URL: https://xn--npth-5q5a1g.vn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
123.30.242.13 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
VCCloud CDN / 246.6ebe6a0895e3986482d4c94516d94d4b /
Resource Hash
843f6db3a6300b252c57045c2e647b6f67b1c2f0829bad0b4455e70fbd40ec41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--npth-5q5a1g.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 01:19:15 GMT
x-content-type-options
nosniff
server
VCCloud CDN / 246.6ebe6a0895e3986482d4c94516d94d4b
etag
W/"PSA-K7XzQYuLCB"
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
x-cache
HIT from VCCloud CDN
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length
92194
x-xss-protection
1; mode=block
expires
Mon, 28 Feb 2022 01:09:56 GMT
wXXdqi5YTIMg84WyB3R34Jna8pxdrS20YyRZhdC5Wxm-EA-f5Pg5P2HSBe9vBCEIHz4
play-lh.googleusercontent.com/ 		371 KB
371 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/wXXdqi5YTIMg84WyB3R34Jna8pxdrS20YyRZhdC5Wxm-EA-f5Pg5P2HSBe9vBCEIHz4
Requested by
Host: xn--npth-5q5a1g.vn
URL: https://xn--npth-5q5a1g.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f0264afc61b07f981061aa559cf9201ebdb2fc58aa564b92b3e2fef3f2e53d33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--npth-5q5a1g.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 00:53:41 GMT
x-content-type-options
nosniff
age
1533
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379746
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 24 Feb 2022 07:10:15 GMT
Mobile-Legends-icon.jpg
vietapkdl.com/wp-content/uploads/2021/02/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vietapkdl.com/wp-content/uploads/2021/02/Mobile-Legends-icon.jpg
Requested by
Host: xn--npth-5q5a1g.vn
URL: https://xn--npth-5q5a1g.vn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.179.69.52 Shinagawa, Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS
167.179.69.52.vultr.com
Software
nginx / PleskLin
Resource Hash
f15cec3dade343466c75d989c5814270c45e3329bb99df039328950eda6bbe6d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--npth-5q5a1g.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 01:19:15 GMT
last-modified
Thu, 04 Nov 2021 03:59:09 GMT
server
nginx
x-powered-by
PleskLin
etag
"61835a8d-b58c"
content-type
image/jpeg
cache-control
public
accept-ranges
bytes
content-length
46476
768px-Facebook-icon-1.png
upload.wikimedia.org/wikipedia/commons/thumb/1/16/Facebook-icon-1.png/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/1/16/Facebook-icon-1.png/768px-Facebook-icon-1.png
Requested by
Host: xn--npth-5q5a1g.vn
URL: https://xn--npth-5q5a1g.vn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
71dcf6f9ad80777715ab7edc00c9074f223a4791f9a2ffcfc6a12e4ddbc0ab44
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--npth-5q5a1g.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 27 Feb 2022 03:11:05 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
79689
x-cache-status
hit-front
x-cache
cp3051 hit, cp3053 hit/1
content-disposition
inline;filename*=UTF-8''Facebook-icon-1.png
server-timing
cache;desc="hit-front", host;desc="cp3053"
content-length
10046
x-client-ip
2a03:1b20:6:f011::5e
x-object-meta-sha1base36
jh5yxjyamwmswpl5qewdk5ezolen3bc
last-modified
Sat, 11 Jul 2015 00:00:38 GMT
server
ATS/8.0.8
etag
b982179b127aba15bb89a1831dacf14d
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/png
access-control-allow-origin
*
x-timestamp
1436572837.50421
permissions-policy
interest-cohort=()
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ 		76 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js
Requested by
Host: xn--npth-5q5a1g.vn
URL: https://xn--npth-5q5a1g.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://xn--npth-5q5a1g.vn/
Origin
https://xn--npth-5q5a1g.vn
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 01:19:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1225363
x-jsd-version
5.1.3
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19165-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6e45d2d51f6890c7-FRA
all.css
use.fontawesome.com/releases/v5.6.3/css/ 		52 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by
Host: xn--npth-5q5a1g.vn
URL: https://xn--npth-5q5a1g.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--npth-5q5a1g.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 01:19:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2899562
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
8JYNFZDW93JXSRFM
x-amz-id-2
