fakebill.dungkon.me Open in urlscan Pro
188.114.97.3  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response fakebill.dungkon.me/	25 KB 7 KB	661ms 625ms	Document text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fakebill.dungkon.me/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e70d616b0355c1c19f3d703e43aeb4fd1a224df7156cfcb59fa0960bf1b7ccf4 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8b453e714d2d5c1a-FRA content-encoding br content-type text/html date Fri, 16 Aug 2024 23:35:59 GMT last-modified Tue, 11 Apr 2023 18:09:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=miNkqw9PC2fKWf0C9IQVAm31rKt1MypWLuYwU3TXzLI7fwu4tmAuBR171wiqPhKgWckZ%2B8I03p3%2BL89wrJGeMfobJJjNXe1pcANc2BvoDX1gcY468qrKkml577ZjRZ05VNHCVZTl"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H3	200	bootstrap.min.css fakebill.dungkon.me/assets/	181 KB 27 KB	884ms 883ms	Stylesheet text/css	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fakebill.dungkon.me/assets/bootstrap.min.css Requested by Host: fakebill.dungkon.me URL: https://fakebill.dungkon.me/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 46c89ed1ac57bcfab95fa2165086dfdff15e53c87823dbdaa7d5c049a56882ea Request headers Referer https://fakebill.dungkon.me/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 23:36:00 GMT content-encoding br cf-cache-status MISS last-modified Tue, 11 Apr 2023 17:19:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vEzNSUP9%2BI3Bmcco%2FwDVmoQep1%2Bul84DuY0njN5ZfDi17VUwdpvxrwYgU%2BiitalgG9M2Ub6BnJQ9u0YhqbB68SmvYQOOgUKXsNoazm0lZYfrhTKlVKZskEXyLSRGJI5hFjW6WPLk"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 cf-ray 8b453e754f535c1a-FRA alt-svc h3=":443"; ma=86400 expires Fri, 23 Aug 2024 23:35:59 GMT
GET H3	200	mdb.min.css fakebill.dungkon.me/assets/	735 KB 75 KB	1233ms 1231ms	Stylesheet text/css	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fakebill.dungkon.me/assets/mdb.min.css Requested by Host: fakebill.dungkon.me URL: https://fakebill.dungkon.me/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 97b4940f5007a5fb1e3883a2a71b11573a989a5b2b490c4266cd739b8c253ed3 Request headers Referer https://fakebill.dungkon.me/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 23:36:00 GMT content-encoding br cf-cache-status MISS last-modified Tue, 11 Apr 2023 18:02:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PAOkTG6F67R84e3Euhcbo6llUk7nl7YcYhYITuTJxqmA4UW%2B2PY9YQTimbmNhqQUjKzzsdiVu5KMJVgHEhdxQgXOsh7%2BkYi%2FgOmROIJBNVXZVQMlTzA6kjmS7gu5wLbjSplx%2BFfO"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 cf-ray 8b453e754f565c1a-FRA alt-svc h3=":443"; ma=86400 expires Fri, 23 Aug 2024 23:35:59 GMT
GET H3	200	theme.css fakebill.dungkon.me/assets/	40 KB 9 KB	640ms 637ms	Stylesheet text/css	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fakebill.dungkon.me/assets/theme.css Requested by Host: fakebill.dungkon.me URL: https://fakebill.dungkon.me/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 10d6787a22572965ed7c3296ba0d6bbe2580bfc0af57dc7333a14342a4008ccc Request headers Referer https://fakebill.dungkon.me/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 23:36:00 GMT content-encoding br cf-cache-status MISS last-modified Tue, 11 Apr 2023 18:01:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QSmXiXYiXunOargUfnIOCzvH4OuVZCFwT3xz0AKnxpEUVGiuCLH0T4tLrCcQ%2F0ZmQwyH4zPKMrzQUG8bYuIkXPvvniBhcuRACIUTr1sw2SnyERF7jWohCv8vvUidjPUi%2FTJsNT9Q"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 cf-ray 8b453e754f575c1a-FRA alt-svc h3=":443"; ma=86400 expires Fri, 23 Aug 2024 23:35:59 GMT
GET H3	200	user.css fakebill.dungkon.me/assets/	22 KB 5 KB	606ms 604ms	Stylesheet text/css	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fakebill.dungkon.me/assets/user.css Requested by Host: fakebill.dungkon.me URL: https://fakebill.dungkon.me/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1acc871b8a4a055c4e55d36bc32d0db67d054149679f83903e626f189aec0e7 Request headers Referer https://fakebill.dungkon.me/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 23:36:00 GMT content-encoding br cf-cache-status MISS last-modified Tue, 11 Apr 2023 17:50:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GOUgo0VpzzhfUZp9WufPcol6eMnl2XjE4IlhGsGh6fDb8VDwJtIj5RhGvWXNUpgwSsP5kXAGM25Ag2Hfy3FK21V0lz16%2BdJuaG%2B5weZN0em8OBQl2aUK1lNXBPWOa%2B6tJvI3nSH8"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 cf-ray 8b453e754f585c1a-FRA alt-svc h3=":443"; ma=86400 expires Fri, 23 Aug 2024 23:35:59 GMT
