tancent.xs1.biz Open in urlscan Pro
2a06:98c1:3120::c  Malicious Activity! Public Scan

Submitted URL: http://tancent.xs1.biz/
Effective URL: https://tancent.xs1.biz/
Submission: On August 02 via manual from BE — Scanned from NL

Summary

This website contacted 11 IPs in 5 countries across 9 domains to perform 56 HTTP transactions. The main IP is 2a06:98c1:3120::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is tancent.xs1.biz.
TLS certificate: Issued by E1 on July 5th 2022. Valid for: 3 months.
This is the only time tancent.xs1.biz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gaming (Entertainment)

Domain & IP information

IP Address AS Autonomous System
1 28 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
11 141.94.130.128 16276 (OVH)
8 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2001:4de0:ac1... 20446 (STACKPATH...)
2 2a00:1450:400... 15169 (GOOGLE)
1 65.21.235.194 24940 (HETZNER-AS)
1 51.159.64.45 12876 (Online SAS)
1 2a00:1450:400... 15169 (GOOGLE)
56 11
Apex Domain
Subdomains
Transfer
28 xs1.biz
tancent.xs1.biz
2 MB
11 postimg.cc
i.postimg.cc — Cisco Umbrella Rank: 22983
283 KB
8 pubgmobile.com
www.pubgmobile.com — Cisco Umbrella Rank: 16005
705 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
ajax.googleapis.com — Cisco Umbrella Rank: 410
60 KB
2 top4top.io
l.top4top.io — Cisco Umbrella Rank: 590429
a.top4top.io — Cisco Umbrella Rank: 636928
37 KB
2 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3128
83 KB
1 gstatic.com
fonts.gstatic.com
14 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 937
32 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 338
6 KB
56 9
Domain Requested by
28 tancent.xs1.biz 1 redirects tancent.xs1.biz
11 i.postimg.cc tancent.xs1.biz
8 www.pubgmobile.com tancent.xs1.biz
2 ajax.googleapis.com tancent.xs1.biz
2 stackpath.bootstrapcdn.com tancent.xs1.biz
stackpath.bootstrapcdn.com
1 fonts.gstatic.com fonts.googleapis.com
1 a.top4top.io tancent.xs1.biz
1 l.top4top.io tancent.xs1.biz
1 code.jquery.com tancent.xs1.biz
1 cdnjs.cloudflare.com tancent.xs1.biz
1 fonts.googleapis.com tancent.xs1.biz
56 11

This site contains no links.

Subject Issuer Validity Valid
*.xs1.biz
E1
2022-07-05 -
2022-10-03
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-07-11 -
2022-10-03
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-01-29 -
2023-01-29
a year crt.sh
postimg.cc
R3
2022-06-12 -
2022-09-10
3 months crt.sh
wetv.acc.qq.com
DigiCert SHA2 Secure Server CA
2022-05-26 -
2023-01-17
8 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2021-07-14 -
2022-08-14
a year crt.sh
top4top.io
R3
2022-07-31 -
2022-10-29
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-07-11 -
2022-10-03
3 months crt.sh

This page contains 1 frames:

Primary Page: https://tancent.xs1.biz/
Frame ID: 273B99E3CFFD76C1E78DBD1E4C1C6A4E
Requests: 56 HTTP requests in this frame

Screenshot

Page Title

PUBG MOBILE: Royale Pass Month 13

Page URL History Show full URLs

  1. http://tancent.xs1.biz/ HTTP 301
    https://tancent.xs1.biz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

56
Requests

100 %
HTTPS

73 %
IPv6

9
Domains

11
Subdomains

11
IPs

5
Countries

3311 kB
Transfer

3843 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tancent.xs1.biz/ HTTP 301
    https://tancent.xs1.biz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

56 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
tancent.xs1.biz/
Redirect Chain
  • http://tancent.xs1.biz/
  • https://tancent.xs1.biz/
13 KB
4 KB
Document
General
Full URL
https://tancent.xs1.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.30
Resource Hash
4585e500b69b52a4a9cf280ecf89d05929c0c7441679d1be0ff3b0ee252f1442

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
73472e2b6c210b63-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Aug 2022 13:32:34 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qf4Fw3UTFL238keimaKg2avBbj1AZkS1vuCudFBNPqHYeeRguEH2FkZ7SYas4miUYpjOYo1EW%2BWEVOt3Jk8JZ1xXX3VRO%2FYqgf7dWlOVpYdB0LSrNTCZ3mAuGIC8rzqdE2RtInr%2B4xRQtQp2Yow%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.30

Redirect headers

CF-RAY
73472e2aace9b96c-AMS
Cache-Control
max-age=3600
Connection
keep-alive
Date
Tue, 02 Aug 2022 13:32:34 GMT
Expires
Tue, 02 Aug 2022 14:32:34 GMT
Location
https://tancent.xs1.biz/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ci2h%2Fle1pFYFNageAgcG25f1XR%2FO2A8W8oJnshC46JFUkCZl1oEmHaMuz%2B5BSu%2BA79No1SONNxyqMz7mENNj4MX%2BP1wBbQ8EVN2KpOU%2Bdbn9DN9tUf%2BnKW7163WeorqpyIkm9kANmln4nX8AzUc%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
tancent.xs1.biz/index_files/
61 KB
61 KB
Stylesheet
General
Full URL
https://tancent.xs1.biz/index_files/css
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2db023c6c27693f044211498c952a94f002c75b80926bde95c24d5dbab187f4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1gQ1T4ZIlrrkU2xoCvr7bjwhOQ74rz%2BSGrexuFoFxXw2bTcMIRDh%2BHl%2FBG2Gt2Kce4dKtASVxfaIUYdfDa4fWrzZp0JV1iU9DKCVplsksuHSfmmIoclKF5tWRKjq3kaeAm%2BITtq%2F7Ey6FXaedM%3D"}],"group":"cf-nel","max_age":604800}
last-modified
Tue, 21 Jun 2022 02:07:42 GMT
accept-ranges
bytes
cf-ray
73472e2e3f9e0b63-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
62268
facebook.css
tancent.xs1.biz/css-zone/
2 KB
1 KB
Stylesheet
General
Full URL
https://tancent.xs1.biz/css-zone/facebook.css
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27b4f0a795e64f3fc2122f1d0658fa4ac20b58800e0348da0b94a3397b1c2211

