nguyentandat.click Open in urlscan Pro
2606:4700:3035::6815:4af1 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://nguyentandat.click/
Submission: On November 25 via api (November 25th 2023, 9:51:26 pm UTC) from US — Scanned from US

Summary HTTP 53 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 11 domains to perform 53 HTTP transactions. The main IP is 2606:4700:3035::6815:4af1, located in United States and belongs to CLOUDFLARENET, US. The main domain is nguyentandat.click.
TLS certificate: Issued by GTS CA 1P5 on October 30th 2023. Valid for: 3 months.

This is the only time nguyentandat.click was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gaming (Entertainment)

Domain & IP information

	IP Address	AS Autonomous System
28	2606:4700:303... 2606:4700:3035::6815:4af1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	153.92.13.218 153.92.13.218	47583 (AS-HOSTINGER) (AS-HOSTINGER)
6	2600:1408:10:... 2600:1408:10::1703:da8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	146.75.28.193 146.75.28.193	54113 (FASTLY) (FASTLY)
2	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
1	185.150.189.106 185.150.189.106	23470 (RELIABLESITE) (RELIABLESITE)
1	2606:4700:303... 2606:4700:3031::ac43:a5fc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::5e	15169 (GOOGLE) (GOOGLE)
53	11

28 2606:4700:3035::6815:4af1 (United States)

ASN13335 (CLOUDFLARENET, US)

nguyentandat.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

site-assets.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 153.92.13.218 (Jakarta, Indonesia)

ASN47583 (AS-HOSTINGER, CY)

cloudpack.my.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1408:10::1703:da8 (Sterling, United States)

ASN20940 (AKAMAI-ASN1, NL)

www.pubgmobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.28.193 (Ashburn, United States)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.150.189.106 (Piscataway, United States)

ASN23470 (RELIABLESITE, US)

i.postimg.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:a5fc (United States)

ASN13335 (CLOUDFLARENET, US)

i.upanh.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	nguyentandat.click nguyentandat.click	1 MB
9	cloudpack.my.id cloudpack.my.id	166 KB
6	pubgmobile.com www.pubgmobile.com — Cisco Umbrella Rank: 45903	10 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 ajax.googleapis.com — Cisco Umbrella Rank: 364	31 KB
2	fontawesome.com site-assets.fontawesome.com — Cisco Umbrella Rank: 57726	415 KB
1	gstatic.com fonts.gstatic.com	15 KB
1	upanh.org i.upanh.org — Cisco Umbrella Rank: 598847	176 KB
1	postimg.cc i.postimg.cc — Cisco Umbrella Rank: 18725	28 KB
1	imgur.com i.imgur.com — Cisco Umbrella Rank: 7022	360 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2914	7 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	6 KB
53	11

	Domain	Requested by
28	nguyentandat.click	nguyentandat.click
9	cloudpack.my.id	nguyentandat.click
6	www.pubgmobile.com	nguyentandat.click
2	site-assets.fontawesome.com	nguyentandat.click site-assets.fontawesome.com
1	fonts.gstatic.com	fonts.googleapis.com
1	ajax.googleapis.com	nguyentandat.click
1	i.upanh.org	nguyentandat.click
1	i.postimg.cc	nguyentandat.click
1	fonts.googleapis.com	nguyentandat.click
1	i.imgur.com	nguyentandat.click
1	stackpath.bootstrapcdn.com	nguyentandat.click
1	cdnjs.cloudflare.com	nguyentandat.click
53	12

This site contains no links.

Subject Issuer	Validity	Valid
nguyentandat.click GTS CA 1P5	`2023-10-30` - `2024-01-28`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
cloudpack.my.id R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
wetv.acc.qq.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-30` - `2024-10-30`	a year	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-13` - `2024-03-12`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
postimg.cc R3	`2023-10-24` - `2024-01-22`	3 months	crt.sh
upanh.org GTS CA 1P5	`2023-10-30` - `2024-01-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://nguyentandat.click/
Frame ID: B213F75FD2169866021B6CFE947F8623
Requests: 53 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sự Kiện PUBG Mobile VN 2023

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

53
Requests

100 %
HTTPS

73 %
IPv6

11
Domains

12
Subdomains

11
IPs

2
Countries

2264 kB
Transfer

3497 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
nguyentandat.click/ 163 KB
14 KB 317ms
116ms Document
text/html 2606:4700:3035::6815:4af1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nguyentandat.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:4af1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d0637f8ce5c4d440871385f5529f6c49a9892c71bc2b333c0df4b3314f46565

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82bd1cb1ea294bc3-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 25 Nov 2023 21:51:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V7dR%2FjnEUVN2buSDVagpJCovWdwAFKo8xomKDtfj%2F11kUeRwo%2Fjubl%2B0jYeIm5iA8OaekDdArTXeeZEyRh2fleP1sraiWDf6Crm%2Bicq%2BUm88T7aVZN8ZR%2BbxtrRhg0rkgcBm7gY6gGjGG%2FV%2FxngmUsM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 sewatt.css
nguyentandat.click/css/ 24 KB
6 KB 108ms
104ms Stylesheet
text/css 2606:4700:3035::6815:4af1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nguyentandat.click/css/sewatt.css
Requested by: Host: nguyentandat.click
URL: https://nguyentandat.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:4af1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f891d9b9786df66d5a1813087a72f6adf801a364dc3ee48a4b9bb93480b7850b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 22 Nov 2023 21:03:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UD6iNLBAc%2BjH26iXgqtRIeKvWPV%2F%2BMk5jkNn7RGyQLfv6de6jlSJp6dzIG4YnKWJUo0e5NAQn2CBw1AmdLhFdqcrwrhM1kKUCBTo0S7WumCqmTcXZfU4Km42UQ%2BB4f4iZd9fFwtyIP9GQ4yQ65Ihd5g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 82bd1cb2ba384bc3-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
nguyentandat.click/index_files/ 57 KB
58 KB 82ms
78ms Stylesheet
text/plain 2606:4700:3035::6815:4af1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nguyentandat.click/index_files/css
Requested by: Host: nguyentandat.click
URL: https://nguyentandat.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:4af1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e26b100f7b7fb0714982860b5a9c6839e8a36407c541481a8c295fee462df104

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:16 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 22 Nov 2023 21:06:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dT9UPMV%2BL8orToPpcXjHsdp06bz7SczsxaT2pFSG%2BWMxI4ryi3tO4Q9z%2Fo3BWOchvkhyABN%2FfNBGFnTwLYvLxr7O6HsqwtBZJqPjPibJCDv1U9hQU%2BFU4xTn9InDLhYKvpIgySHeQd8GfRfW0N9vhh4%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 82bd1cb2ba394bc3-BUF
alt-svc: h3=":443"; ma=86400
content-length: 58822

