nro2.me Open in urlscan Pro
14.225.203.27 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://nro2.me/
Effective URL:
https://nro2.me/trang-chu
Submission: On December 06 via api (December 6th 2024, 7:49:26 pm UTC) from US — Scanned from DK

Summary HTTP 27 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 27 HTTP transactions. The main IP is 14.225.203.27, located in Hanoi, Viet Nam and belongs to VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN. The main domain is nro2.me.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on December 6th 2024. Valid for: 3 months.

This is the only time nro2.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 19	14.225.203.27 14.225.203.27	135905 (VNPT-AS-V...) (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP)
7	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3033::ac43:875d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	4

19 14.225.203.27 (Hanoi, Viet Nam) 1 redirects

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)

nro2.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

ngocrongonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:875d (United States)

ASN13335 (CLOUDFLARENET, US)

pay.teamobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	nro2.me 1 redirects nro2.me	2 MB
7	ngocrongonline.com ngocrongonline.com	214 KB
1	teamobi.com pay.teamobi.com	720 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 415	30 KB
27	4

	Domain	Requested by
19	nro2.me	1 redirects nro2.me
7	ngocrongonline.com	nro2.me
1	pay.teamobi.com	nro2.me
1	ajax.googleapis.com	nro2.me
27	4

This site contains links to these domains. Also see Links.

Domain
forum.nro2.me
dlworld.teamobi.com
dl.teamobi.com
ngocrongonline.com
play.google.com
testflight.apple.com
pay.teamobi.com

Subject Issuer	Validity	Valid
nro2.me ZeroSSL RSA Domain Secure Site CA	`2024-12-06` - `2025-03-06`	3 months	crt.sh
ngocrongonline.com WE1	`2024-10-25` - `2025-01-23`	3 months	crt.sh
upload.video.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
teamobi.com WE1	`2024-11-17` - `2025-02-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://nro2.me/trang-chu
Frame ID: 0A86C3DB794E42C81390BEA110659613
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Trang Chủ - Chú Bé Rồng Onlines - Ngọc Rồng Online

Page URL History Show full URLs

https://nro2.me/ HTTP 301
https://nro2.me/trang-chu Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

1928 kB
Transfer

2004 kB
Size

0
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://forum.nro2.me/app/index.php?for=forum&do=setting&uid=3&p=0&sz=15
Title: Diễn Đàn

Search URL Search Domain Scan URL

URL: http://dlworld.teamobi.com/?type=1

Search URL Search Domain Scan URL

URL: http://dl.teamobi.com/drive/get/Zz

Search URL Search Domain Scan URL

URL: https://ngocrongonline.com/?c=huong-dan
Title: Hướng dẫn cài

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.bluedragonss.boysss

Search URL Search Domain Scan URL

URL: http://dl.teamobi.com/drive/get/Zx

Search URL Search Domain Scan URL

URL: https://testflight.apple.com/join/0U4Dz7ne

Search URL Search Domain Scan URL

URL: https://pay.teamobi.com/?game=nr&name=

Search URL Search Domain Scan URL

URL: https://forum.nro2.me/app/index.php?for=event&do=sms&p=0&sz=15
Title: Báo Lỗi SMS

Search URL Search Domain Scan URL

URL: https://forum.nro2.me/app/index.php?for=event&do=report&p=0&sz=15
Title: Báo Lỗi thẻ

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://nro2.me/ HTTP 301
https://nro2.me/trang-chu Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request trang-chu Show response
nro2.me/
Redirect Chain

https://nro2.me/
https://nro2.me/trang-chu

19 KB
6 KB

230ms
227ms

Document
text/html

14.225.203.27
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL

https://nro2.me/trang-chu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.225.203.27 Hanoi, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

9e9298322a784c65a6ba22d7b2d7bacb19afd514872a49243bf7b61fa013d049

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 06 Dec 2024 19:49:16 GMT
Server: nginx/1.19.1
Transfer-Encoding: chunked
Upgrade: h2
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 291
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 06 Dec 2024 19:49:15 GMT
Location: https://nro2.me/trang-chu
Server: nginx/1.19.1
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK template.css
nro2.me/view/static/css/ 11 KB
12 KB 233ms
226ms Stylesheet
text/css 14.225.203.27
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL

https://nro2.me/view/static/css/template.css?v=1733118377

Requested by

Host: nro2.me
URL: https://nro2.me/trang-chu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.225.203.27 Hanoi, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