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6242
cf-polished
origSize=3188
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 21 Jun 2022 02:07:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uqRmbzd3AUsPP%2BG5G5YmSyuB1MY3%2B%2FH8Mxwc%2FeLNL87nWEZTRUXJwHNh5t%2BOWOhGuDF41WAcPgEg%2Fkksj27AxsF0mlIGQzqx50QNEsMyzHtQUHBRQHlPpU5ktufp69mqailojA9VOV3kQPdZkRY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
73472e2e3fa30b63-AMS
cf-bgj
minify
twitter.css
tancent.xs1.biz/css-zone/
2 KB
834 B
Stylesheet
General
Full URL
https://tancent.xs1.biz/css-zone/twitter.css
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
911febf36aa50f2ad47043e2b8fdeba43c8932b2c287c313654e4dc458cfa54d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6242
cf-polished
origSize=2078
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 21 Jun 2022 02:07:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NLs28Ef3cLOCk877eNydHSRe8z7FRMLyORFPHdUI%2ByEEyDNjUNvaNjZmQLNBhR6UDVIGcyw3Zbg89FD2xf5srs9ctBo7Epn6JNcVyriW5uE%2BU8B5m0YjOUb5JmTsGBSrtZ5tJDTolOuXBU3a6UU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
73472e2e3fa40b63-AMS
cf-bgj
minify
css2
fonts.googleapis.com/
1 KB
930 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Teko&display=swap
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0350bdc3ce4d387d99d9c66c6aa8550ba6e62427584fa6fd2bdb74532daf77c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 02 Aug 2022 13:32:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 02 Aug 2022 13:32:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Aug 2022 13:32:34 GMT
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tancent.xs1.biz/
Origin
https://tancent.xs1.biz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
879
age
532976
cdn-cachedat
07/01/2022 20:05:17
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.02
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
etag
W/"269550530cc127b6aa5a35925a7de6ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
f3572392a7e96c7980fac755c6f611de
cf-ray
73472e2e9f29b99a-AMS
cdn-requestcountrycode
NL
cdn-status
200
cdn-requestpullsuccess
True
material-design-iconic-font.min.css
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/
69 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1285631
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5845
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:12:09 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ed9-1149f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rnnyx6vJA488pho5dkgf10ac1zw%2F3kVHG0MURqVSNpAq7KGCs2iBcIsxUHgNXdwyj0yVoklXDEiomBXzFx3eHtRR%2FmALKqX9C7lgn7nzJIgctYri3l4qJ3UkVuMDyut32MzVs%2BAS0UN89ql9cZh9J2jL"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
73472e2e8c77b924-AMS
expires
Sun, 23 Jul 2023 13:32:34 GMT
jquery.js
tancent.xs1.biz/js-zone/
2 KB
643 B
Script
General
Full URL
https://tancent.xs1.biz/js-zone/jquery.js
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8fe38740d7ac549e1d26eb2f7bc50156944a93d9c3537f89292deec2d35ad43

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6242
cf-polished
origSize=2253
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 22 Apr 2022 11:48:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IQ87NESTeBImWyMnOh%2FCU0pLSOF849rCDHmADxBrp87%2BiveTFlUkihrUTYZfBxOl9sCh6qGMy5KuEkI%2B4sK8VDTKX38S3PZjWZ4LZ6VQ%2FWDPzMFnjPchUVaOLe3lzy7rDm8rQURbW8PRlm8uwDg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
73472e2e3fa50b63-AMS
cf-bgj
minify
main-zone.js
tancent.xs1.biz/js-zone/
600 B
644 B
Script
General
Full URL
https://tancent.xs1.biz/js-zone/main-zone.js
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46f6b6f8af7209e3d9b12771f26c87164f35b5fac01a8418235c2c9658d87821

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6242
cf-polished
origSize=610
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 22 Apr 2022 11:48:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ggX%2BQIOR2YXz5fOkD7v2RbyV%2F6oNGvoKAB35FPxlD8bJa360C5IXCPRzRPtnDRwAlRWlrZMfMqQbheYOle2%2BywJq7WsacrbSTfI6ILbC6VNTWQKjPi%2FwFGYL%2B6fHzNYyEpnkqC1gvgKfWn6s5b8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
73472e2e3fa70b63-AMS
cf-bgj
minify
myScript.js
tancent.xs1.biz/js-zone/
2 KB
929 B
Script
General
Full URL
https://tancent.xs1.biz/js-zone/myScript.js
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a10e34619af6c8a6d258a9035e0f2e35721f45967b9c3b3e652a07a274c474

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6242
cf-polished
origSize=2913
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 18 Jul 2022 08:15:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kfjep%2FsqQ9M%2F4HXM%2Bnr6bPQCl2HM1UwdUClN6s3Ye7Ip%2FQUgDbYkajcMZ2FN2NkATgAHDPjWbvuVHQLCTfRXNMwS9vheePQfyOnGuiYIMp0CfZ62TPi6d%2FafsU%2B5J6g54dRidiPbhg%2BeX0rzry8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
73472e2e3fab0b63-AMS
cf-bgj
minify
navbar-logo.png
i.postimg.cc/SxQ04Qn4/
173 KB
174 KB
Image
General
Full URL
https://i.postimg.cc/SxQ04Qn4/navbar-logo.png
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.130.128 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31442138.ip-141-94-130.eu
Software
nginx /
Resource Hash
a817051e4bb4f6a94ffc632b32ba786440fb33f2028b99a83c836631299ff587

