urlscan.io logo urlscan.io
SecurityTrails logo

cf68vn.win Open in urlscan Pro
61.14.233.82  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.pstmrk.it/2s/cf68vn.win%2FoLqka/ZXs20CYN/0J9S/Ez9kR1bFpR
Effective URL: https://cf68vn.win/oLqka/313d18838021ca0/
Submission: On November 16 via manual from NZ — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 5 countries across 8 domains to perform 31 HTTP transactions. The main IP is 61.14.233.82, located in Ho Chi Minh City, Viet Nam and belongs to VNPT-AS-VN VNPT Corp, VN. The main domain is cf68vn.win.
TLS certificate: Issued by R3 on November 5th 2021. Valid for: 3 months.
This is the only time cf68vn.win was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 1 52.209.44.190 16509 (AMAZON-02)
2 12 61.14.233.82 45899 (VNPT-AS-V...)
17 207.148.79.137 20473 (AS-CHOOPA)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
31 6
1    52.209.44.190 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-44-190.eu-west-1.compute.amazonaws.com
click.pstmrk.it
12    61.14.233.82 (Ho Chi Minh City, Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: no-ptr.123host.vn
cf68vn.win
17    207.148.79.137 (Singapore, Singapore)

ASN20473 (AS-CHOOPA, US)
PTR: 207.148.79.137.vultr.com
cf68vna.asia
kubet771.win
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Domain Requested by
16 cf68vna.asia cf68vn.win
12 cf68vn.win 2 redirects cf68vn.win
1 www.google-analytics.com www.googletagmanager.com
1 kubet771.win cf68vn.win
1 www.googletagmanager.com cf68vn.win
1 fonts.googleapis.com cf68vn.win
1 maxcdn.bootstrapcdn.com cf68vn.win
1 click.pstmrk.it 1 redirects
31 8

This site contains no links.

Subject Issuer Validity Valid
cf68vn.win
R3		 2021-11-05 -
2022-02-03		 3 months crt.sh
cf68vna.asia
R3		 2021-10-07 -
2022-01-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
kubet771.win
R3		 2021-10-22 -
2022-01-20		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://cf68vn.win/oLqka/313d18838021ca0/
Frame ID: 941BAD3C5A19B4CD341B35AB77198696
Requests: 9 HTTP requests in this frame

Frame: https://cf68vn.win/oLqka/assets/prefetch.html
Frame ID: 3120C190A14C2103337FDD3AA261EFFB
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in to your account

Page URL History Show full URLs

  1. https://click.pstmrk.it/2s/cf68vn.win%2FoLqka/ZXs20CYN/0J9S/Ez9kR1bFpR HTTP 302
    https://cf68vn.win/oLqka HTTP 301
    https://cf68vn.win/oLqka/ HTTP 302
    https://cf68vn.win/oLqka/313d18838021ca0/ Page URL

Page Statistics

31
Requests

100 %
HTTPS

57 %
IPv6

8
Domains

8
Subdomains

6
IPs

5
Countries

385 kB
Transfer

1044 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.pstmrk.it/2s/cf68vn.win%2FoLqka/ZXs20CYN/0J9S/Ez9kR1bFpR HTTP 302
    https://cf68vn.win/oLqka HTTP 301
    https://cf68vn.win/oLqka/ HTTP 302
    https://cf68vn.win/oLqka/313d18838021ca0/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cf68vn.win/oLqka/313d18838021ca0/
Redirect Chain
  • https://click.pstmrk.it/2s/cf68vn.win%2FoLqka/ZXs20CYN/0J9S/Ez9kR1bFpR
  • https://cf68vn.win/oLqka
  • https://cf68vn.win/oLqka/
  • https://cf68vn.win/oLqka/313d18838021ca0/
203 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cf68vn.win/oLqka/313d18838021ca0/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.14.233.82 Ho Chi Minh City, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
no-ptr.123host.vn
Software
nginx /
Resource Hash
f68d1762e067c25b07eceed2203661ea4998bd3867ab50e0be054a1ce12633df
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
it-IT,it;q=0.9

Response headers

server
nginx
date
Tue, 16 Nov 2021 02:54:21 GMT
content-type
text/html; charset=UTF-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding,User-Agent
content-encoding
gzip
x-content-type
nosniff
x_forwarded_for
104.16.77.187
remote_addr
104.16.77.187
host
www.fbi.gov
origin
https://www.fbi.gov
referer
https://www.fbi.gov
x-forwarded-host
www.fbi.gov
x-forwarded-proto
https
x-xss-protection
1; mode=block