815faff99a7ec2b3f6aadf8749aeebcde70cc498730f1253e076f5994dda4a5d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nro2.me/trang-chu

Response headers

Upgrade: h2
ETag: "2dc1-628431b49b880"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11713
Date: Fri, 06 Dec 2024 19:49:16 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/css
Last-Modified: Mon, 02 Dec 2024 05:49:06 GMT
Server: nginx/1.19.1
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK eff.css
nro2.me/view/static/css/ 879 B
1 KB 460ms
226ms Stylesheet
text/css 14.225.203.27
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL

https://nro2.me/view/static/css/eff.css?v=1733118377

Requested by

Host: nro2.me
URL: https://nro2.me/trang-chu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.225.203.27 Hanoi, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

fbbc20e5a22fbcd46abecb44fb36caf73f56014a6bef9401eb72da57c6529874

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nro2.me/trang-chu

Response headers

Upgrade: h2
ETag: "36f-628431b49b880"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 879
Date: Fri, 06 Dec 2024 19:49:16 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/css
Last-Modified: Mon, 02 Dec 2024 05:49:06 GMT
Server: nginx/1.19.1
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK favicon-32x32.png
nro2.me/images/ 5 KB
6 KB 698ms
237ms Image
image/png 14.225.203.27
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nro2.me/images/favicon-32x32.png

Requested by

Host: nro2.me
URL: https://nro2.me/trang-chu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.225.203.27 Hanoi, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

8af8af1a668d810e239398e856d847bb82774908280795173706be10d89df51e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nro2.me/trang-chu

Response headers

Upgrade: h2
ETag: "1536-628430e885700"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5430
Date: Fri, 06 Dec 2024 19:49:16 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png
Last-Modified: Mon, 02 Dec 2024 05:45:32 GMT
Server: nginx/1.19.1
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK 12.png
nro2.me/images/ 2 KB
2 KB 697ms
234ms Image
image/png 14.225.203.27
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nro2.me/images/12.png

Requested by

Host: nro2.me
URL: https://nro2.me/trang-chu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.225.203.27 Hanoi, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

044d647e2ceb401dc7c7ad3e4747974b5e2f76a1a5f1fb0a70696989666fd2ac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nro2.me/trang-chu

Response headers

Upgrade: h2
ETag: "739-628431b49b880"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1849
Date: Fri, 06 Dec 2024 19:49:16 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png
Last-Modified: Mon, 02 Dec 2024 05:49:06 GMT
Server: nginx/1.19.1
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK logo_halo_2024.png
nro2.me/images/ 5 KB
6 KB 690ms
252ms Image
image/png 14.225.203.27
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nro2.me/images/logo_halo_2024.png

Requested by

Host: nro2.me
URL: https://nro2.me/trang-chu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.225.203.27 Hanoi, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

6ecdf9cc1af160837d3ee618f78a27a8a9d027142ea31f4906dc40bc701fc649

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nro2.me/trang-chu

Response headers

Upgrade: h2
ETag: "15b1-628430e885700"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5553
Date: Fri, 06 Dec 2024 19:49:16 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png
Last-Modified: Mon, 02 Dec 2024 05:45:32 GMT
Server: nginx/1.19.1
X-Frame-Options: SAMEORIGIN

GET
H3 200 banner_halo_2024.png
ngocrongonline.com/images/ 189 KB
190 KB 610ms
523ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngocrongonline.com/images/banner_halo_2024.png
Requested by: Host: nro2.me
URL: https://nro2.me/trang-chu
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b99c2e849c7e1dc5b107932ffe42e7508a29cd5cc5b37b14550002d4c52fd54

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nro2.me/

Response headers

cf-cache-status: REVALIDATED
etag: "cc74f7eeac29db1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D9dVqfKEqUQarbBbKyKakidYsTe%2Fw3OwibDqUezb0BZMO7BKx3ArsTBzROIVYdVkvrD7boW5oDdgz68hc0O9SN9ICveKOK7Z%2FASBvOTLN47GbfNaOzcvtCtbA%2BzB27MDi6Yiw83Ric9DqjyJ85i9oyw%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=39123&min_rtt=33090&rtt_var=14960&sent=24&recv=16&lost=0&retrans=0&sent_bytes=15401&recv_bytes=6414&delivery_rate=482&cwnd=12000&unsent_bytes=0&cid=f3ea3ee2df2e0ab4&ts=535&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 06 Dec 2024 19:49:16 GMT
content-type: image/png
last-modified: Tue, 29 Oct 2024 02:47:45 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8edecc599c9510eb-CPH
accept-ranges: bytes
content-length: 193724
server: cloudflare