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:35 GMT
last-modified
Tue, 22 Mar 2022 04:46:34 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
177317
expires
Thu, 31 Dec 2037 23:55:55 GMT
nav_shop.svg
www.pubgmobile.com/en/images/
993 B
675 B
Image
General
Full URL
https://www.pubgmobile.com/en/images/nav_shop.svg
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d0c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
bad9e2db663bbdb4f80bdcb6ea144d69502f9d58bf6fcf19f17e365ffea0220f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:35 GMT
content-encoding
gzip
last-modified
Mon, 21 Mar 2022 13:24:18 GMT
server
nginx
etag
"62387c82-3e1"
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
526
nav_language.svg
www.pubgmobile.com/en/images/
1 KB
825 B
Image
General
Full URL
https://www.pubgmobile.com/en/images/nav_language.svg
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d0c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a441182568ad88fa9c54384de94a77f64148d3d54df66ea1beff4a11100967c6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:35 GMT
content-encoding
gzip
last-modified
Mon, 21 Mar 2022 13:24:18 GMT
server
nginx
etag
"62387c82-45b"
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
675
nav_menu.svg
www.pubgmobile.com/en/images/
884 B
576 B
Image
General
Full URL
https://www.pubgmobile.com/en/images/nav_menu.svg
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d0c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
b0d849e0e910d13bcdab1e94f5c799dda1a9429c908e18069f9dc7f7d551d58a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:35 GMT
content-encoding
gzip
last-modified
Mon, 21 Mar 2022 13:24:18 GMT
server
nginx
etag
"62387c82-374"
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
426
nav_download.svg
www.pubgmobile.com/en/images/
1007 B
634 B
Image
General
Full URL
https://www.pubgmobile.com/en/images/nav_download.svg
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d0c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
0b22f25d8b7421c4c4aec15a9a4781f873545a5732ac128871da40f38c98f4cf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:35 GMT
content-encoding
gzip
last-modified
Mon, 21 Mar 2022 13:24:17 GMT
server
nginx
etag
"62387c81-3ef"
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
485
draw.png
tancent.xs1.biz/img/
154 KB
155 KB
Image
General
Full URL
https://tancent.xs1.biz/img/draw.png
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c74954ff4d602292feec1b9c6d7afeabe0ffa1b1507418cf151186f0e039667

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:35 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Jun 2022 02:07:42 GMT
server
cloudflare
age
6145
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jkz8lU2S%2FV2OqjdJHYFYRDNzaieY9efqKXddSekzXNMbH2DpaOQZ0203egYLo9GKVHRUhofrltrNOSJXGMU2fhHhLOLKzI56YP18oz2pe2n0vZN8cSKAP7UFK4eXFdL04axiWNd69Lo2wm4oN6E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73472e33b843b8dc-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
158037
footer-socmed-1.png
i.postimg.cc/jnLQLD1x/
6 KB
6 KB
Image
General
Full URL
https://i.postimg.cc/jnLQLD1x/footer-socmed-1.png
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.130.128 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31442138.ip-141-94-130.eu
Software
nginx /
Resource Hash
dfba7a0c7d120366be1d50ada6b75adcf62ac2038a1c08fd6e1c77071a38b5d1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:35 GMT
last-modified
Tue, 22 Mar 2022 04:48:19 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
5796
expires
Thu, 31 Dec 2037 23:55:55 GMT
footer-socmed-2.png
i.postimg.cc/Thwcks3z/
11 KB
11 KB
Image
General
Full URL
https://i.postimg.cc/Thwcks3z/footer-socmed-2.png
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.130.128 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31442138.ip-141-94-130.eu
Software
nginx /
Resource Hash
16f1ccc0e0a89629ef11948c8de6ca77591a6f9b937b8de44ebc18358225bd80

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:35 GMT
last-modified
Tue, 22 Mar 2022 04:48:19 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
10864
expires
Thu, 31 Dec 2037 23:55:55 GMT
footer-socmed-3.png
i.postimg.cc/bdB94RGs/
6 KB
7 KB
Image
General
Full URL
https://i.postimg.cc/bdB94RGs/footer-socmed-3.png
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.130.128 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31442138.ip-141-94-130.eu
Software
nginx /
Resource Hash
d1e50bf94ebb01626c1045d43541f5989f67f6b3d62d3d6eb38e34fe0be94595

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:35 GMT
last-modified
Tue, 22 Mar 2022 04:48:19 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
6571
expires
Thu, 31 Dec 2037 23:55:55 GMT
footer-socmed-4.png
i.postimg.cc/YvcfCqz7/
13 KB
14 KB
Image
General
Full URL
https://i.postimg.cc/YvcfCqz7/footer-socmed-4.png
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.130.128 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31442138.ip-141-94-130.eu
Software
nginx /
Resource Hash
8014774799900154e012ac41d6cdd404adc93c5955535ee4bd5372e054e90443