GET H3	200	giaodien.css fakebill.dungkon.me/assets/	10 KB 3 KB	618ms 616ms	Stylesheet text/css	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fakebill.dungkon.me/assets/giaodien.css Requested by Host: fakebill.dungkon.me URL: https://fakebill.dungkon.me/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8c3169de76e7d9ba5dc9ebed0c2dffd92e7f26739864bcbdeb7f1e3b309f763c Request headers Referer https://fakebill.dungkon.me/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 23:36:00 GMT content-encoding br cf-cache-status MISS last-modified Tue, 11 Apr 2023 16:38:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9YEOimHWUzCactuBcHVfELF4yQ9CAj5y%2F5i6UEXIV9sCkaWzZQxk1Lpz8UfgnJpgdPZdXB%2Fk7oD2ZBLxYFE%2F51gOTha8t4A6X40IWdDB4V7Q13dDDc1Icxar%2Fbtz0Rwf36aU1bJM"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 cf-ray 8b453e754f595c1a-FRA alt-svc h3=":443"; ma=86400 expires Fri, 23 Aug 2024 23:35:59 GMT
GET H3	200	font-awesome.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/	30 KB 6 KB	57ms 30ms	Stylesheet text/css	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: fakebill.dungkon.me URL: https://fakebill.dungkon.me/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://fakebill.dungkon.me/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 23:35:59 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 100567 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 5631 last-modified Mon, 04 May 2020 16:10:07 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e5f-7918" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qcv870t3oMLiJhxKJ5NOrSyBZ7QLPg7y2LuDonv81nOd5NC9tyxuoGqMsezSnGv8QpNBNHCOJe0igvbuGhVKCO0J59S%2B%2BcoxUcqqdfTS4J0B%2B9D3ITpDjFZ70Zi0WbG49smb04Vt"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 8b453e7569779f4e-FRA expires Wed, 06 Aug 2025 23:35:59 GMT
GET H2	200	css fonts.googleapis.com/	2 KB 929 B	382ms 28ms	Stylesheet text/css	142.250.186.106 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Calistoga|Rowdies Requested by Host: fakebill.dungkon.me URL: https://fakebill.dungkon.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.106 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f10.1e100.net Software ESF / Resource Hash 0bfb91425ff02b511449e1e00e2d546d19dc2806de5727f958b53dc7b2648caf Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://fakebill.dungkon.me/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 16 Aug 2024 23:35:59 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 16 Aug 2024 23:35:59 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 16 Aug 2024 23:35:59 GMT
GET H3	404	4604357344f0d1aaafe1e8cf214cb4fb.jpg fakebill.dungkon.me/data/	708 B 708 B	611ms 609ms	Image text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://fakebill.dungkon.me/data/4604357344f0d1aaafe1e8cf214cb4fb.jpg Requested by Host: fakebill.dungkon.me URL: https://fakebill.dungkon.me/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa Request headers Referer https://fakebill.dungkon.me/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Fri, 16 Aug 2024 23:36:00 GMT content-encoding br cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w9t5NNzBkBJZThIOTe5zmYcCFi7G%2B8cn6%2Ff7U20rTRQYBQB9TP%2BNlOQTPOBTvAxrAB85ZnDt8wsI3qcc%2BGg9z59enDve1Ame0C4s1qeNyQ2Bhwnq4RoxvO7tFcILRC9Qvtg0ykC2"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control private, no-cache, no-store, must-revalidate, max-age=0 cf-ray 8b453e754f5b5c1a-FRA alt-svc h3=":443"; ma=86400
GET H2	200	4lSyggf.jpg i.imgur.com/	106 KB 107 KB	223ms 132ms	Image image/jpeg	199.232.192.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/4lSyggf.jpg Requested by Host: fakebill.dungkon.me URL: https://fakebill.dungkon.me/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.232.192.193 , United States, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 72a7158fb67d88cd0dbfc1d75b463e8cc4dec3f6f97e7254371b6b114d37f5b0 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers Referer https://fakebill.dungkon.me/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 23:35:59 GMT strict-transport-security max-age=300 x-content-type-options nosniff x-amz-cf-pop IAD89-P1 age 243529 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront, HIT, MISS content-length 108991 x-served-by cache-iad-kiad7000080-IAD, cache-mad2200102-MAD last-modified Sun, 02 Apr 2023 19:03:07 GMT server cat factory 1.0 x-timer S1723851360.663824,VS0,VE90 etag "53d383f29121f5c5de273467a1fc5f8c" access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-amz-cf-id byg3bu7axC1QgWpljM7TNwf8EbRAVFGP29HauUKUshJieHf-re2CoA== x-cache-hits 3, 0
GET		tich-xanh-icon.png andygroup.vn/wp-content/uploads/2020/02/	0 0