GET
H3 200 jar.png
ngocrongonline.com/images/ 2 KB
3 KB 608ms
522ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngocrongonline.com/images/jar.png
Requested by: Host: nro2.me
URL: https://nro2.me/trang-chu
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcbe76c9c4d0fabcc97c4fa107f441fd5fd12add72fae38d5e56174292a671a4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nro2.me/

Response headers

cf-cache-status: MISS
etag: "09e7f2474fcf1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wZUNqdUHDBX1ydkHvakqtCtLrmRWKJVx%2FbG8erEdOeX5Ue2WZFWkcfz07ZHWrh1%2BV5r7w4Jy%2B9nMiRbHfPVXUzsLzmFH3ikaZ5qh13vjMGTZqSe8QHOXFi%2BOWAqcsmm4x%2BZFqhr6kAmVZjMlpJml1bY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=39123&min_rtt=33090&rtt_var=14960&sent=21&recv=16&lost=0&retrans=0&sent_bytes=12102&recv_bytes=6414&delivery_rate=482&cwnd=12000&unsent_bytes=0&cid=f3ea3ee2df2e0ab4&ts=529&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 06 Dec 2024 19:49:16 GMT
content-type: image/png
last-modified: Sun, 12 Jan 2014 08:56:12 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8edecc599c9310eb-CPH
accept-ranges: bytes
content-length: 2538
server: cloudflare

GET
H3 200 android.png
ngocrongonline.com/images/ 3 KB
4 KB 589ms
503ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngocrongonline.com/images/android.png
Requested by: Host: nro2.me
URL: https://nro2.me/trang-chu
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bbc31372e7c4ff78a24159affc40157414cef4294e4c158e1533a3848994fec

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nro2.me/

Response headers

cf-cache-status: REVALIDATED
etag: "09e7f2474fcf1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8lzARCOl0sl%2F5xwSEp0DWJW4b4bSEskHTFqxDcLiV4YFft3iUY6C5aPNSJxN3vWA%2FLgjWfve4scqDIVblHMCu4Q7iVjybnAxCgawWDJEdmIwARfmmHEcfvpqR6qcPqpyU4a77MNVozE7qRhv0ig9Hks%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=39123&min_rtt=33090&rtt_var=14960&sent=13&recv=16&lost=0&retrans=0&sent_bytes=4183&recv_bytes=6414&delivery_rate=482&cwnd=12000&unsent_bytes=0&cid=f3ea3ee2df2e0ab4&ts=511&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 06 Dec 2024 19:49:16 GMT
content-type: image/png
last-modified: Sun, 12 Jan 2014 08:56:12 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8edecc599c9110eb-CPH
accept-ranges: bytes
content-length: 3249
server: cloudflare

GET
H3 200 play.png
ngocrongonline.com/images/ 3 KB
4 KB 726ms
641ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngocrongonline.com/images/play.png
Requested by: Host: nro2.me
URL: https://nro2.me/trang-chu
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fff440c732575dd7618f5351b3120a4371d7527abcc8e4c776008d6b774f910

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nro2.me/

Response headers

cf-cache-status: REVALIDATED
etag: "02b56f211ecf1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F2bAHjEInmgRseXR76iVhXNwDTAGrq9eOdooQ3G3loBIKjqeS6pVlAuM0x%2BR1BsZf%2B8AbOU67RMCe%2F6lQd4lbWVZTy68aKbKFeiV5CC2IN7HkcSgouRqRd1YH29nOkBiG1%2FB2Bvag9qGSld9A5LG8tY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34799&min_rtt=30537&rtt_var=5812&sent=134&recv=46&lost=0&retrans=0&sent_bytes=139002&recv_bytes=7711&delivery_rate=851617&cwnd=70200&unsent_bytes=0&cid=f3ea3ee2df2e0ab4&ts=623&x=1", cfExtPri, cfHdrFlush;dur=8
date: Fri, 06 Dec 2024 19:49:16 GMT
content-type: image/png
last-modified: Fri, 10 Jan 2014 14:40:46 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8edecc599c8f10eb-CPH
accept-ranges: bytes
content-length: 3505
server: cloudflare