GET
H2 200 sewattanim.css
nguyentandat.click/css/ 58 KB
5 KB 122ms
118ms Stylesheet
text/css 2606:4700:3035::6815:4af1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nguyentandat.click/css/sewattanim.css?v=1.2
Requested by: Host: nguyentandat.click
URL: https://nguyentandat.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:4af1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a3583be32e54cd2cb44ad2e716dccc3f60249b255bd0b6a980e56bc6438cbbe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 23 Nov 2023 11:10:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1QscGtrHWN7d4HJYV%2FylzCwiwQ%2FLnCxKLCHGZT%2Bn9qfjnD9NsyOsaklaeyNQqPX7oWDTjFcfrHpdCdPOoK2c%2BgrCMDPYkF7NalOmeWivAOMeyvOnN1y6K91HCpNubIikCPTPsegNTrASnq1QZfcIJL4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 82bd1cb2ba3a4bc3-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 sewattszone.css
nguyentandat.click/css/ 25 KB
6 KB 104ms
100ms Stylesheet
text/css 2606:4700:3035::6815:4af1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nguyentandat.click/css/sewattszone.css?v=1.2
Requested by: Host: nguyentandat.click
URL: https://nguyentandat.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:4af1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6ab5b8897dbff7692b6bcde1ff820012016f1d97d5725febcfa72f864d5b7d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 23 Nov 2023 11:09:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xXgXAeHz%2Fu%2Fd0fLB%2B%2Ff%2BwLoa6SEciLxQuvsXY1yryLiotgcJqk%2FvvdPmieNFCKkdUra1lxlth0ackRNk6fljOBQP8zsqGcOwHHlwyRur3UtmQz45L5I9qXfD%2BJ3cL3CE%2F1Su3cWXnCArx8DPS1rq5o4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 82bd1cb2ba3b4bc3-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 sewattzzone.css
nguyentandat.click/css/ 3 KB
1 KB 87ms
84ms Stylesheet
text/css 2606:4700:3035::6815:4af1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nguyentandat.click/css/sewattzzone.css?v=1.2
Requested by: Host: nguyentandat.click
URL: https://nguyentandat.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:4af1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff2c51d9854e118281a80989a2eac90a6900b5d99264a36d130224345d9692ae

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 23 Nov 2023 11:08:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kvtoVdxvBCElU7hxCArpM1CfWAMsjIJaCsxe%2FXqUKTUGZxipT6BgeuGBGhd0iEODnJQY%2FINS65GlXpmTkXRI%2FlpZs%2FhIv4MNES43tvyn05%2FVpv4VYhobwV3pp1n9YARLxZ7wQkxpkB3zuM%2F1taYxOnM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 82bd1cb2ba3c4bc3-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 sewattfb.css
nguyentandat.click/css/ 4 KB
1 KB 86ms
83ms Stylesheet
text/css 2606:4700:3035::6815:4af1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nguyentandat.click/css/sewattfb.css?v=1.2
Requested by: Host: nguyentandat.click
URL: https://nguyentandat.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:4af1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9be972440ab34d9ad1b8d8e1a741edd4ec4d1a8b2962a092ba55d4002160ae5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 23 Nov 2023 03:37:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IT1eC0BKKX%2FXmcaWiPD7faT1kV7vdPtAYBomiH1%2FRWZ4nTeP7iswKxURNdsxZu0rfHuwiS6I5KReJpANnSj4%2BdbZCnGCN%2BiBlEFOsydXxxjGpZyyD4W0PsjX2heWDzzbPCxQ2ecYj%2FJWEEeFrcbnWr0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 82bd1cb2ba3d4bc3-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 sewatttw.css
nguyentandat.click/css/ 6 KB
3 KB 87ms
85ms Stylesheet
text/css 2606:4700:3035::6815:4af1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nguyentandat.click/css/sewatttw.css
Requested by: Host: nguyentandat.click
URL: https://nguyentandat.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:4af1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85c87ae7549db7c3d1bf7bbe967d76c77a02c6e103f7df78dff62ea3ddf86a86

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 22 Nov 2023 21:03:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YD8gUQeK4PMeFVaZOYEw3n7RNDGzuvL3zbzlwK1cNRwKD357ZTwACEtJNahY6hTtDR%2F%2Fjz42EPucfXfWTQAXz6MP4iT17vBQIrtQ5W0surtHti%2F8L2Xd0rscOmRON4BWS7bXMFlRLJ3RzJz6uBSCl2E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 82bd1cb2ba3e4bc3-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 material-design-iconic-font.min.css
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/ 69 KB
6 KB 108ms
37ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css

Requested by

Host: nguyentandat.click
URL: https://nguyentandat.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://nguyentandat.click
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 305936
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5845
last-modified: Mon, 04 May 2020 16:12:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed9-1149f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zapqiu2gSCYAMTKY1iUbNTlMzkLtafMQ0gOfk%2BEocWnsm2GUSxzyMyLUOz1w64BK5RA1F8Xzu%2F7gJx8GQLJmSu1QXnmrnMjAooKvYb1hmq1YuhLCRs85mWo8DJSXqbRYwxQnfdeQTdbeT3V2PL9GNG3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82bd1cb329184bd5-BUF
expires: Thu, 14 Nov 2024 21:51:16 GMT

GET
H2 200 all.css
site-assets.fontawesome.com/releases/v6.4.2/css/ 500 KB
94 KB 239ms
147ms Stylesheet
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://site-assets.fontawesome.com/releases/v6.4.2/css/all.css
Requested by: Host: nguyentandat.click
URL: https://nguyentandat.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5044ae8cd744eb4bb6a0741f4ce3b8b41145e460aea7205fb198005d10a0bde

Request headers

Referer: https://nguyentandat.click/
Origin: https://nguyentandat.click
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 01 Aug 2023 19:17:11 GMT
server: cloudflare
x-amz-request-id: 4VQETMKYR5H9CVYP
etag: W/"bf2a5dfaa82bf7a17ae051d0fc06aa60"
x-amz-server-side-encryption: AES256
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: text/css
cf-ray: 82bd1cb3491b4bd5-BUF
x-amz-id-2: Ou1/Ehh6EA4UyK7acT6tnFA5TogvtaLodbGWXVsbAu1+/OIKhx6MR+FyDzVqb6G1RFTufItkIKU=

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 199ms
127ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: nguyentandat.click
URL: https://nguyentandat.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nguyentandat.click/
Origin: https://nguyentandat.click
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 69b79e1118d470f85f108c27e0c81013
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 82bd1cb32a066aee-BUF
cdn-requestpullsuccess: True