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:35 GMT
last-modified
Tue, 22 Mar 2022 04:48:19 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
13796
expires
Thu, 31 Dec 2037 23:55:55 GMT
footer-socmed-5.png
i.postimg.cc/w7RQzsJF/
9 KB
9 KB
Image
General
Full URL
https://i.postimg.cc/w7RQzsJF/footer-socmed-5.png
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.130.128 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31442138.ip-141-94-130.eu
Software
nginx /
Resource Hash
a72b0b2226327f8af54d11c68347fd2930f05d48004c0f05e1ef39c3505d8ba0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:35 GMT
last-modified
Tue, 22 Mar 2022 04:48:19 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
9205
expires
Thu, 31 Dec 2037 23:55:55 GMT
footer-socmed-6.png
i.postimg.cc/Sxyy8Kzz/
4 KB
4 KB
Image
General
Full URL
https://i.postimg.cc/Sxyy8Kzz/footer-socmed-6.png
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.130.128 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31442138.ip-141-94-130.eu
Software
nginx /
Resource Hash
e0e93e88b46229223de82294608854d6578f0ade6f696b31f830cda37aae9b0e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:35 GMT
last-modified
Wed, 13 Apr 2022 13:57:35 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
4316
expires
Thu, 31 Dec 2037 23:55:55 GMT
footer-img.png
i.postimg.cc/pV8Q4L9L/
14 KB
14 KB
Image
General
Full URL
https://i.postimg.cc/pV8Q4L9L/footer-img.png
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.130.128 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31442138.ip-141-94-130.eu
Software
nginx /
Resource Hash
49c48ca56906e272d341083c726fc29a7304b7e66647ffd08b4ce7edd67430b4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:35 GMT
last-modified
Sun, 26 Dec 2021 01:40:34 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
14457
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js.download
tancent.xs1.biz/index_files/
85 KB
31 KB
Script
General
Full URL
https://tancent.xs1.biz/index_files/jquery.min.js.download
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 21 Jun 2022 02:07:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lylVJwXrAx4D%2BYdYr4s5MWZfeS37PDU8OuKx6oMXDLP2e0h%2F0AlLuAvLrsuzykPsUeq9ZMvwF6UyvFqjZxh4Y%2BkHUl%2BrRIyje00CqIJErKB%2Bh71NxYbijZN3OB92gzF0hnKLAvQl7sEnTTudULk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
73472e2ee833b8dc-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
gift-zone.js
tancent.xs1.biz/index_files/
1 KB
1 KB
Script
General
Full URL
https://tancent.xs1.biz/index_files/gift-zone.js
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aea0be0ca0f891dcbe6b933e1774c98adbad34c5f498fd57483a39225af57fc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6147
cf-polished
origSize=1685
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 21 Jun 2022 02:07:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZQlrSyUac7KYRd%2FWBzrUjNQfqY4W4%2BWA7Zh1jbuc4nVQUHR4%2Bp%2FgHj1aD6Qmml6TvHVr43Gv1Lpc4kgCP2s%2FpMqfI7NYvz2Kky6fpVblPzfBnKvOzq%2FKowZInau2VIYyYAIUI3TiEsluWi2Qw%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
73472e332f59b8dc-AMS
cf-bgj
minify
slide-zone.js
tancent.xs1.biz/js-zone/
2 KB
1 KB
Script
General
Full URL
https://tancent.xs1.biz/js-zone/slide-zone.js
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be2fea06568b7303784a3ea510ea289f35b9d51f6d37f8753460dbb868061b46

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6146
cf-polished
origSize=2054
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 22 Apr 2022 11:48:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WyekB1wElkuwGWyH5skTAfZmCVAtCq4NijURV1a5s96W1qwksXnxpN9IkndxyxfL1sCSPkjaw6PS0DDclirPo%2FEfEH9%2Fl4fVjHKK5jjmvtIGykvOnwizG5rRjmi4Ehdj7FpjwOUE%2FFPP6h6rjyI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
73472e33a81db8dc-AMS
cf-bgj
minify
slide-zone.js.download
tancent.xs1.biz/index_files/
2 KB
1 KB
Script
General
Full URL
https://tancent.xs1.biz/index_files/slide-zone.js.download
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5decabf43c201e0f9e058461dd0d8a8bc744e4174583ef39971abc226bf2ca08

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 21 Jun 2022 02:07:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DgPuUxc%2FD%2Frf29oNyjdo0%2BULBkhUVFeSW1FvcUGDujKuNFxUjdQnn1wGibi8VzhF%2BVCxBx5VwuJSBQz4icJoH6UY%2FilcAlP142av8NZPWUrnJv9NB4jlc8pnut5aoeh3NiCNdSKWXiMiSOVm9Zs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
73472e33b841b8dc-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
login-Method1.png
i.postimg.cc/3wBVgZTz/
28 KB
28 KB
Image
General
Full URL
https://i.postimg.cc/3wBVgZTz/login-Method1.png
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.130.128 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31442138.ip-141-94-130.eu
Software
nginx /
Resource Hash
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:35 GMT
last-modified
Sun, 26 Dec 2021 01:51:44 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
28789
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon_logo.jpg
www.pubgmobile.com/id/event/royalepass10/images/
73 KB
74 KB
Image
General
Full URL
https://www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d0c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
0d9cf7eb8fb12be77685134e63f7dae9a95fbf9306ae0529bd0347582d18a8ef

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:35 GMT
last-modified
Wed, 15 Sep 2021 06:46:59 GMT
server
nginx
etag
"614196e3-1258d"
content-type
image/jpeg
cache-control
max-age=157
accept-ranges
bytes
content-length
75149
expires
Tue, 02 Aug 2022 13:35:12 GMT
login-Method2.png
i.postimg.cc/dtyfWFF2/
4 KB
4 KB
Image
General
Full URL
https://i.postimg.cc/dtyfWFF2/login-Method2.png
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.130.128 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31442138.ip-141-94-130.eu
Software
nginx /
Resource Hash
1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:35 GMT
last-modified
Sun, 26 Dec 2021 01:53:00 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
4298
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-1.10.2.min.js
code.jquery.com/
91 KB
32 KB
Script
General
Full URL
https://code.jquery.com/jquery-1.10.2.min.js
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:35 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-16bb3"
vary
Accept-Encoding
x-hw
1659447155.dop202.am5.t,1659447155.cds237.am5.hn,1659447155.cds298.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
32788
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/
82 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 12:20:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4310
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29671
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Aug 2023 12:20:45 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.3/
82 KB
29 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 12:20:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4310
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29707
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Aug 2023 12:20:45 GMT
alert-zone.js
tancent.xs1.biz/js-zone/
116 KB
18 KB
Script
General
Full URL
https://tancent.xs1.biz/js-zone/alert-zone.js
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8228e22e19aaadccc78de91daf2d7ccfc8abaad47558d6403cb7aff087a8ee86