GET
H3 200 pc.png
ngocrongonline.com/images/ 3 KB
4 KB 601ms
517ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngocrongonline.com/images/pc.png
Requested by: Host: nro2.me
URL: https://nro2.me/trang-chu
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b5e48e865ce2ff1a301a091b6fb32214101dc927d7de3fa81aba2ddf5b8b203

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nro2.me/

Response headers

cf-cache-status: REVALIDATED
etag: "0d4a3b3c6f1ce1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KKdSyM4IjQBraUGpBLaXZ7cg7ZpwrZsZSfrVmp3NApqjbMS4KYDFwp9IohQhlCZVMgfSeZertlHx75nqqGu4eGiaru3BCw0%2BRk6Jl45MhTxPkdqvFLUEyQNN0P%2F%2FgrT2%2B%2BrqWdU2zQmCKqfrDtzdlO8%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=39123&min_rtt=33090&rtt_var=14960&sent=17&recv=16&lost=0&retrans=0&sent_bytes=8253&recv_bytes=6414&delivery_rate=482&cwnd=12000&unsent_bytes=0&cid=f3ea3ee2df2e0ab4&ts=526&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 06 Dec 2024 19:49:16 GMT
content-type: image/png
last-modified: Thu, 05 Dec 2013 14:31:36 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8edecc599c8e10eb-CPH
accept-ranges: bytes
content-length: 3058
server: cloudflare

GET
H3 200 ip.png
ngocrongonline.com/images/ 4 KB
4 KB 725ms
641ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngocrongonline.com/images/ip.png
Requested by: Host: nro2.me
URL: https://nro2.me/trang-chu
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 246620d08bbf1598a1bb8423fbecbd33cb1da228505819c8430c317e10a9f9ed

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nro2.me/

Response headers

cf-cache-status: MISS
etag: "2dc61be7f0dda1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e9g6HwNcS3llqLOFmI0xgVmD3dh6lTWi2wtQtAeHKaeWnXi6mmhSy1UVSkfOXCuamfe0blRMrPFXblE%2BYpkxkbMuuQB1dv05D8gS%2B0pYJ5ze0%2BMy2f6VzIEl3598rIn%2Buj%2BdGhtiKn3vW7jK%2FPxUxvc%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=39468&min_rtt=31265&rtt_var=10572&sent=59&recv=25&lost=0&retrans=0&sent_bytes=53683&recv_bytes=6801&delivery_rate=103788&cwnd=30300&unsent_bytes=0&cid=f3ea3ee2df2e0ab4&ts=586&x=1", cfExtPri, cfHdrFlush;dur=3
date: Fri, 06 Dec 2024 19:49:16 GMT
content-type: image/png
last-modified: Fri, 03 Nov 2023 00:58:48 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8edecc599c8d10eb-CPH
accept-ranges: bytes
content-length: 3812
server: cloudflare

GET
H3 200 napngoc.png
ngocrongonline.com/images/ 4 KB
5 KB 557ms
556ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngocrongonline.com/images/napngoc.png
Requested by: Host: nro2.me
URL: https://nro2.me/trang-chu
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 197d092aefc0d35ede47b4f697707edcaecfcb64ac35abeaebaa69ab97a68dcf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nro2.me/

Response headers

cf-cache-status: MISS
etag: "b0eb2a02d46d41:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y0wlDZQvij1kKdfZu7TX4QoSIz%2FH1aLZj5BSXPixYaAFQQs4RF9RhIhFOr4b1EHp5lj3g8dT7c2yJxV5M3Jbyni%2Bz7UNFP42bttI34JtJVPnyWEUV3Qejs3qeSz9lxI4Wt6cEkvIMVm%2FMsto1VTnKQU%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=32643&min_rtt=30537&rtt_var=2054&sent=206&recv=73&lost=0&retrans=0&sent_bytes=223326&recv_bytes=8925&delivery_rate=2894669&cwnd=119700&unsent_bytes=0&cid=f3ea3ee2df2e0ab4&ts=902&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 06 Dec 2024 19:49:17 GMT
content-type: image/png
last-modified: Thu, 06 Sep 2018 22:00:19 GMT
vary: Accept-Encoding
priority: u=1,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8edecc5bcda910eb-CPH
accept-ranges: bytes
content-length: 4284
server: cloudflare