GET
H2 200 nav_logo.svg
cloudpack.my.id/ 388 KB
121 KB 1378ms
545ms Image
image/svg+xml 153.92.13.218
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudpack.my.id/nav_logo.svg

Requested by

Host: nguyentandat.click
URL: https://nguyentandat.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

153.92.13.218 Jakarta, Indonesia, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

a39377de382867127c6ee3f232b65fbd2ae7f6a5d4e0c1893eca1e7eacc86d29

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 04 Jul 2023 14:40:37 GMT
server: LiteSpeed
etag: "61052-64a42f65-daaa0a7c4686f4fa;br"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 123993
expires: Sat, 02 Dec 2023 21:51:17 GMT

GET
H2 200 nav_shop.svg
www.pubgmobile.com/en/images/ 993 B
666 B 486ms
66ms Image
image/svg+xml 2600:1408:10::1703:da8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pubgmobile.com/en/images/nav_shop.svg
Requested by: Host: nguyentandat.click
URL: https://nguyentandat.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:10::1703:da8 Sterling, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: bad9e2db663bbdb4f80bdcb6ea144d69502f9d58bf6fcf19f17e365ffea0220f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
content-encoding: gzip
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
server: nginx
etag: "62387c82-3e1"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
content-length: 526

GET
H2 200 nav_language.svg
www.pubgmobile.com/en/images/ 1 KB
816 B 193ms
71ms Image
image/svg+xml 2600:1408:10::1703:da8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pubgmobile.com/en/images/nav_language.svg
Requested by: Host: nguyentandat.click
URL: https://nguyentandat.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:10::1703:da8 Sterling, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a441182568ad88fa9c54384de94a77f64148d3d54df66ea1beff4a11100967c6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
content-encoding: gzip
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
server: nginx
etag: "62387c82-45b"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
content-length: 675

GET
H2 200 nav_menu.svg
www.pubgmobile.com/en/images/ 884 B
567 B 176ms
54ms Image
image/svg+xml 2600:1408:10::1703:da8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pubgmobile.com/en/images/nav_menu.svg
Requested by: Host: nguyentandat.click
URL: https://nguyentandat.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:10::1703:da8 Sterling, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b0d849e0e910d13bcdab1e94f5c799dda1a9429c908e18069f9dc7f7d551d58a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
content-encoding: gzip
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
server: nginx
etag: "62387c82-374"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
content-length: 426

GET
H2 200 nav_download.svg
www.pubgmobile.com/en/images/ 1007 B
625 B 207ms
85ms Image
image/svg+xml 2600:1408:10::1703:da8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pubgmobile.com/en/images/nav_download.svg
Requested by: Host: nguyentandat.click
URL: https://nguyentandat.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:10::1703:da8 Sterling, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0b22f25d8b7421c4c4aec15a9a4781f873545a5732ac128871da40f38c98f4cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
content-encoding: gzip
last-modified: Mon, 21 Mar 2022 13:24:17 GMT
server: nginx
etag: "62387c81-3ef"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
content-length: 485

GET
H2 200 fyfG0WP.jpg
i.imgur.com/ 359 KB
360 KB 124ms
38ms Image
image/jpeg 146.75.28.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/fyfG0WP.jpg

Requested by

Host: nguyentandat.click
URL: https://nguyentandat.click/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.28.193 Ashburn, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

336e40a10e496b45207de0c1dccd3cd6deb59f7be6a41c3c90b0435252015645

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 124440
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
content-length: 367633
x-served-by: cache-iad-kiad7000047-IAD
last-modified: Fri, 24 Nov 2023 11:16:29 GMT
server: cat factory 1.0
x-timer: S1700949077.306960,VS0,VE2
etag: "229cdea48242e2a409628607c4cd25ee"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 6mGU7-2JUnO_f67E-UD6HfkPIbeyvQ0JezRjYdNrigmNcQalpOnhiw==
x-cache-hits: 1

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 114ms
44ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500

Requested by

Host: nguyentandat.click
URL: https://nguyentandat.click/css/sewatt.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

21fa9748efb8c509c94597f75d1784b536bcc05c6df36b25523a51ec14a3c7c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 25 Nov 2023 21:51:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 25 Nov 2023 21:51:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 25 Nov 2023 21:51:17 GMT

GET
H3 200 namm4.png
nguyentandat.click/img/ 98 KB
98 KB 134ms
132ms Image
image/png 2606:4700:3035::6815:4af1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nguyentandat.click/img/namm4.png
Requested by: Host: nguyentandat.click
URL: https://nguyentandat.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:4af1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b96ab97d128c9ecfca830952804532c0143d7ab4a593f4cca4a845d071194cfb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
cf-cache-status: MISS
last-modified: Wed, 22 Nov 2023 14:15:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EemXPA1Tg0Fp0Tt7y7X4APjb9cULTF1uD4Oms1bFgrOobzxiGCOuT2FNOwvqQysLAc6CIez%2BvUvggu9I7Fax4Fkhn%2FJc08jpG2rs%2BfuBuNgWq9LdLVh%2BY0MCfdpH0T%2BwL%2FDcSPsBfCc957JImzfZZOk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82bd1cb49dad4bcf-BUF
alt-svc: h3=":443"; ma=86400
content-length: 99902

GET
H3 200 1.png
nguyentandat.click/img/reward/ 65 KB
66 KB 167ms
165ms Image
image/png 2606:4700:3035::6815:4af1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nguyentandat.click/img/reward/1.png
Requested by: Host: nguyentandat.click
URL: https://nguyentandat.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:4af1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73874ad161de307901ae1d1a2cb9752e15c40aca6b3a42445260483f2a129a1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
cf-cache-status: MISS
last-modified: Wed, 22 Nov 2023 21:08:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rVKQehGy9bfDVrz1K78cG3UdFAVSwk05RDYm5ZZb%2BansZ0%2FSbQ9rFIjyNbIDkOYRwTZsRE8R3gELVX72OJjcxOHPZJ3hshuUqppRN0wyS1hfD1ffovyfqFZ4lL%2BLgyf3Qe2ZkQD7unCHJEa3r1K%2Bm9g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82bd1cb49dae4bcf-BUF
alt-svc: h3=":443"; ma=86400
content-length: 66731

GET
H3 200 2.png
nguyentandat.click/img/reward/ 44 KB
44 KB 198ms
196ms Image
image/png 2606:4700:3035::6815:4af1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nguyentandat.click/img/reward/2.png
Requested by: Host: nguyentandat.click
URL: https://nguyentandat.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:4af1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 316144b6218b14040f972135692493116c6c64192037ddb9e8b348aa70509888