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6147
cf-polished
origSize=120664
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 22 Apr 2022 11:48:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SW1q3d7%2BiAp5IIQ6PXjiR7c67WrY2DIp3bKULFC4vZR7Am56zz8hg4wS1rryCYI3RsDI3TopOYXPVotTeX9KYYUqPFXGJc9EjvxrrJtDH66uz490OIGNWrnCmXPVoLi9GQaFIQmwid1fn5cEfVM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
73472e333f60b8dc-AMS
cf-bgj
minify
zero-zone.js
tancent.xs1.biz/js-zone/
732 B
807 B
Script
General
Full URL
https://tancent.xs1.biz/js-zone/zero-zone.js
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
424e9389ec406b05bcc22f717878475ee96a0f5fe4c63c4ca5548231325964dc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6147
cf-polished
origSize=861
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 22 Apr 2022 11:48:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lgq1jjkG5pnCF2kbWw%2BF571TBzxGfKZMVhY22Ww7M6WuS37PELVSR%2BVQys8xjpHHiDCRk1I4Bk%2FjXoNYwoBk%2BB7CgP3C5mRGemtf99LDL7VYy01DCBB229lexaJ9BF92SOFY8TeHAr3YgIViaSw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
73472e333f62b8dc-AMS
cf-bgj
minify
m_1725u5z7i1.mp3
l.top4top.io/
19 KB
20 KB
Media
General
Full URL
https://l.top4top.io/m_1725u5z7i1.mp3
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
65.21.235.194 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.194.235.21.65.clients.your-server.de
Software
nginx /
Resource Hash
4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54

Request headers

Referer
https://tancent.xs1.biz/
Accept-Encoding
identity;q=1, *;q=0
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range
bytes=0-

Response headers

x-file-id
x34392023x
date
Tue, 02 Aug 2022 13:32:35 GMT
last-modified
Mon, 21 Sep 2020 07:16:33 GMT
server
nginx
etag
"5f685351-4d45"
content-type
audio/mpeg
Content-Range
bytes 0-19780/19781
cache-control
max-age=7200
content-disposition
inline; filename="open_reward_tab.mp3"
Content-Length
19781
expires
Tue, 02 Aug 2022 15:32:35 GMT
m_1725zobal2.mp3
a.top4top.io/
17 KB
18 KB
Media
General
Full URL
https://a.top4top.io/m_1725zobal2.mp3
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.159.64.45 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-159-64-45.rev.poneytelecom.eu
Software
nginx /
Resource Hash
22e1575a06426f427b46598d6599c565e80ed3e937b1872b0d5d928bfe5b2d65

Request headers

Referer
https://tancent.xs1.biz/
Accept-Encoding
identity;q=1, *;q=0
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range
bytes=0-

Response headers

x-file-id
x34392024x
date
Tue, 02 Aug 2022 13:32:35 GMT
last-modified
Mon, 21 Sep 2020 07:16:33 GMT
server
nginx
etag
"5f685351-451b"
content-type
audio/mpeg
Content-Range
bytes 0-17690/17691
cache-control
max-age=7200
content-disposition
inline; filename="close_reward_popup.mp3"
Content-Length
17691
expires
Tue, 02 Aug 2022 15:32:35 GMT
style-zone.css
tancent.xs1.biz/css-zone/
18 KB
5 KB
Stylesheet
General
Full URL
https://tancent.xs1.biz/css-zone/style-zone.css
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6300c5b96351d88c704877256b9db2f2eccf98a293d4db5e699bd870254170e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6146
cf-polished
origSize=21734
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 18 Jul 2022 01:23:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4muNYJ3AMvQZ7hloKeGi2uC9JMj9rF8hkZk30ONtslxQltLDzmiw9vI1bVeynh3yF3hTfVym9PAr%2BwdFCPxkYmCq%2BgCu73abkb7sDKZbXMw%2By%2Fxi40EDDFbn1BLzzyBPWsV90tqlCVbyBhM%2Fa2Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
73472e33a82ab8dc-AMS
cf-bgj
minify
zero-zone.css
tancent.xs1.biz/css-zone/
5 KB
1 KB
Stylesheet
General
Full URL
https://tancent.xs1.biz/css-zone/zero-zone.css
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f8c713f492cb611b3b72cc8c20c9d7c254d1b5590a16c82e203728afc48b754

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6146
cf-polished
origSize=5487
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 21 Jun 2022 02:07:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tRP2pUib8GLay3RjboGy2ZwdlGO59AED9WKm25zrIlxH%2F5co%2BXNdGy5roCizEAhYmSlCCV1alr5Q%2F3AHfSYtB2qLf7kNawykKOg0nuchnrSnWMyVpIL0yj1TbgwuzrCvrwuREAX%2Bqj7tebQ0ghI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
73472e33b83fb8dc-AMS
cf-bgj
minify
1.png
tancent.xs1.biz/img/reward/
102 KB
102 KB
Image
General
Full URL
https://tancent.xs1.biz/img/reward/1.png
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e84ed8265ca3ba16dc2c78599510db3c1ffcec2ddbd240c48b7a6bb69c73965f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:35 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Nov 2020 20:16:04 GMT
server
cloudflare
age
6137
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WOrP5xPl2oa9FD0iLpLtwpTrMo2%2B%2BdiSrnjax9MKjskbzwfTiKdZHAcGIGpZmcuUduS0IFHAMiICVXMkVbxaE6kDVK4pJZh3ja9Km8Bt1Ona3bto1h2R6Nkc0cGNKmUfjXoGAFFXXN%2B7Vsp0dIU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73472e33b855b8dc-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
104026
2.png
tancent.xs1.biz/img/reward/
18 KB
18 KB
Image
General
Full URL
https://tancent.xs1.biz/img/reward/2.png
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e84cf45adb516664699ab4f7b70bd5e6207c5d9c4ad82f8f9e228d683890811