jaGAKthb2kzm7GRXMu7lSECCXYPBSj0D95Sd7lyR2cvmGUeSXZvO2Kgoq1A7I+zdvVmwsxh5U0A=
last-modified
Wed, 30 Jun 2021 15:44:33 GMT
server
cloudflare
etag
W/"dc93d584e41f8417f6b7163320d34329"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wg4PMKe%2B1R%2F5cRNyqrhaLWHCgBWoM55jq7uJoMp7joDz%2FQq0NiazNF%2FuquIHR7NtX85kRTP2UiV1R4yCszo95vhtem1j39plp0GiVtzfVEO7sUW%2FkabkwCZGTpgptn4%2BNb6Y%2Fn76wuy1J85gssanh1ql"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
6e45d2d54db7923b-FRA
css
fonts.googleapis.com/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700|Roboto+Condensed:300,400,700
Requested by
Host: xn--npth-5q5a1g.vn
URL: https://xn--npth-5q5a1g.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab30ff48a1f2bfe6e2199f91fe5513090aa4de1f1bce67d38ed260a47a84e6f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--npth-5q5a1g.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 28 Feb 2022 01:19:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 28 Feb 2022 01:19:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Feb 2022 01:19:14 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10833439093
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--npth-5q5a1g.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 01:19:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14879
x-xss-protection
0
server
cafe
etag
17635014576153706337
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 28 Feb 2022 01:19:14 GMT
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=AW-10833439093&cv=1&v=3&t=t&pid=1933287630&rv=2n0&es=1&e=gtm.init_consent&eid=1&tc=1&z=0
Requested by
Host: xn--npth-5q5a1g.vn
URL: https://xn--npth-5q5a1g.vn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--npth-5q5a1g.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Feb 2022 01:19:14 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=AW-10833439093&cv=1&v=3&t=t&pid=1933287630&rv=2n0&es=1&e=gtm.init&eid=2&tc=1&z=0
Requested by
Host: xn--npth-5q5a1g.vn
URL: https://xn--npth-5q5a1g.vn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--npth-5q5a1g.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Feb 2022 01:19:14 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=AW-10833439093&cv=1&v=3&t=t&pid=1933287630&rv=2n0&es=1&e=gtm.js&eid=3&tc=1&tr=1rep&epr=1AW.1AW&ti=1rep&z=0
Requested by
Host: xn--npth-5q5a1g.vn
URL: https://xn--npth-5q5a1g.vn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--npth-5q5a1g.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Feb 2022 01:19:14 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=AW-10833439093&cv=1&v=3&t=t&pid=1933287630&rv=2n0&es=1&e=*&eid=5&tc=1&z=0
Requested by
Host: xn--npth-5q5a1g.vn
URL: https://xn--npth-5q5a1g.vn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--npth-5q5a1g.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Feb 2022 01:19:14 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=AW-10833439093&cv=1&v=3&t=t&pid=1933287630&rv=2n0&es=1&e=gtm.dom&eid=6&tc=1&z=0
Requested by
Host: xn--npth-5q5a1g.vn
URL: https://xn--npth-5q5a1g.vn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--npth-5q5a1g.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Feb 2022 01:19:14 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700|Roboto+Condensed:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn--npth-5q5a1g.vn
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 09:48:03 GMT
x-content-type-options
nosniff
age
228671
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 25 Feb 2023 09:48:03 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700|Roboto+Condensed:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn--npth-5q5a1g.vn
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 08:01:19 GMT
x-content-type-options
nosniff
age
494275
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11860
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 22 Feb 2023 08:01:19 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700|Roboto+Condensed:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn--npth-5q5a1g.vn
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 17:56:19 GMT
x-content-type-options
nosniff
age
372175
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Feb 2023 17:56:19 GMT
KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700|Roboto+Condensed:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn--npth-5q5a1g.vn
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 21:18:23 GMT
x-content-type-options
nosniff
age
532851