GET
H/1.1 200
OK gif_maphongba.gif
nro2.me/images/gif/ 259 KB
260 KB 1178ms
482ms Image
image/gif 14.225.203.27
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nro2.me/images/gif/gif_maphongba.gif

Requested by

Host: nro2.me
URL: https://nro2.me/trang-chu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.225.203.27 Hanoi, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

8f73be2997311145d9d44bc785913d68d05ac40fe5cc5a6f6063d4d016f93e61

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nro2.me/trang-chu

Response headers

Upgrade: h2
ETag: "40cd6-627b9ca5eabf3"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 265430
Date: Fri, 06 Dec 2024 19:49:17 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/gif
Last-Modified: Mon, 25 Nov 2024 09:59:37 GMT
Server: nginx/1.19.1
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK gif_gif_Saiyain.gif
nro2.me/images/gif/ 266 KB
267 KB 557ms
504ms Image
image/gif 14.225.203.27
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nro2.me/images/gif/gif_gif_Saiyain.gif

Requested by

Host: nro2.me
URL: https://nro2.me/trang-chu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.225.203.27 Hanoi, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

30e8ea03a2e43d922414a30f638db33ac16e3f59611590f8c948c1d08de557ee

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nro2.me/trang-chu

Response headers

Upgrade: h2
ETag: "42917-627b9ca5ea045"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 272663
Date: Fri, 06 Dec 2024 19:49:16 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/gif
Last-Modified: Mon, 25 Nov 2024 09:59:37 GMT
Server: nginx/1.19.1
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK gif_supber_kame.gif
nro2.me/images/gif/ 275 KB
276 KB 510ms
287ms Image
image/gif 14.225.203.27
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nro2.me/images/gif/gif_supber_kame.gif

Requested by

Host: nro2.me
URL: https://nro2.me/trang-chu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.225.203.27 Hanoi, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

ddbdf1219ea0efb58f1a86b72ea62e687fd76624dc34aac4c0e3f32d4f11aa14

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nro2.me/trang-chu

Response headers

Upgrade: h2
ETag: "44d2d-627b9ca5ebb85"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 281901
Date: Fri, 06 Dec 2024 19:49:17 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/gif
Last-Modified: Mon, 25 Nov 2024 09:59:37 GMT
Server: nginx/1.19.1
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK gif_maphongba_VIP.gif
nro2.me/images/gif/ 278 KB
278 KB 686ms
466ms Image
image/gif 14.225.203.27
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nro2.me/images/gif/gif_maphongba_VIP.gif

Requested by

Host: nro2.me
URL: https://nro2.me/trang-chu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.225.203.27 Hanoi, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

dc9d1ea13240c5f9c4f46a79fb8fdb9dd5d74d74e43ba0e276f1d9694359ffeb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nro2.me/trang-chu

Response headers

Upgrade: h2
ETag: "45703-627b9ca5eb3bc"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 284419
Date: Fri, 06 Dec 2024 19:49:17 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/gif
Last-Modified: Mon, 25 Nov 2024 09:59:37 GMT
Server: nginx/1.19.1
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK gif_gif_Saiyain_VIP.gif
nro2.me/images/gif/ 268 KB
268 KB 654ms
571ms Image
image/gif 14.225.203.27
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nro2.me/images/gif/gif_gif_Saiyain_VIP.gif

Requested by

Host: nro2.me
URL: https://nro2.me/trang-chu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.225.203.27 Hanoi, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

70eaec511392e41dc565e19f8750d3b485aa453bd87e432ae2438984ab9fbfb3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nro2.me/trang-chu

Response headers

Upgrade: h2
ETag: "42e12-627b9ca5ea42a"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 273938
Date: Fri, 06 Dec 2024 19:49:16 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/gif
Last-Modified: Mon, 25 Nov 2024 09:59:37 GMT
Server: nginx/1.19.1
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK gif_supber_kame_VIP.gif
nro2.me/images/gif/ 277 KB
277 KB 533ms
487ms Image
image/gif 14.225.203.27
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nro2.me/images/gif/gif_supber_kame_VIP.gif

Requested by

Host: nro2.me
URL: https://nro2.me/trang-chu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.225.203.27 Hanoi, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