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:35 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Jun 2022 02:07:42 GMT
server
cloudflare
age
6137
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8wojcjTXg2m6WfBl03J5nzP4HE83kSgEg0bl4aw2WpudEQKL6Qx6BxxOQ5uu%2BOkAIjeZShm7FgaBrBxSgx9otAW7U9HKDGflVC7IS6ihXudNuSGTeqBl60WGI0k9AcmzBt2sKTLp%2FgE9%2FBozLLA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73472e33b856b8dc-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18150
3.png
tancent.xs1.biz/img/reward/
93 KB
93 KB
Image
General
Full URL
https://tancent.xs1.biz/img/reward/3.png
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0c3eccbf8534af45e19bd503704b22a11fd84c459a4c775c5644d53ec9d0d28

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:35 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Jun 2022 02:07:42 GMT
server
cloudflare
age
6137
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BSIupM4OFDQyv4F4hMF8wbu9TEUJjcOwi%2Bpppmbq%2FVhI%2BSkn665Yk9XrzI89NHqBec4gH%2FmguWUfwktIUUFW7vfHnQ%2FQYUJ4U0UWf87zEM6%2B4gxCeCtBws%2F0kJd%2FqJA%2FQPPMF%2Fy5SLzfGC6NFBk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73472e33b857b8dc-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
95004
4.png
tancent.xs1.biz/img/reward/
39 KB
39 KB
Image
General
Full URL
https://tancent.xs1.biz/img/reward/4.png
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
711f17bd667e28b99943069dab753cb68e00773621cae063de324f0e87d3d3aa

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:35 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Jun 2022 02:07:42 GMT
server
cloudflare
age
6137
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUT0leRPerbctiv85hZOfK0YjGoIKZ5El0cb6ZMYPM17wRzAZbiCJJTYti8Nq6BQ79S5oaFgaspaCpqI4HZh0mQwbEsmlgLcWWkh%2BubHSLgU0qaKDnUfDbrRblEhxhuv3xfwB3nQoqBV3nDmtYw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73472e33b858b8dc-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39737
5.png
tancent.xs1.biz/img/reward/
56 KB
57 KB
Image
General
Full URL
https://tancent.xs1.biz/img/reward/5.png
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8235de9e4e48882ee06b686347c3436130fa3bf29ea69cbdfff4bd2dcc8db482

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:35 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Jun 2022 02:07:42 GMT
server
cloudflare
age
6137
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HasaxS6hnLkREt0kJslnA2AFwS71JZ2826Dp%2FSvYUBkB4u15CL31mk%2B8f8PAhBCiQ2D1%2F2F2MLFbQGMRSt9KQ%2F7UgmVBW%2FXbNhjdPoFVvAbNMsJ2vYZOT9O%2FDGxD55vIlTUixpiXlcXQJgkahLc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73472e33b85ab8dc-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
57846
6.png
tancent.xs1.biz/img/reward/
47 KB
48 KB
Image
General
Full URL
https://tancent.xs1.biz/img/reward/6.png
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92d62e803f0aea193f6c90106396dc205341b74cb23d8549866b5032fd5ca47a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:35 GMT
cf-cache-status
HIT
last-modified
Fri, 15 Apr 2022 03:18:38 GMT
server
cloudflare
age
6137
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMn3EmTU4XL3fZBH7MrX5A9zv5nBVW8ISXiaEW5Efj8uijt4tw9dji0MEtZxBHWe0kzCoZ5b3oT8PYbUZBBWw1h0a1HdQM4oXw36VeQBXbKgJ5oMAEd%2FAzNV%2FQgKauXhYBjlHW89ZN3iJ61d6%2F0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73472e33b85bb8dc-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
48523
header.mp4
tancent.xs1.biz/media/
1 MB
1 MB
Media
General
Full URL
https://tancent.xs1.biz/media/header.mp4
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08510b45880559fd028329f8fed7a767ae8cbc7909477feb31533867f809f262

Request headers

Referer
https://tancent.xs1.biz/
Accept-Encoding
identity;q=1, *;q=0
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 02 Aug 2022 13:32:35 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Jun 2022 02:07:42 GMT
server
cloudflare
age
6137
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FO7RXyoyk9yBwFDBZvI2iuUdXPdgQea8rdxiOUxd8Xp%2BsQ8UaiTWGt6AM1g1sUWtsLQ4EFjb9eQnjblxm0phichAFDJ50JTpAEUzyZ7aKp%2BBe2XaucWC9mjmiQXK%2Bok34VvluD3fl2FrOxdXzds%3D"}],"group":"cf-nel","max_age":604800}
content-type
video/mp4
Content-Range
bytes 0-1309781/1309782
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
73472e33b85eb8dc-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
1309782
bg_1.jpg
www.pubgmobile.com/images/event/royalepassm12/
543 KB
544 KB
Image
General
Full URL
https://www.pubgmobile.com/images/event/royalepassm12/bg_1.jpg
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/css-zone/style-zone.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d0c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
aba44404dad7c75c73752f36c78af6f96c029b392c0a29ca479c388b0d0fad7a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:36 GMT
last-modified
Fri, 17 Jun 2022 06:21:10 GMT
server
nginx
etag
"62ac1d56-87ad5"
content-type
image/jpeg
cache-control
max-age=300
accept-ranges
bytes
content-length
555733
expires
Tue, 02 Aug 2022 13:37:36 GMT
m_bg_5.jpg
www.pubgmobile.com/images/event/royalepassm12/
82 KB
83 KB
Image
General
Full URL
https://www.pubgmobile.com/images/event/royalepassm12/m_bg_5.jpg
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/css-zone/style-zone.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d0c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
87b025b77084374ca03cdd2faccaab91a682c0a9830050668492c482b13aca54