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11836
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:22 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 21 Feb 2023 21:18:23 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10833439093/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10833439093/?random=1646011154925&cv=9&fst=1646011154925&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2n0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fxn--npth-5q5a1g.vn%2F&tiba=C%E1%BB%95ng%20thanh%20to%C3%A1n%20game%20online%20l%E1%BB%9Bn%20nh%E1%BA%A5t%20th%E1%BB%8B%20tr%C6%B0%E1%BB%9Dng%20Vi%E1%BB%87t%20Nam&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec6f377866ae043e308529e3167cd02c9848707f85c546897992e9310141cbf2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--npth-5q5a1g.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Feb 2022 01:19:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1094
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/10833439093/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/10833439093/?random=1646011154928&cv=9&fst=1646011154928&num=1&label=XaddCJbhkZEDEPXS5K0o&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2n0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fxn--npth-5q5a1g.vn%2F&tiba=C%E1%BB%95ng%20thanh%20to%C3%A1n%20game%20online%20l%E1%BB%9Bn%20nh%E1%BA%A5t%20th%E1%BB%8B%20tr%C6%B0%E1%BB%9Dng%20Vi%E1%BB%87t%20Nam&auid=1736082728.1646011155&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
a6f49356dfcaeab48ccc8a8166380251b5bb07ab84ed4aa7c36c07db11c7b98d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--npth-5q5a1g.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Feb 2022 01:19:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1216
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/10833439093/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10833439093/?random=13051705&cv=9&fst=1646011154928&num=1&label=XaddCJbhkZEDEPXS5K0o&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=120...
  • https://www.google.com/pagead/1p-conversion/10833439093/?random=13051705&cv=9&fst=1646011154928&num=1&label=XaddCJbhkZEDEPXS5K0o&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&...
  • https://www.google.de/pagead/1p-conversion/10833439093/?random=13051705&cv=9&fst=1646011154928&num=1&label=XaddCJbhkZEDEPXS5K0o&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/10833439093/?random=13051705&cv=9&fst=1646011154928&num=1&label=XaddCJbhkZEDEPXS5K0o&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2n0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fxn--npth-5q5a1g.vn%2F&tiba=C%E1%BB%95ng%20thanh%20to%C3%A1n%20game%20online%20l%E1%BB%9Bn%20nh%E1%BA%A5t%20th%E1%BB%8B%20tr%C6%B0%E1%BB%9Dng%20Vi%E1%BB%87t%20Nam&auid=1736082728.1646011155&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=EiMcYtu5PLvVx_APptiOyAk&random=3191369685&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Requested by
Host: xn--npth-5q5a1g.vn
URL: https://xn--npth-5q5a1g.vn/
Protocol
H3
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--npth-5q5a1g.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Feb 2022 01:19:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Feb 2022 01:19:15 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/10833439093/?random=13051705&cv=9&fst=1646011154928&num=1&label=XaddCJbhkZEDEPXS5K0o&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2n0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fxn--npth-5q5a1g.vn%2F&tiba=C%E1%BB%95ng%20thanh%20to%C3%A1n%20game%20online%20l%E1%BB%9Bn%20nh%E1%BA%A5t%20th%E1%BB%8B%20tr%C6%B0%E1%BB%9Dng%20Vi%E1%BB%87t%20Nam&auid=1736082728.1646011155&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=EiMcYtu5PLvVx_APptiOyAk&random=3191369685&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/10833439093/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10833439093/?random=1646011154925&cv=9&fst=1646010000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2n0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fxn--npth-5q5a1g.vn%2F&tiba=C%E1%BB%95ng%20thanh%20to%C3%A1n%20game%20online%20l%E1%BB%9Bn%20nh%E1%BA%A5t%20th%E1%BB%8B%20tr%C6%B0%E1%BB%9Dng%20Vi%E1%BB%87t%20Nam&async=1&fmt=3&is_vtc=1&random=1068275911&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: xn--npth-5q5a1g.vn