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
cf-cache-status: MISS
last-modified: Wed, 22 Nov 2023 21:08:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gxYKWrknzAwuAVF%2FZiz7aUCF5yYttHCX0CD9OmTUtFJkn6JHvZnNbym9Nd3Lceakud66fzewlz8wFUst6wp2%2BSkOjyV%2F500ZerbXz2g7bdbdKLNsYHTFNDzOy3qdZQA2W6QjAzRU1aquPMNsbO6gw5Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82bd1cb49daf4bcf-BUF
alt-svc: h3=":443"; ma=86400
content-length: 45051

GET
H3 200 3.png
nguyentandat.click/img/reward/ 50 KB
50 KB 199ms
197ms Image
image/png 2606:4700:3035::6815:4af1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nguyentandat.click/img/reward/3.png
Requested by: Host: nguyentandat.click
URL: https://nguyentandat.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:4af1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c7a39265bdb57a300fe79d651022e6e76197406b1eac2acd11ca2845e91b809

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
cf-cache-status: MISS
last-modified: Wed, 22 Nov 2023 21:08:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pob%2Fj02Os%2BZnvBclVtNis9UsPYkCRy3JnA6bKiRlYW12WcQO3rhmBqVzQnOPqi2pvRV7rJUSnydiSBMPacHCzd7PTLyF6FM8I4%2FGXBsnYj6Qy5%2BRtSjy6wMec6QEpqyOzhYdCgWaQnHJw3nDSdtQ4js%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82bd1cb49db04bcf-BUF
alt-svc: h3=":443"; ma=86400
content-length: 50826

GET
H3 200 spin-laz.png
nguyentandat.click/img/ 89 KB
90 KB 201ms
200ms Image
image/png 2606:4700:3035::6815:4af1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nguyentandat.click/img/spin-laz.png
Requested by: Host: nguyentandat.click
URL: https://nguyentandat.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:4af1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6d92ec75230f202421c8d24c28cd8a2b9f93501dfa45ec091f3969761b677ae

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
cf-cache-status: MISS
last-modified: Wed, 22 Nov 2023 14:15:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LU2u8vTmUlH5k6DPI7fhAR4EPQFTZ12pUVc0WdUC1sn9sRml5MChnA25i9q77f2PNPS3Z7%2Fqr4LKzjZhkY4x9SfRtssN1JMssJtQduqTZIhT3tgD8Lxv8iLLIFmPI7JGEi60BPsKEYgrPpZOVP27NJA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82bd1cb49db14bcf-BUF
alt-svc: h3=":443"; ma=86400
content-length: 91191

GET
H3 200 4.png
nguyentandat.click/img/reward/ 48 KB
49 KB 229ms
227ms Image
image/png 2606:4700:3035::6815:4af1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nguyentandat.click/img/reward/4.png
Requested by: Host: nguyentandat.click
URL: https://nguyentandat.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:4af1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d764351866d1a026dd6830673a5049da7a10ec1bbd1514651e473d49b112e7a2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Nov 2023 15:33:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A40yCXEy7ajcLWNUAlvxolvuALyJ40fhkWt9OSGwbiqPKfRVdJjFAKNPN4uNZbabM9E11%2FC2cm4TJi7TJ6b2SZtXBTbtwv%2FPf9AwUAQddCRIaILkRi%2B46PVZROi3fmVUfolu1KaVfB3TM9RhvkMs5rU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82bd1cb49db24bcf-BUF
alt-svc: h3=":443"; ma=86400
content-length: 49220

GET
H3 200 5.png
nguyentandat.click/img/reward/ 38 KB
38 KB 101ms
100ms Image
image/png 2606:4700:3035::6815:4af1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nguyentandat.click/img/reward/5.png
Requested by: Host: nguyentandat.click
URL: https://nguyentandat.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:4af1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59676bf6d6462b65d3c3d0a3580ed6de82fd7f958a21c6d25321c86c1440d830

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Nov 2023 15:38:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bWZmRp7REZrNT4VB13WuOyUME119MEBXyNR%2FfAOZ6hsv5Hupp%2FxiTK68S%2B6jWppDaPL%2Bj18MWEoNbraheR1%2BtlrG53x7TJ6N3qF2Hr0ou%2B1pqDh85AAtIwM6zGGqfWRQz2SWMGRfSWUURiwoUzNRRco%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82bd1cb49db34bcf-BUF
alt-svc: h3=":443"; ma=86400
content-length: 38585

GET
H3 200 6.png
nguyentandat.click/img/reward/ 66 KB
66 KB 231ms
229ms Image
image/png 2606:4700:3035::6815:4af1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nguyentandat.click/img/reward/6.png
Requested by: Host: nguyentandat.click
URL: https://nguyentandat.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:4af1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1846bba0622f8bd814d86f39c905eedf3e07e1f66e519d8726a425494636a53f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Nov 2023 15:40:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P0vyh8fM4Y5HxYCgMad7OBD%2BgiV%2FLcw6ROEI8c%2FCdAmmM37buXsbZEw3Is45RkZx16MZ1%2BJMCJiR9DchGkqNdvAVUK7aRKaC08blFqqSOZllgme4fq6Cs250JuW6FwNoLm471gkb04GaRGcA7cCDJzw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82bd1cb49db44bcf-BUF
alt-svc: h3=":443"; ma=86400
content-length: 67409

GET
H2 200 login-Method1.png
i.postimg.cc/3wBVgZTz/ 28 KB
28 KB 86ms
28ms Image
image/png 185.150.189.106
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/3wBVgZTz/login-Method1.png
Requested by: Host: nguyentandat.click
URL: https://nguyentandat.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.150.189.106 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
last-modified: Sun, 26 Dec 2021 01:51:44 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 28789
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 icon_2.jpg
nguyentandat.click/img/style-img/ 38 KB
38 KB 95ms
94ms Image
image/jpeg 2606:4700:3035::6815:4af1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nguyentandat.click/img/style-img/icon_2.jpg?v=1.2
Requested by: Host: nguyentandat.click
URL: https://nguyentandat.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:4af1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f5f8ee12c1932ff2757a92051ac88f77875a7fe4c45e6399a1fc36394b3535e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Nov 2023 15:53:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4S4qyXbJYuSoMzYZ3VF0OJmkSpIiL53I6ky1jd2WpR2ya8gsViYI8rPRIQPv28KrQOI9ies9ivSJXl2cchNkDf7qBWWjZpwhtAvfYYeh%2FQ44WLphcIjs5Fpo%2Fdkuv4dz%2FUtrlNMXJACXixRET2avWcY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82bd1cb49db54bcf-BUF
alt-svc: h3=":443"; ma=86400
content-length: 38853