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:36 GMT
last-modified
Fri, 17 Jun 2022 06:21:12 GMT
server
nginx
etag
"62ac1d58-1490a"
content-type
image/jpeg
cache-control
max-age=297
accept-ranges
bytes
content-length
84234
expires
Tue, 02 Aug 2022 13:37:33 GMT
item-off.png
tancent.xs1.biz/img/
141 KB
142 KB
Image
General
Full URL
https://tancent.xs1.biz/img/item-off.png
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/css-zone/zero-zone.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90678185c827eca2b6cee5addd17342ee1cb11c215e7017c082ee096138eb5f4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/css-zone/zero-zone.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:35 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Jun 2022 02:07:42 GMT
server
cloudflare
age
6145
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zTFSalQD1DrErFD1b5QY43nZKsZFzEvEf4THXCXqynOBUq1kcsY%2BUaHZayUavFXQfwXHlIrHvjep%2F08zA9cKxxkO5LEi1O7NNm0XaI8XMj8li%2FElZhDSqQLKT%2BP4JPFmETvXRYt00L%2B6SDae4EA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73472e3428f2b8dc-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
144518
footer-bg.jpg
i.postimg.cc/02KwtTc7/
11 KB
12 KB
Image
General
Full URL
https://i.postimg.cc/02KwtTc7/footer-bg.jpg
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/css-zone/style-zone.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.130.128 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31442138.ip-141-94-130.eu
Software
nginx /
Resource Hash
d1740f2a847c3b67a1071442fe2af27298bca56ab267e90ea8aec3d4e9b9552f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:35 GMT
last-modified
Wed, 23 Mar 2022 19:15:53 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
11651
expires
Thu, 31 Dec 2037 23:55:55 GMT
footer_link_bg.png
www.pubgmobile.com/en/images/
2 KB
2 KB
Image
General
Full URL
https://www.pubgmobile.com/en/images/footer_link_bg.png
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/css-zone/style-zone.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d0c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
f1bd509f6032d31635a91d57de9428b83929221b854768c38c8f1643877a9417

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:35 GMT
last-modified
Mon, 21 Mar 2022 13:24:17 GMT
server
nginx
etag
"62387c81-65e"
content-type
image/png
cache-control
max-age=74
accept-ranges
bytes
content-length
1630
expires
Tue, 02 Aug 2022 13:33:49 GMT
LYjNdG7kmE0gfaN9pQ.woff2
fonts.gstatic.com/s/teko/v15/
13 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Teko&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
352ad1513eeaeec51060f01d5bed32345862ec4d9c0802b81e0a47885951e4b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tancent.xs1.biz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 19:49:48 GMT
x-content-type-options
nosniff
age
495767
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13324
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:05:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jul 2023 19:49:48 GMT
spin.mp3
tancent.xs1.biz/media/
110 KB
0
Media
General
Full URL
https://tancent.xs1.biz/media/spin.mp3
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://tancent.xs1.biz/
Accept-Encoding
identity;q=1, *;q=0
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 02 Aug 2022 13:32:36 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Jun 2022 02:07:42 GMT
server
cloudflare
age
6137
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nKdGMtfuDrY8cK3DJVvt8IGeMx0FJSAu1RHEvEuIrjc9MdOyE7Ec5ofPEk0O1dSW248ZgGgjVmnJxjXzXNLRii6WfsoUX2bkRpqML9Li%2FA6jL8MUTltdxex%2BNQuT31J3xwqRTkwliUAS59V8AdY%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
Content-Range
bytes 0-132738/132739
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
73472e358b15b8dc-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
132739
popup-navbar.png
tancent.xs1.biz/img/
13 KB
13 KB
Image
General
Full URL
https://tancent.xs1.biz/img/popup-navbar.png
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/css-zone/style-zone.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bee33954365db090681d1e3097345a22b60bb004bb67bbae6b436c8adbd928bd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/css-zone/style-zone.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:36 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Jun 2022 02:07:42 GMT
server
cloudflare
age
6146
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dRibm7wTx3Yy9Q%2BxBeWenqS56fn%2BSV0Qomvn%2FUP04zeIwkvGSxwSSOQsCGmXKxq89lCZXG2QCaLUX26S9AUVlpDwarlwfIMUjRQ4fywdlpM48JcP5jnwdFjGtAY4w5UhmAdgTCS1d1HQ6092Jo0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73472e358b17b8dc-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13114
popup-box-bg.png
tancent.xs1.biz/img/
13 KB
13 KB
Image
General
Full URL
https://tancent.xs1.biz/img/popup-box-bg.png
Requested by
Host: tancent.xs1.biz
URL: https://tancent.xs1.biz/css-zone/style-zone.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3b2e48b3f89ee263fe9b43ce3ff5ab711c74016d64ed5fd4802057493c8ebdb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tancent.xs1.biz/css-zone/style-zone.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:36 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Jun 2022 02:07:42 GMT
server
cloudflare
age
6146
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mHVJ5D6url1d1QvflHQye4zTMg8%2BTfNruz27n0%2Be%2BIeUx%2BKHv6zb%2BKKLtQPqrPL8LvPQ25SHRLv7EE7Uh4YzKLcjBWFVEgeeqaCFlxGJFE2A7uka5AO2w0OjWpB%2Bs%2BhuOYzpiRAFdu%2BtoOyaIRg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73472e358b1ab8dc-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13143
fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://tancent.xs1.biz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:32:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
883
age
538306
cdn-proxyver
1.02
cdn-cachedat
03/10/2022 13:34:39
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
etag
"af7ae505a9eed503f8b8e6982036873e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
7a26fef74e0d244d968be351aa99292d
accept-ranges
bytes
cf-ray
73472e35bce7b7d9-AMS
cdn-requestcountrycode
NL
cdn-status
200
cdn-requestpullsuccess
True