URL: https://xn--npth-5q5a1g.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--npth-5q5a1g.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Feb 2022 01:19:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/10833439093/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/10833439093/?random=1646011154925&cv=9&fst=1646010000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2n0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fxn--npth-5q5a1g.vn%2F&tiba=C%E1%BB%95ng%20thanh%20to%C3%A1n%20game%20online%20l%E1%BB%9Bn%20nh%E1%BA%A5t%20th%E1%BB%8B%20tr%C6%B0%E1%BB%9Dng%20Vi%E1%BB%87t%20Nam&async=1&fmt=3&is_vtc=1&random=1068275911&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: xn--npth-5q5a1g.vn
URL: https://xn--npth-5q5a1g.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--npth-5q5a1g.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Feb 2022 01:19:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700|Roboto+Condensed:300,400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ac62ad133b177d67c52cfd6b1fa821b3566637b15c3637335036aae03cf972a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn--npth-5q5a1g.vn
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 17:53:18 GMT
x-content-type-options
nosniff
age
545157
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5524
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:23 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 21 Feb 2023 17:53:18 GMT
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=AW-10833439093&cv=1&v=3&t=t&pid=1933287630&rv=2n0&es=1&e=gtm.load&eid=7&u=C&tc=1&epr=2AW&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--npth-5q5a1g.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Feb 2022 01:19:17 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone function| gtag object| dataLayer function| $ function| jQuery function| loadCSS object| google_tag_manager number| uidEvent object| bootstrap object| google_tag_data function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO

2 Cookies

Domain/Path Name / Value
.xn--npth-5q5a1g.vn/ Name: _gcl_au
Value: 1.1.1736082728.1646011155
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

1 Console Messages

Source Level URL
Text
other warning URL: https://www.googleadservices.com/pagead/conversion_async.js(Line 71)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
cdn6.aptoide.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
gamek.mediacdn.vn
googleads.g.doubleclick.net
img-cdn.2game.vn
is2-ssl.mzstatic.com
kyoo.info
play-lh.googleusercontent.com
upload.wikimedia.org
use.fontawesome.com
vietapkdl.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
xn--npth-5q5a1g.vn
103.63.212.15
123.30.242.13
142.250.186.162
167.179.69.52
2606:4700:10::6816:b53
2606:4700:3037::ac43:c04d
2606:4700::6810:135e
2606:4700::6810:5814
2620:0:862:ed1a::2:b
2a00:1450:4001:803::2003
2a00:1450:4001:803::200a
2a00:1450:4001:808::2008
2a00:1450:4001:810::2003
2a00:1450:4001:811::2004
2a00:1450:4001:813::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::2016
2a02:26f0:1700:385::2a1
2a06:98c1:3120::7
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
14af60065bac437cbaf6a6cc48fc88ed9b9c56b16855ff7f7e68d848c0f947aa
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2c2e6fcfd8a03f21f0ac639a30c2e07ea0ab9715735ff0bc7501cd2e52d884ef
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
4d23c25dbd1816b9e0c40f87fda6a37b60a32c6489baa5fe5f3ab59d1a5dab1f
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
6ac62ad133b177d67c52cfd6b1fa821b3566637b15c3637335036aae03cf972a
6f4ae347b1c2b46e1accb9e858ccb0a5c42ead770a214c229f01e9add99e0c59
71dcf6f9ad80777715ab7edc00c9074f223a4791f9a2ffcfc6a12e4ddbc0ab44
74613bd391b4567091bceb3c94bfda5752e6db101507551057a4d6adf1c679c6
79e358cc6eeb80ca09ffe177810233ca8a9b7a775d79bdbe2f669c202a99dfde
83631415e8fa00538501d2b8c78792993c0e59aff8154ac981d2b274753b87df
843f6db3a6300b252c57045c2e647b6f67b1c2f0829bad0b4455e70fbd40ec41
898d7eb8ff32eca19bb48752e1f74d7c96d7e52b7db32e4064c59a4349a76632
a6f49356dfcaeab48ccc8a8166380251b5bb07ab84ed4aa7c36c07db11c7b98d
ab30ff48a1f2bfe6e2199f91fe5513090aa4de1f1bce67d38ed260a47a84e6f1
ad99be5ad46be8a8dfc432d792cb266f70da1baeb2314afd7b62a66ef03110ed
bb18ec4bd71814b4e39a5afc8f98be0eabce2c206e811cc4796c5431665e6174
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec6f377866ae043e308529e3167cd02c9848707f85c546897992e9310141cbf2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0264afc61b07f981061aa559cf9201ebdb2fc58aa564b92b3e2fef3f2e53d33
f15cec3dade343466c75d989c5814270c45e3329bb99df039328950eda6bbe6d
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3