GET
H2 200 footer_link1.svg
cloudpack.my.id/footer/ 1 KB
743 B 1075ms
547ms Image
image/svg+xml 153.92.13.218
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudpack.my.id/footer/footer_link1.svg

Requested by

Host: nguyentandat.click
URL: https://nguyentandat.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

153.92.13.218 Jakarta, Indonesia, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

d52f55e222fda1abb3b43bcef5ac41d712006e3a376af7c6724e93313e21abe5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 28 Oct 2023 10:17:38 GMT
server: LiteSpeed
etag: "4aa-653cdfc2-7086d11d56e6f4d4;br"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 679
expires: Sat, 02 Dec 2023 21:51:17 GMT

GET
H2 200 footer_link2.svg
cloudpack.my.id/footer/ 2 KB
1 KB 1073ms
545ms Image
image/svg+xml 153.92.13.218
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudpack.my.id/footer/footer_link2.svg

Requested by

Host: nguyentandat.click
URL: https://nguyentandat.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

153.92.13.218 Jakarta, Indonesia, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

36095f4a013a176e6ea0561af75fc04c13a13e055f9dceeeaa5466c871ef0277

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 28 Oct 2023 10:17:38 GMT
server: LiteSpeed
etag: "756-653cdfc2-40f2bdb689e04321;br"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 974
expires: Sat, 02 Dec 2023 21:51:17 GMT

GET
H2 200 footer_link3.svg
cloudpack.my.id/footer/ 2 KB
906 B 1073ms
546ms Image
image/svg+xml 153.92.13.218
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudpack.my.id/footer/footer_link3.svg

Requested by

Host: nguyentandat.click
URL: https://nguyentandat.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

153.92.13.218 Jakarta, Indonesia, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

80eb8b71b66b3a745f3ee5e166e698cb672953aeb08b9eaf5b3dc94cdc4524b4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 28 Oct 2023 10:17:38 GMT
server: LiteSpeed
etag: "656-653cdfc2-af2ed94d9659752c;br"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 842
expires: Sat, 02 Dec 2023 21:51:17 GMT

GET
H2 200 footer_link4.svg
cloudpack.my.id/footer/ 2 KB
1 KB 1049ms
548ms Image
image/svg+xml 153.92.13.218
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudpack.my.id/footer/footer_link4.svg

Requested by

Host: nguyentandat.click
URL: https://nguyentandat.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

153.92.13.218 Jakarta, Indonesia, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

4c18a5671aa5ebfa9a0484f9b0f2f468e0d131445e9986af3110697f6f6dc457

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 28 Oct 2023 10:17:38 GMT
server: LiteSpeed
etag: "75a-653cdfc2-c76180c8f6a5cc63;br"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1065
expires: Sat, 02 Dec 2023 21:51:17 GMT

GET
H2 200 footer_link5.svg
cloudpack.my.id/footer/ 2 KB
950 B 1050ms
548ms Image
image/svg+xml 153.92.13.218
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudpack.my.id/footer/footer_link5.svg

Requested by

Host: nguyentandat.click
URL: https://nguyentandat.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

153.92.13.218 Jakarta, Indonesia, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

200b2e2544549340ab301d6cfd5c359b7c4b32a71b6fad2df69e7056aab0bb0a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 28 Oct 2023 10:17:38 GMT
server: LiteSpeed
etag: "67a-653cdfc2-3e19ac93de2064e2;br"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 886
expires: Sat, 02 Dec 2023 21:51:17 GMT

GET
H2 200 footer_link6.svg
cloudpack.my.id/footer/ 5 KB
3 KB 775ms
273ms Image
image/svg+xml 153.92.13.218
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudpack.my.id/footer/footer_link6.svg

Requested by

Host: nguyentandat.click
URL: https://nguyentandat.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

153.92.13.218 Jakarta, Indonesia, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

7fe3c61e522b904919f1bf52b69cad01ff805db64508ed3b13ab156f58b660eb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 28 Oct 2023 10:17:38 GMT
server: LiteSpeed
etag: "12b0-653cdfc2-82c019621dbab7ba;br"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 2881
expires: Sat, 02 Dec 2023 21:51:17 GMT

GET
H2 200 footer_logod63b2864a20432df.png
i.upanh.org/2023/11/23/ 175 KB
176 KB 557ms
474ms Image
image/png 2606:4700:3031::ac43:a5fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.upanh.org/2023/11/23/footer_logod63b2864a20432df.png
Requested by: Host: nguyentandat.click
URL: https://nguyentandat.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a5fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54397569614adeb118a81e0c73743ce640605aa8dc1b64c6cb0dbbe1a4e46eee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Nov 2023 13:32:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2bda8-60ad1deee2dcd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZAMbjgsqVUI8QvYWX%2BhyC8wBfu7NbN72%2FxAk%2Bb4HrsWbYFjN2J77pLWmBXeQu7WXmpwWVDupY4VBoUl7ULXY4xSWZyHq7gM5Y%2FVYgRmPJ2VhkJaUyalbuWXNH72zsp26mtvTA4sDT7%2ByA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82bd1cb54fc44bbd-BUF
alt-svc: h3=":443"; ma=86400
content-length: 179624

GET
H2 200 logo.png
www.pubgmobile.com/act/a20180515iggamepc/ 6 KB
6 KB 154ms
65ms Image
image/avif 2600:1408:10::1703:da8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pubgmobile.com/act/a20180515iggamepc/logo.png
Requested by: Host: nguyentandat.click
URL: https://nguyentandat.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:10::1703:da8 Sterling, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: cde9945e91f0e51058869d687cd24c8f58804f25623999f1291c71b3697093b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
last-modified: Mon, 08 May 2023 08:25:46 GMT
server: Akamai Image Manager
etag: "5ff6baa2-3bf2"
content-type: image/avif
cache-control: private, no-transform, max-age=43200
content-length: 6055
expires: Sun, 26 Nov 2023 09:51:17 GMT

GET
H3 200 priv_laz.png
nguyentandat.click/img/ 14 KB
14 KB 228ms
228ms Image
image/png 2606:4700:3035::6815:4af1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nguyentandat.click/img/priv_laz.png?v=1.4
Requested by: Host: nguyentandat.click
URL: https://nguyentandat.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:4af1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b715b775a82f6c034322d93b8a3637ca1e85f745d5227f653f4bd629ccc28f0e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Nov 2023 13:25:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dz7KA91Rngo6XecUzqCaISjHcfU15Np9TsRw2%2BEteaFsQ6JwO7gYqzoONkGmb1lxNVAPCCSYJ3BjVIyKijr2ck7x3p7qvgvTaSp4MWLbmVQbxQ4sC5q1rfz1TmErK5D26jbXC1pTj6kEkvuSgrNExpw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82bd1cb4adb64bcf-BUF
alt-svc: h3=":443"; ma=86400
content-length: 13859