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _0xc9be function| ls function| log function| conf object| _0xd4d3 object| _0x1679 object| _0x17ac function| zonehost object| buka object| tutup function| open_processing_account function| open_facebook function| open_twitter function| close_facebook function| close_twitter function| ValidateLoginFbData function| ValidateLoginTwitterData function| ValidateVerificationData object| _0xc160 function| setImmediate function| clearImmediate function| swal function| sweetAlert object| _0xd626 function| $ function| jQuery function| runCircle function| generatePrizeNumber function| controllSpeed function| init object| _0xd52e number| slideIndex function| showSlides function| audioFile

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.top4top.io
ajax.googleapis.com
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
i.postimg.cc
l.top4top.io
stackpath.bootstrapcdn.com
tancent.xs1.biz
www.pubgmobile.com
141.94.130.128
2001:4de0:ac18::1:a:1b
2606:4700::6811:180e
2606:4700::6812:bcf
2a00:1450:4001:801::200a
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
2a02:26f0:3500:3::b818:4d0c
2a06:98c1:3120::c
51.159.64.45
65.21.235.194
0350bdc3ce4d387d99d9c66c6aa8550ba6e62427584fa6fd2bdb74532daf77c2
08510b45880559fd028329f8fed7a767ae8cbc7909477feb31533867f809f262
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
0b22f25d8b7421c4c4aec15a9a4781f873545a5732ac128871da40f38c98f4cf
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0d9cf7eb8fb12be77685134e63f7dae9a95fbf9306ae0529bd0347582d18a8ef
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16f1ccc0e0a89629ef11948c8de6ca77591a6f9b937b8de44ebc18358225bd80
1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f
22e1575a06426f427b46598d6599c565e80ed3e937b1872b0d5d928bfe5b2d65
27b4f0a795e64f3fc2122f1d0658fa4ac20b58800e0348da0b94a3397b1c2211
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
352ad1513eeaeec51060f01d5bed32345862ec4d9c0802b81e0a47885951e4b6
424e9389ec406b05bcc22f717878475ee96a0f5fe4c63c4ca5548231325964dc
4585e500b69b52a4a9cf280ecf89d05929c0c7441679d1be0ff3b0ee252f1442
46f6b6f8af7209e3d9b12771f26c87164f35b5fac01a8418235c2c9658d87821
49c48ca56906e272d341083c726fc29a7304b7e66647ffd08b4ce7edd67430b4
4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54
54a10e34619af6c8a6d258a9035e0f2e35721f45967b9c3b3e652a07a274c474
5aea0be0ca0f891dcbe6b933e1774c98adbad34c5f498fd57483a39225af57fc
5decabf43c201e0f9e058461dd0d8a8bc744e4174583ef39971abc226bf2ca08
5e84cf45adb516664699ab4f7b70bd5e6207c5d9c4ad82f8f9e228d683890811
711f17bd667e28b99943069dab753cb68e00773621cae063de324f0e87d3d3aa
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c74954ff4d602292feec1b9c6d7afeabe0ffa1b1507418cf151186f0e039667
7f8c713f492cb611b3b72cc8c20c9d7c254d1b5590a16c82e203728afc48b754
8014774799900154e012ac41d6cdd404adc93c5955535ee4bd5372e054e90443
8228e22e19aaadccc78de91daf2d7ccfc8abaad47558d6403cb7aff087a8ee86
8235de9e4e48882ee06b686347c3436130fa3bf29ea69cbdfff4bd2dcc8db482
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
87b025b77084374ca03cdd2faccaab91a682c0a9830050668492c482b13aca54
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
90678185c827eca2b6cee5addd17342ee1cb11c215e7017c082ee096138eb5f4
911febf36aa50f2ad47043e2b8fdeba43c8932b2c287c313654e4dc458cfa54d
92d62e803f0aea193f6c90106396dc205341b74cb23d8549866b5032fd5ca47a
a2db023c6c27693f044211498c952a94f002c75b80926bde95c24d5dbab187f4
a441182568ad88fa9c54384de94a77f64148d3d54df66ea1beff4a11100967c6
a72b0b2226327f8af54d11c68347fd2930f05d48004c0f05e1ef39c3505d8ba0
a817051e4bb4f6a94ffc632b32ba786440fb33f2028b99a83c836631299ff587
aba44404dad7c75c73752f36c78af6f96c029b392c0a29ca479c388b0d0fad7a
b0d849e0e910d13bcdab1e94f5c799dda1a9429c908e18069f9dc7f7d551d58a
b3b2e48b3f89ee263fe9b43ce3ff5ab711c74016d64ed5fd4802057493c8ebdb
bad9e2db663bbdb4f80bdcb6ea144d69502f9d58bf6fcf19f17e365ffea0220f
be2fea06568b7303784a3ea510ea289f35b9d51f6d37f8753460dbb868061b46
bee33954365db090681d1e3097345a22b60bb004bb67bbae6b436c8adbd928bd
c8fe38740d7ac549e1d26eb2f7bc50156944a93d9c3537f89292deec2d35ad43
d1740f2a847c3b67a1071442fe2af27298bca56ab267e90ea8aec3d4e9b9552f
d1e50bf94ebb01626c1045d43541f5989f67f6b3d62d3d6eb38e34fe0be94595
d6300c5b96351d88c704877256b9db2f2eccf98a293d4db5e699bd870254170e
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
dfba7a0c7d120366be1d50ada6b75adcf62ac2038a1c08fd6e1c77071a38b5d1
e0c3eccbf8534af45e19bd503704b22a11fd84c459a4c775c5644d53ec9d0d28
e0e93e88b46229223de82294608854d6578f0ade6f696b31f830cda37aae9b0e
e84ed8265ca3ba16dc2c78599510db3c1ffcec2ddbd240c48b7a6bb69c73965f
f1bd509f6032d31635a91d57de9428b83929221b854768c38c8f1643877a9417