GET H2	200	-ejNZQxb3ZR.png static.xx.fbcdn.net/rsrc.php/v3/yI/r/	497 B 2 KB	396ms 28ms	Image image/png	157.240.253.1 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yI/r/-ejNZQxb3ZR.png Requested by Host: fakebill.dungkon.me URL: https://fakebill.dungkon.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-fra5.fbcdn.net Software / Resource Hash b9d4b9edefe1ef0b43f9fdfc10678432d6633db55c9748434e117d55bac511a8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://fakebill.dungkon.me/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 23:35:59 GMT x-content-type-options nosniff content-md5 RL6gaNfhh0CwnK65kPfFDQ== document-policy force-load-at-top x-fb-server-load 24 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 497 reporting-endpoints permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=18, rtx=0, c=12, mss=1317, tbw=2771, tp=-1, tpl=-1, uplat=3, ullat=-1 x-fb-debug Y5VhIVruiTPSglh37qhQ5V/h0jrVQKXp0bPYPG0Kx/PR/uzvQM8CnE7Ht/9PuXqT+/kjctBD+5FJFiiWquMLoA== last-modified Mon, 01 Jan 2001 08:00:00 GMT report-to {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png access-control-allow-origin * origin-agent-cluster ?1 cache-control public,max-age=31536000,immutable permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Thu, 14 Aug 2025 04:37:16 GMT
GET H2	200	a5ddc08ab76ae2370421c056f2a5a775.gif i.pinimg.com/originals/a5/dd/c0/	3 MB 3 MB	1125ms 402ms	Image image/gif	23.36.162.208 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.pinimg.com/originals/a5/dd/c0/a5ddc08ab76ae2370421c056f2a5a775.gif Requested by Host: fakebill.dungkon.me URL: https://fakebill.dungkon.me/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-162-208.deploy.static.akamaitechnologies.com Software / Resource Hash 75cc6edb43f35780d94f187885d7b0431996165dc30f7ed488e0074f2f2a88c4 Request headers Referer https://fakebill.dungkon.me/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-cdn akamai akamai-grn 0.cfd5ce17.1723851361.716c52b5 etag "492a2513db6cfd3beadd4d790da1c776" vary Origin content-type image/gif cache-control immutable, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=600 content-length 3340407 x-pinterest-cache-status-v2 Miss
GET		truonghoc.png faceslitevn.site/img/user/	0 0
GET		home-mobile.png faceslitevn.site/img/user/	0 0
GET		tinhtrang-mobile.png faceslitevn.site/img/user/	0 0
GET		ngaythamgia-mobile.png faceslitevn.site/img/user/	0 0
GET		follow-mobile.png faceslitevn.site/img/user/	0 0
GET		bxB08zNVzKB.png faceslitevn.site/img/	0 0
GET H3	200	fontawesome-webfont.woff2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/	75 KB 76 KB	64ms 37ms	Font application/octet-stream	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css Origin https://fakebill.dungkon.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 23:36:00 GMT strict-transport-security max-age=15780000 x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 260332 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 77160 last-modified Mon, 04 May 2020 16:10:07 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e5f-12d68" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DHVU7pz4PjCPvUGlasmShEWwg%2B9l%2BUSThBzXvjIXjjS%2FOhEA6PlUA8qXi2Bqo4hSPEROtER9LAaruBcI4bMPX5MDA49SXc1%2FxLvR7Ua%2FM%2B%2BsQCaad4jExw6OxoUoWfW0npbAnsNh"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 8b453e7daff39956-FRA expires Wed, 06 Aug 2025 23:36:00 GMT
GET H2	200	6NUU8F2OJg6MeR7l4e0fs8wB.woff2 fonts.gstatic.com/s/calistoga/v16/	40 KB 41 KB	1708ms 551ms	Font font/woff2	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/calistoga/v16/6NUU8F2OJg6MeR7l4e0fs8wB.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Calistoga|Rowdies Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash 9174f7c64add6f319d7b833aa0fc41e34b0e9fdec94ed9053220886f0d401566 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://fakebill.dungkon.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 14:51:34 GMT x-content-type-options nosniff age 290668 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 41424 x-xss-protection 0 last-modified Tue, 04 Jun 2024 15:39:32 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 13 Aug 2025 14:51:34 GMT
GET H2	200	ptRJTieMYPNBAK21_rBDwQ.woff2 fonts.gstatic.com/s/rowdies/v17/	17 KB 17 KB	1710ms 553ms	Font font/woff2	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/rowdies/v17/ptRJTieMYPNBAK21_rBDwQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Calistoga|Rowdies Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash de7fb3f15ad90ac01c0659dd4e37336f6791e6c70e37c4da837500d607c96a58 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://fakebill.dungkon.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 14:03:30 GMT x-content-type-options nosniff age 293552 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17704 x-xss-protection 0 last-modified Thu, 24 Aug 2023 17:22:13 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 13 Aug 2025 14:03:30 GMT