GET
H3 200 email-decode.min.js Show response
nguyentandat.click/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 34ms
33ms Script
application/javascript 2606:4700:3035::6815:4af1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nguyentandat.click/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: nguyentandat.click
URL: https://nguyentandat.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:4af1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Nov 2023 21:55:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65568fe4-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=epMfB1UtTl8J1Q5HQBRvG4%2FWLdCsYkN0dFwvChi4C%2FtgsZ4E1JzBfJBsZKu7BuYauWnHvL8Ub%2Bdq8cttnHtt0I1aqCxVXkzHx0EvgtFQWBAHFwVENNMsRBmFuGMSkZkEMgbliC%2F7b4Uw9YMqt3jEWo4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 82bd1cb4adb74bcf-BUF
expires: Mon, 27 Nov 2023 21:51:17 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.7.1/ 85 KB
30 KB 35ms
34ms Script
text/javascript 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js

Requested by

Host: nguyentandat.click
URL: https://nguyentandat.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nguyentandat.click/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 21 Nov 2023 03:54:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 410199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30462
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 02:38:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Nov 2024 03:54:38 GMT

GET
H3 200 jquery.min.js.download Show response
nguyentandat.click/index_files/ 85 KB
31 KB 63ms
62ms Script
application/javascript 2606:4700:3035::6815:4af1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nguyentandat.click/index_files/jquery.min.js.download
Requested by: Host: nguyentandat.click
URL: https://nguyentandat.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:4af1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 22 Nov 2023 21:06:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GuHoJ%2F2a34lrSkaOYb6tS6yPVJWEne6wfNK4Y0cohNTG1%2B7uwGfutXZKjR0GRfdgxIwmNkuCaaCHWUefWs7z3GnJQLFNGrUxru6BHQrQpewooq%2FRVCvxbUj998qhIck4hpnd%2FLwWoneG%2B4zSqF%2FW5n0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 82bd1cb4adb84bcf-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 gift-zone.js Show response
nguyentandat.click/index_files/ 4 KB
2 KB 228ms
227ms Script
application/javascript 2606:4700:3035::6815:4af1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nguyentandat.click/index_files/gift-zone.js
Requested by: Host: nguyentandat.click
URL: https://nguyentandat.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:4af1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84717ef8f221ed8a4a2c83d9e9bda78fac203316c75531bf8f9697d1d482e87b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 22 Nov 2023 21:06:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F4TA4%2B6Vtrla7Wb0MZl3O%2F%2FvPe5fRq3wLW6NveRCP%2BiqN4jn4XZo1LvuWTUjvPVEnBpsH51sWX6fT%2BREf6nb1AEmmM4KYEDSrpbsObS1NV%2BK6n4IzvTlczAYLT66kRvdKFugeZ%2Fg9ZHDU%2BpHAfsE8pQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 82bd1cb4adb94bcf-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 main-zone.js Show response
nguyentandat.click/js-zone/ 4 KB
2 KB 62ms
61ms Script
application/javascript 2606:4700:3035::6815:4af1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nguyentandat.click/js-zone/main-zone.js
Requested by: Host: nguyentandat.click
URL: https://nguyentandat.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:4af1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6445c707cda47e8fa95a383d175b372b282b06b03eb6a2ead0018de460156ebf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 22 Nov 2023 21:06:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PTol689ZaTeToYjjIaY9%2B570mQlq8YPuMjhR4rjleacDL2MAqRPzCr9uQmLG0o47sBeL8gl6rEESsLFUp2cJg0Fy506RfbEG6abnOI8lQBrmQOl70YuGDW96W8axSxHKRXdzqyTzRoApj%2FFmaZ8LAok%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 82bd1cb4adba4bcf-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 sewatt.js Show response
nguyentandat.click/js-zone/ 12 KB
3 KB 228ms
227ms Script
application/javascript 2606:4700:3035::6815:4af1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nguyentandat.click/js-zone/sewatt.js
Requested by: Host: nguyentandat.click
URL: https://nguyentandat.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:4af1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fe6a7c60fdf117ebf01241d38413ce2aa2de55167c6fc3b3fb1f20cd3e54ab5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 24 Nov 2023 15:13:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rCqjYEb16%2BloJX0NMxCUceayo2WBBQYjE7kap0JclzUiUyXkCM2TjokPd34jtrXcRTRXei%2B2hV1pUG5rENp9Znxe9d%2BHlx%2FFAt4dAyaznTCWtYVLVRCu9G4cvLkZ53xXhpBi4aSpMdx73TgmjpF3Fo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 82bd1cb4adbb4bcf-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 snow.js Show response
nguyentandat.click/js-zone/ 11 KB
4 KB 228ms
228ms Script
application/javascript 2606:4700:3035::6815:4af1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nguyentandat.click/js-zone/snow.js
Requested by: Host: nguyentandat.click
URL: https://nguyentandat.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:4af1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6262f1689e9ecea3d4972fdb521302ed49f0a606d3d24e012bee050f68c17165

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 22 Nov 2023 21:06:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AGhInaRzaVitvadMF7WICZgWbYoO82io%2FLqlrwhd7kzPuYYh%2BskUrDorh52R0DOlOYB%2F23s3nd9Vgk9cPs4eikDOltk9KBUMldmB5WWlfLYyvxZE7DMrUIfUKzPPgalu6Avj55yGqxRvMU%2FHiz9FH%2FU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 82bd1cb4adbc4bcf-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 bg.png
nguyentandat.click/img/ 139 KB
139 KB 220ms
220ms Image
image/png 2606:4700:3035::6815:4af1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nguyentandat.click/img/bg.png
Requested by: Host: nguyentandat.click
URL: https://nguyentandat.click/css/sewatt.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:4af1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f0e2d6703d447d0719e15116e9f49c3a7f6bd0c79a72eea3a3975e71c4cceb5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/css/sewatt.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
cf-cache-status: MISS
last-modified: Wed, 22 Nov 2023 14:15:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Epre5FDay6cUItZayw4Bou2hBshSQ9cVnCu8W%2FagXs%2BcT9PcXcAnQTn9IRzo%2BOfqXED30933G4tSt%2FV%2FBAYqClnUKu05uZzEsIUNstzcLPkKX5i9G29fx0aFpy1XN977dgIIm3cijo3yHtjhig0yxLw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82bd1cb4bdbd4bcf-BUF
alt-svc: h3=":443"; ma=86400
content-length: 141833