7495bd4c0c264b36a835e73140004ef6524ee6abf189c32848afd1e18f4c2595

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nro2.me/trang-chu

Response headers

Upgrade: h2
ETag: "45418-627b9ca5ec34e"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 283672
Date: Fri, 06 Dec 2024 19:49:16 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/gif
Last-Modified: Mon, 25 Nov 2024 09:59:37 GMT
Server: nginx/1.19.1
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK rocket-loader.min.js Show response
nro2.me/view/static/js/ 12 KB
12 KB 1388ms
1388ms Script
text/javascript 14.225.203.27
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL

https://nro2.me/view/static/js/rocket-loader.min.js

Requested by

Host: nro2.me
URL: https://nro2.me/trang-chu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.225.203.27 Hanoi, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nro2.me/trang-chu

Response headers

Upgrade: h2
ETag: "302c-628430e885700"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12332
Date: Fri, 06 Dec 2024 19:49:19 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
Last-Modified: Mon, 02 Dec 2024 05:45:32 GMT
Server: nginx/1.19.1
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK eff.js Show response
nro2.me/view/static/js/ 6 KB
6 KB 454ms
453ms Script
text/javascript 14.225.203.27
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL

https://nro2.me/view/static/js/eff.js

Requested by

Host: nro2.me
URL: https://nro2.me/view/static/js/rocket-loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.225.203.27 Hanoi, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

ebd26ac1bc17e67a9b5099642f53fb6cb4e996bff757b31cfb9462b00cada1ba

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nro2.me/trang-chu

Response headers

Upgrade: h2
ETag: "1702-627b9ca60c152"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5890
Date: Fri, 06 Dec 2024 19:49:20 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
Last-Modified: Mon, 25 Nov 2024 09:59:38 GMT
Server: nginx/1.19.1
X-Frame-Options: SAMEORIGIN

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.7.1/ 85 KB
30 KB 189ms
52ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js

Requested by

Host: nro2.me
URL: https://nro2.me/view/static/js/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nro2.me/

Response headers

content-encoding: gzip
age: 117293
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Fri, 05 Dec 2025 11:14:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 05 Dec 2024 11:14:27 GMT
last-modified: Tue, 12 Sep 2023 02:38:22 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30462
x-xss-protection: 0
server: sffe

GET
H3 200 hoamai.js Show response
pay.teamobi.com/ 0
720 B 641ms
573ms Script
application/javascript 2606:4700:3033::ac43:875d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.teamobi.com/hoamai.js
Requested by: Host: nro2.me
URL: https://nro2.me/view/static/js/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:875d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://nro2.me
Referer: https://nro2.me/

Response headers

cf-cache-status: MISS
etag: "202fcacf3cb9d41:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IqVQT6F4etlzebncYncva2%2BSIacReMFGDyRLQLQ0W%2BfjN7MXT%2BiKZW0s4%2FHttNUZRjRAgS2QSW3dAaaQ3jrRO9pW4e8IGZ0Nt%2BA8Rhn%2B7SPdlupxZ%2FeQhQ79b3E%2FnKevnJ6cRlucupq1NZUAm5o%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=32603&min_rtt=31716&rtt_var=6364&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4168&recv_bytes=4335&delivery_rate=464&cwnd=12000&unsent_bytes=0&cid=c9f1c6697ce95ce8&ts=568&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 06 Dec 2024 19:49:21 GMT
content-type: application/javascript
last-modified: Thu, 31 Jan 2019 08:13:13 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8edecc732b3febca-CPH
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
server: cloudflare

GET
H/1.1 200
OK favicon-48x48.ico
nro2.me/images/ 6 KB
7 KB 248ms
248ms Other
image/x-icon 14.225.203.27
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL

https://nro2.me/images/favicon-48x48.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.225.203.27 Hanoi, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

42ae3880d4173cbd4e728b24199b3954527b4391de1ae57d8785f60d3c617303

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nro2.me/trang-chu

Response headers

Upgrade: h2
ETag: "19b8-628430e885700"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6584
Date: Fri, 06 Dec 2024 19:49:23 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/x-icon
Last-Modified: Mon, 02 Dec 2024 05:45:32 GMT
Server: nginx/1.19.1
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK favicon-48x48.ico
nro2.me/images/ 6 KB
0 0ms
0ms Other
image/x-icon 14.225.203.27
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL

https://nro2.me/images/favicon-48x48.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.225.203.27 Hanoi, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