GET H2	200	6NUU8F2OJg6MeR7l4e0fvcwB8dQ.woff2 fonts.gstatic.com/s/calistoga/v16/	37 KB 37 KB	1240ms 83ms	Font font/woff2	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/calistoga/v16/6NUU8F2OJg6MeR7l4e0fvcwB8dQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Calistoga|Rowdies Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash 366b0930cbd01793f187f2fd870bf64835cf10e73b9ee2286b7e9465d68b8b93 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://fakebill.dungkon.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 14:34:23 GMT x-content-type-options nosniff age 291699 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 37812 x-xss-protection 0 last-modified Tue, 04 Jun 2024 15:39:35 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 13 Aug 2025 14:34:23 GMT
GET H2	200	6NUU8F2OJg6MeR7l4e0fvMwB8dQ.woff2 fonts.gstatic.com/s/calistoga/v16/	10 KB 10 KB	1823ms 666ms	Font font/woff2	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/calistoga/v16/6NUU8F2OJg6MeR7l4e0fvMwB8dQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Calistoga|Rowdies Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash e4990cdfa4d48e285b4111ef6beb10b075bee2646db9f335591a6db48f6022e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://fakebill.dungkon.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 23:36:02 GMT x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10136 x-xss-protection 0 last-modified Tue, 04 Jun 2024 15:39:33 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 16 Aug 2025 23:36:02 GMT
GET H2	200	ptRJTieMYPNBAK21_r5DwdbZ.woff2 fonts.gstatic.com/s/rowdies/v17/	15 KB 15 KB	1727ms 570ms	Font font/woff2	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/rowdies/v17/ptRJTieMYPNBAK21_r5DwdbZ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Calistoga|Rowdies Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash abc69cd977b84b976328d8a124484cfe4035e6421eb93ed77b851546682349d3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://fakebill.dungkon.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 14:16:14 GMT x-content-type-options nosniff age 292788 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15320 x-xss-protection 0 last-modified Thu, 24 Aug 2023 17:22:10 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 13 Aug 2025 14:16:14 GMT
GET H2	200	ptRJTieMYPNBAK21_r9DwdbZ.woff2 fonts.gstatic.com/s/rowdies/v17/	7 KB 7 KB	1444ms 288ms	Font font/woff2	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/rowdies/v17/ptRJTieMYPNBAK21_r9DwdbZ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Calistoga|Rowdies Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash 1bf1433b25ccde32542a3ea9736320c117c1c2aa6bff97edffdd78ec54527f6e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://fakebill.dungkon.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 14:45:08 GMT x-content-type-options nosniff age 291054 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7116 x-xss-protection 0 last-modified Thu, 24 Aug 2023 17:22:11 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 13 Aug 2025 14:45:08 GMT
GET H2	200	4lSyggf.jpg i.imgur.com/	106 KB 0	0ms 0ms	Other image/jpeg	199.232.192.193 FASTLY
General Check archive.org Show headers Download Go to Full URL https://i.imgur.com/4lSyggf.jpg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.232.192.193 , United States, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 72a7158fb67d88cd0dbfc1d75b463e8cc4dec3f6f97e7254371b6b114d37f5b0 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://fakebill.dungkon.me/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 16 Aug 2024 23:35:59 GMT x-content-type-options nosniff x-amz-cf-pop IAD89-P1 age 243529 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront, HIT, MISS content-length 108991 x-served-by cache-iad-kiad7000080-IAD, cache-mad2200102-MAD last-modified Sun, 02 Apr 2023 19:03:07 GMT server cat factory 1.0 x-timer S1723851360.663824,VS0,VE90 etag "53d383f29121f5c5de273467a1fc5f8c" access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-amz-cf-id byg3bu7axC1QgWpljM7TNwf8EbRAVFGP29HauUKUshJieHf-re2CoA== x-cache-hits 3, 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