GET
H3 200 item-off.png
nguyentandat.click/img/ 201 KB
202 KB 245ms
245ms Image
image/png 2606:4700:3035::6815:4af1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nguyentandat.click/img/item-off.png
Requested by: Host: nguyentandat.click
URL: https://nguyentandat.click/css/sewattzzone.css?v=1.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:4af1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b3e1d88551124391979d02e441ba5cd552c665b514872e6a08bf9ff817ba801

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/css/sewattzzone.css?v=1.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
cf-cache-status: MISS
last-modified: Wed, 22 Nov 2023 14:15:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=poAr6Vo2RLBkrMKnV59nJjYzzy7hbE75UaFwEnINb2I6L130mzGlFpDPNR71PMoGGt4lhyVZw2qyfnjD2WSNJOuXNeAZh10AtERlmRe82GqVsMQF97vvPB2E4AhjEdzOW6NxDlfJMay5cRj9vbLDEMQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82bd1cb4bdbe4bcf-BUF
alt-svc: h3=":443"; ma=86400
content-length: 206038

GET
H2 200 footer_link_bg.png
www.pubgmobile.com/en/images/ 2 KB
2 KB 158ms
68ms Image
image/png 2600:1408:10::1703:da8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pubgmobile.com/en/images/footer_link_bg.png
Requested by: Host: nguyentandat.click
URL: https://nguyentandat.click/css/sewatt.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:10::1703:da8 Sterling, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f1bd509f6032d31635a91d57de9428b83929221b854768c38c8f1643877a9417

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nguyentandat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
last-modified: Mon, 21 Mar 2022 13:24:17 GMT
server: nginx
etag: "62387c81-65e"
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
content-length: 1630
expires: Sat, 25 Nov 2023 21:56:17 GMT

GET
H3 200 sewatt.woff2
nguyentandat.click/fonts// 17 KB
18 KB 247ms
247ms Font
font/woff2 2606:4700:3035::6815:4af1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nguyentandat.click/fonts//sewatt.woff2
Requested by: Host: nguyentandat.click
URL: https://nguyentandat.click/css/sewatt.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:4af1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a813311f634e51f9a260303676d42ed4483b0265aa9f0f911647c16c08d5a0

Request headers

Referer: https://nguyentandat.click/css/sewatt.css
Origin: https://nguyentandat.click
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Nov 2023 11:33:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zbR3YgrQVllOCdwMWbN9Bk2JcXBfpWic0x%2FH8l9iEv4V0s9TKxW8bFwDbnIfJrc18VTqEWh1drWtmq5qPG02B26amIlhQp0ojXK1fPWVmQ7P0ODWed65n1CjRR3D0xRlgm0CxJmFNvPWv%2FOJ5F9rORY%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82bd1cb4bdbf4bcf-BUF
alt-svc: h3=":443"; ma=86400
content-length: 17752

GET
H2 200 fa-solid-900.woff2
site-assets.fontawesome.com/releases/v6.4.2/webfonts/ 320 KB
321 KB 119ms
118ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://site-assets.fontawesome.com/releases/v6.4.2/webfonts/fa-solid-900.woff2
Requested by: Host: site-assets.fontawesome.com
URL: https://site-assets.fontawesome.com/releases/v6.4.2/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdb9ca4674e16a180ad38ba1b55ea1224a38677e604f5c5e560b85194970b85a

Request headers

Referer: https://site-assets.fontawesome.com/releases/v6.4.2/css/all.css
Origin: https://nguyentandat.click
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
cf-cache-status: MISS
x-amz-request-id: 4VQ57E3DCF4A7XPV
x-amz-server-side-encryption: AES256
content-length: 327824
x-amz-id-2: MmIZ7QasIaoZYfs00SS2S+Xw2StIkRuYLkbl50shkx2PaC8OWl4GSo/66d+cGM3LvIc+DrCSdc8=
last-modified: Tue, 01 Aug 2023 19:22:32 GMT
server: cloudflare
etag: "e0f1f10202002bf91422fd3768c2d744"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
accept-ranges: bytes
cf-ray: 82bd1cb4b92c4bd5-BUF

GET
H2 200 LYjNdG7kmE0gfaN9pQ.woff2
fonts.gstatic.com/s/teko/v20/ 15 KB
15 KB 102ms
34ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

714088bef569d6981bfae79530ef315f4d6505f302a944ce9063601919977e6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nguyentandat.click
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:23:54 GMT
x-content-type-options: nosniff
age: 242843
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15044
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:55:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Nov 2024 02:23:54 GMT

GET
H3 206 spin.mp3
nguyentandat.click/media/ 91 KB
0 80ms
79ms Media
audio/mpeg 2606:4700:3035::6815:4af1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nguyentandat.click/media/spin.mp3
Requested by: Host: nguyentandat.click
URL: https://nguyentandat.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:4af1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://nguyentandat.click/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 25 Nov 2023 21:51:17 GMT
cf-cache-status: MISS
last-modified: Wed, 22 Nov 2023 14:20:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=srfkWJZnFMtHEydfFV1HEOsA27o0gfNloc6bB6FgjO1cDUzSjMpJk%2BZAH3s%2B3h4C8w3GiNp5H1QwZ2OtlgXYUWjbi553Vt41KTs3Q1vGeNVSnOewhm4U2ocojAD0kWKdxS7Q1D%2FJd4QkSm3PpoUynhI%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
Content-Range: bytes 0-93346/93347
cache-control: max-age=14400
cf-ray: 82bd1cb62dd14bcf-BUF
alt-svc: h3=":443"; ma=86400
Content-Length: 93347

GET
H2 206 open.mp3
cloudpack.my.id/resources-pack/sound/ 19 KB
19 KB 617ms
613ms Media
audio/mpeg 153.92.13.218
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudpack.my.id/resources-pack/sound/open.mp3

Requested by

Host: nguyentandat.click
URL: https://nguyentandat.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

153.92.13.218 Jakarta, Indonesia, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://nguyentandat.click/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 25 Nov 2023 21:51:18 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 04 Jul 2023 14:40:37 GMT
server: LiteSpeed
etag: "4d45-64a42f65-534053cbe3756e9b;;;"
content-type: audio/mpeg
Content-Range: bytes 0-19780/19781
platform: hostinger
Content-Length: 19781

GET
H2 206 close.mp3
cloudpack.my.id/resources-pack/sound/ 17 KB
17 KB 891ms
887ms Media
audio/mpeg 153.92.13.218
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudpack.my.id/resources-pack/sound/close.mp3