42ae3880d4173cbd4e728b24199b3954527b4391de1ae57d8785f60d3c617303

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nro2.me/trang-chu

Response headers

ETag: "19b8-628430e885700"
Accept-Ranges: bytes
Content-Length: 6584
Date: Fri, 06 Dec 2024 19:49:23 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/x-icon
Last-Modified: Mon, 02 Dec 2024 05:45:32 GMT
Server: nginx/1.19.1
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK favicon-48x48.ico
nro2.me/images/ 6 KB
0 0ms
0ms Other
image/x-icon 14.225.203.27
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL

https://nro2.me/images/favicon-48x48.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.225.203.27 Hanoi, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

42ae3880d4173cbd4e728b24199b3954527b4391de1ae57d8785f60d3c617303

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nro2.me/trang-chu

Response headers

ETag: "19b8-628430e885700"
Accept-Ranges: bytes
Content-Length: 6584
Date: Fri, 06 Dec 2024 19:49:23 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/x-icon
Last-Modified: Mon, 02 Dec 2024 05:45:32 GMT
Server: nginx/1.19.1
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK favicon-32x32.png
nro2.me/images/ 5 KB
0 0ms
0ms Other
image/png 14.225.203.27
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL

https://nro2.me/images/favicon-32x32.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.225.203.27 Hanoi, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

8af8af1a668d810e239398e856d847bb82774908280795173706be10d89df51e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nro2.me/trang-chu

Response headers

ETag: "1536-628430e885700"
Accept-Ranges: bytes
Content-Length: 5430
Date: Fri, 06 Dec 2024 19:49:16 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png
Last-Modified: Mon, 02 Dec 2024 05:45:32 GMT
Server: nginx/1.19.1
X-Frame-Options: SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
ngocrongonline.com
nro2.me
pay.teamobi.com
14.225.203.27
2606:4700:3033::ac43:875d
2a00:1450:4001:806::200a
2a06:98c1:3121::3
044d647e2ceb401dc7c7ad3e4747974b5e2f76a1a5f1fb0a70696989666fd2ac
197d092aefc0d35ede47b4f697707edcaecfcb64ac35abeaebaa69ab97a68dcf
246620d08bbf1598a1bb8423fbecbd33cb1da228505819c8430c317e10a9f9ed
2b99c2e849c7e1dc5b107932ffe42e7508a29cd5cc5b37b14550002d4c52fd54
30e8ea03a2e43d922414a30f638db33ac16e3f59611590f8c948c1d08de557ee
42ae3880d4173cbd4e728b24199b3954527b4391de1ae57d8785f60d3c617303
6bbc31372e7c4ff78a24159affc40157414cef4294e4c158e1533a3848994fec
6ecdf9cc1af160837d3ee618f78a27a8a9d027142ea31f4906dc40bc701fc649
70eaec511392e41dc565e19f8750d3b485aa453bd87e432ae2438984ab9fbfb3
7495bd4c0c264b36a835e73140004ef6524ee6abf189c32848afd1e18f4c2595
815faff99a7ec2b3f6aadf8749aeebcde70cc498730f1253e076f5994dda4a5d
8af8af1a668d810e239398e856d847bb82774908280795173706be10d89df51e
8b5e48e865ce2ff1a301a091b6fb32214101dc927d7de3fa81aba2ddf5b8b203
8f73be2997311145d9d44bc785913d68d05ac40fe5cc5a6f6063d4d016f93e61
9e9298322a784c65a6ba22d7b2d7bacb19afd514872a49243bf7b61fa013d049
9fff440c732575dd7618f5351b3120a4371d7527abcc8e4c776008d6b774f910
bcbe76c9c4d0fabcc97c4fa107f441fd5fd12add72fae38d5e56174292a671a4
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
dc9d1ea13240c5f9c4f46a79fb8fdb9dd5d74d74e43ba0e276f1d9694359ffeb
ddbdf1219ea0efb58f1a86b72ea62e687fd76624dc34aac4c0e3f32d4f11aa14
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebd26ac1bc17e67a9b5099642f53fb6cb4e996bff757b31cfb9462b00cada1ba
fbbc20e5a22fbcd46abecb44fb36caf73f56014a6bef9401eb72da57c6529874
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

nro2.me Open in urlscan Pro 14.225.203.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

100 %HTTPS

75 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

1928 kBTransfer

2004 kBSize

0 Cookies

10 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

nro2.me Open in urlscan Pro
14.225.203.27 Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

1928 kB
Transfer

2004 kB
Size

0
Cookies

27 HTTP transactions
0 data transactions