andygroup.vn

URL

https://andygroup.vn/wp-content/uploads/2020/02/tich-xanh-icon.png

Domain

faceslitevn.site

URL

https://faceslitevn.site/img/user/truonghoc.png

Domain

faceslitevn.site

URL

https://faceslitevn.site/img/user/home-mobile.png

Domain

faceslitevn.site

URL

https://faceslitevn.site/img/user/tinhtrang-mobile.png

Domain

faceslitevn.site

URL

https://faceslitevn.site/img/user/ngaythamgia-mobile.png

Domain

faceslitevn.site

URL

https://faceslitevn.site/img/user/follow-mobile.png

Domain

faceslitevn.site

URL

https://faceslitevn.site/img/bxB08zNVzKB.png

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| star function| show_date_time object| BirthDay object| today number| timeold number| sectimeold number| secondsold number| msPerDay number| e_daysold number| daysold number| e_hrsold number| hrsold number| e_minsold number| minsold number| seconds

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://andygroup.vn/wp-content/uploads/2020/02/tich-xanh-icon.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://fakebill.dungkon.me/data/4604357344f0d1aaafe1e8cf214cb4fb.jpg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

andygroup.vn
cdnjs.cloudflare.com
faceslitevn.site
fakebill.dungkon.me
fonts.googleapis.com
fonts.gstatic.com
i.imgur.com
i.pinimg.com
static.xx.fbcdn.net
andygroup.vn
faceslitevn.site
104.17.24.14
142.250.186.106
142.250.186.35
157.240.253.1
188.114.97.3
199.232.192.193
23.36.162.208
0bfb91425ff02b511449e1e00e2d546d19dc2806de5727f958b53dc7b2648caf
10d6787a22572965ed7c3296ba0d6bbe2580bfc0af57dc7333a14342a4008ccc
1bf1433b25ccde32542a3ea9736320c117c1c2aa6bff97edffdd78ec54527f6e
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
366b0930cbd01793f187f2fd870bf64835cf10e73b9ee2286b7e9465d68b8b93
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
46c89ed1ac57bcfab95fa2165086dfdff15e53c87823dbdaa7d5c049a56882ea
72a7158fb67d88cd0dbfc1d75b463e8cc4dec3f6f97e7254371b6b114d37f5b0
75cc6edb43f35780d94f187885d7b0431996165dc30f7ed488e0074f2f2a88c4
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8c3169de76e7d9ba5dc9ebed0c2dffd92e7f26739864bcbdeb7f1e3b309f763c
9174f7c64add6f319d7b833aa0fc41e34b0e9fdec94ed9053220886f0d401566
97b4940f5007a5fb1e3883a2a71b11573a989a5b2b490c4266cd739b8c253ed3
abc69cd977b84b976328d8a124484cfe4035e6421eb93ed77b851546682349d3
b1acc871b8a4a055c4e55d36bc32d0db67d054149679f83903e626f189aec0e7
b9d4b9edefe1ef0b43f9fdfc10678432d6633db55c9748434e117d55bac511a8
de7fb3f15ad90ac01c0659dd4e37336f6791e6c70e37c4da837500d607c96a58
e4990cdfa4d48e285b4111ef6beb10b075bee2646db9f335591a6db48f6022e1
e70d616b0355c1c19f3d703e43aeb4fd1a224df7156cfcb59fa0960bf1b7ccf4