Requested by

Host: nguyentandat.click
URL: https://nguyentandat.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

153.92.13.218 Jakarta, Indonesia, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

22e1575a06426f427b46598d6599c565e80ed3e937b1872b0d5d928bfe5b2d65

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://nguyentandat.click/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 25 Nov 2023 21:51:18 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 04 Jul 2023 14:40:37 GMT
server: LiteSpeed
etag: "451b-64a42f65-7e4eb7840ee8b1a6;;;"
content-type: audio/mpeg
Content-Range: bytes 0-17690/17691
platform: hostinger
Content-Length: 17691

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://nguyentandat.click/(Line 58) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
cloudpack.my.id
fonts.googleapis.com
fonts.gstatic.com
i.imgur.com
i.postimg.cc
i.upanh.org
nguyentandat.click
site-assets.fontawesome.com
stackpath.bootstrapcdn.com
www.pubgmobile.com
146.75.28.193
153.92.13.218
185.150.189.106
2600:1408:10::1703:da8
2606:4700:3031::ac43:a5fc
2606:4700:3035::6815:4af1
2606:4700:4400::ac40:93bc
2606:4700::6811:190e
2606:4700::6812:acf
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c1b::5e
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
0b22f25d8b7421c4c4aec15a9a4781f873545a5732ac128871da40f38c98f4cf
0c7a39265bdb57a300fe79d651022e6e76197406b1eac2acd11ca2845e91b809
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1846bba0622f8bd814d86f39c905eedf3e07e1f66e519d8726a425494636a53f
1b3e1d88551124391979d02e441ba5cd552c665b514872e6a08bf9ff817ba801
1d0637f8ce5c4d440871385f5529f6c49a9892c71bc2b333c0df4b3314f46565
200b2e2544549340ab301d6cfd5c359b7c4b32a71b6fad2df69e7056aab0bb0a
21fa9748efb8c509c94597f75d1784b536bcc05c6df36b25523a51ec14a3c7c4
22e1575a06426f427b46598d6599c565e80ed3e937b1872b0d5d928bfe5b2d65
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
316144b6218b14040f972135692493116c6c64192037ddb9e8b348aa70509888
336e40a10e496b45207de0c1dccd3cd6deb59f7be6a41c3c90b0435252015645
36095f4a013a176e6ea0561af75fc04c13a13e055f9dceeeaa5466c871ef0277
36a813311f634e51f9a260303676d42ed4483b0265aa9f0f911647c16c08d5a0
3f0e2d6703d447d0719e15116e9f49c3a7f6bd0c79a72eea3a3975e71c4cceb5
4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54
4c18a5671aa5ebfa9a0484f9b0f2f468e0d131445e9986af3110697f6f6dc457
4f5f8ee12c1932ff2757a92051ac88f77875a7fe4c45e6399a1fc36394b3535e
54397569614adeb118a81e0c73743ce640605aa8dc1b64c6cb0dbbe1a4e46eee
59676bf6d6462b65d3c3d0a3580ed6de82fd7f958a21c6d25321c86c1440d830
6262f1689e9ecea3d4972fdb521302ed49f0a606d3d24e012bee050f68c17165
6445c707cda47e8fa95a383d175b372b282b06b03eb6a2ead0018de460156ebf
714088bef569d6981bfae79530ef315f4d6505f302a944ce9063601919977e6f
73874ad161de307901ae1d1a2cb9752e15c40aca6b3a42445260483f2a129a1b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a3583be32e54cd2cb44ad2e716dccc3f60249b255bd0b6a980e56bc6438cbbe
7fe3c61e522b904919f1bf52b69cad01ff805db64508ed3b13ab156f58b660eb
80eb8b71b66b3a745f3ee5e166e698cb672953aeb08b9eaf5b3dc94cdc4524b4
84717ef8f221ed8a4a2c83d9e9bda78fac203316c75531bf8f9697d1d482e87b
85c87ae7549db7c3d1bf7bbe967d76c77a02c6e103f7df78dff62ea3ddf86a86
9fe6a7c60fdf117ebf01241d38413ce2aa2de55167c6fc3b3fb1f20cd3e54ab5
a39377de382867127c6ee3f232b65fbd2ae7f6a5d4e0c1893eca1e7eacc86d29
a441182568ad88fa9c54384de94a77f64148d3d54df66ea1beff4a11100967c6
a9be972440ab34d9ad1b8d8e1a741edd4ec4d1a8b2962a092ba55d4002160ae5
b0d849e0e910d13bcdab1e94f5c799dda1a9429c908e18069f9dc7f7d551d58a
b6d92ec75230f202421c8d24c28cd8a2b9f93501dfa45ec091f3969761b677ae
b715b775a82f6c034322d93b8a3637ca1e85f745d5227f653f4bd629ccc28f0e
b96ab97d128c9ecfca830952804532c0143d7ab4a593f4cca4a845d071194cfb
bad9e2db663bbdb4f80bdcb6ea144d69502f9d58bf6fcf19f17e365ffea0220f
bdb9ca4674e16a180ad38ba1b55ea1224a38677e604f5c5e560b85194970b85a
cde9945e91f0e51058869d687cd24c8f58804f25623999f1291c71b3697093b6
d52f55e222fda1abb3b43bcef5ac41d712006e3a376af7c6724e93313e21abe5
d764351866d1a026dd6830673a5049da7a10ec1bbd1514651e473d49b112e7a2
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
e26b100f7b7fb0714982860b5a9c6839e8a36407c541481a8c295fee462df104
e6ab5b8897dbff7692b6bcde1ff820012016f1d97d5725febcfa72f864d5b7d2
f1bd509f6032d31635a91d57de9428b83929221b854768c38c8f1643877a9417
f5044ae8cd744eb4bb6a0741f4ce3b8b41145e460aea7205fb198005d10a0bde
f891d9b9786df66d5a1813087a72f6adf801a364dc3ee48a4b9bb93480b7850b
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
ff2c51d9854e118281a80989a2eac90a6900b5d99264a36d130224345d9692ae

nguyentandat.click Open in urlscan Pro 2606:4700:3035::6815:4af1 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

53 Requests

100 %HTTPS

73 %IPv6

11 Domains

12 Subdomains

11 IPs

2 Countries

2264 kBTransfer

3497 kBSize

0 Cookies

0 Outgoing links

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

nguyentandat.click Open in urlscan Pro
2606:4700:3035::6815:4af1 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

100 %
HTTPS

73 %
IPv6

11
Domains

12
Subdomains

11
IPs

2
Countries

2264 kB
Transfer

3497 kB
Size

0
Cookies

53 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!