Redirect headers

server
nginx
date
Tue, 16 Nov 2021 02:54:17 GMT
content-type
text/html; charset=UTF-8
content-length
24
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
location
313d18838021ca0/
vary
Accept-Encoding,User-Agent
content-encoding
gzip
x-content-type
nosniff
x_forwarded_for
104.16.77.187
remote_addr
104.16.77.187
host
www.fbi.gov
origin
https://www.fbi.gov
referer
https://www.fbi.gov
x-forwarded-host
www.fbi.gov
x-forwarded-proto
https
x-xss-protection
1; mode=block
/
cf68vn.win/oLqka/313d18838021ca0/ 		0
52 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cf68vn.win/oLqka/313d18838021ca0/
Requested by
Host: cf68vn.win
URL: https://cf68vn.win/oLqka/313d18838021ca0/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.14.233.82 Ho Chi Minh City, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
no-ptr.123host.vn
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://cf68vn.win/oLqka/313d18838021ca0/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 02:54:27 GMT
content-encoding
gzip
origin
https://www.fbi.gov
x_forwarded_for
104.16.77.187
x-forwarded-proto
https
x-xss-protection
1; mode=block
server
nginx
x-content-type
nosniff
pragma
no-cache
remote_addr
104.16.77.187
x-forwarded-host
www.fbi.gov
host
www.fbi.gov
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
referer
https://www.fbi.gov
expires
Thu, 19 Nov 1981 08:52:00 GMT
ConvergedLogin_PCore_FZ20atAlhirHa_737xNftg2.js.download
cf68vn.win/oLqka/assets/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cf68vn.win/oLqka/assets/ConvergedLogin_PCore_FZ20atAlhirHa_737xNftg2.js.download
Requested by
Host: cf68vn.win
URL: https://cf68vn.win/oLqka/313d18838021ca0/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.14.233.82 Ho Chi Minh City, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
no-ptr.123host.vn
Software
nginx /
Resource Hash

Request headers

Referer
https://cf68vn.win/oLqka/313d18838021ca0/
Origin
https://cf68vn.win
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 02:54:23 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
link
<https://cf68vna.asia/wp-json/>; rel="https://api.w.org/"
content-length
7032
expires
Wed, 11 Jan 1984 05:00:00 GMT
logos.svg
cf68vn.win/oLqka/assets/img/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf68vn.win/oLqka/assets/img/logos.svg
Requested by
Host: cf68vn.win
URL: https://cf68vn.win/oLqka/313d18838021ca0/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.14.233.82 Ho Chi Minh City, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
no-ptr.123host.vn
Software
nginx /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://cf68vn.win/oLqka/313d18838021ca0/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 02:54:23 GMT
content-encoding
gzip
last-modified
Mon, 15 Nov 2021 21:33:07 GMT
server
nginx
etag
W/"6192d213-e43"
vary
Accept-Encoding
content-type
image/svg+xml
sec.svg
cf68vn.win/oLqka/assets/img/ 		2 KB
797 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf68vn.win/oLqka/assets/img/sec.svg
Requested by
Host: cf68vn.win
URL: https://cf68vn.win/oLqka/313d18838021ca0/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.14.233.82 Ho Chi Minh City, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
no-ptr.123host.vn
Software
nginx /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://cf68vn.win/oLqka/313d18838021ca0/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 02:54:23 GMT
content-encoding
gzip
last-modified
Mon, 15 Nov 2021 21:33:07 GMT
server
nginx
etag
W/"6192d213-638"
vary
Accept-Encoding
content-type
image/svg+xml
ConvergedLogin_PCore_FZ20atAlhirHa_737xNftg2.js.download
cf68vn.win/oLqka/assets/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cf68vn.win/oLqka/assets/ConvergedLogin_PCore_FZ20atAlhirHa_737xNftg2.js.download
Requested by
Host: cf68vn.win
URL: https://cf68vn.win/oLqka/313d18838021ca0/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.14.233.82 Ho Chi Minh City, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
no-ptr.123host.vn
Software
nginx /
Resource Hash

Request headers

Referer
https://cf68vn.win/oLqka/313d18838021ca0/
Origin
https://cf68vn.win
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 02:54:24 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
link
<https://cf68vna.asia/wp-json/>; rel="https://api.w.org/"
content-length
7032
expires
Wed, 11 Jan 1984 05:00:00 GMT
css.css
cf68vn.win/oLqka/assets/css/ 		0
24 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cf68vn.win/oLqka/assets/css/css.css
Requested by
Host: cf68vn.win
URL: https://cf68vn.win/oLqka/313d18838021ca0/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.14.233.82 Ho Chi Minh City, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
no-ptr.123host.vn
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://cf68vn.win/oLqka/313d18838021ca0/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 02:54:23 GMT
content-encoding
gzip
last-modified
Mon, 15 Nov 2021 21:33:07 GMT
server
nginx
etag
W/"6192d213-1a3c0"
vary
Accept-Encoding
content-type
text/css
prefetch.html
cf68vn.win/oLqka/assets/ Frame 3120 		24 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cf68vn.win/oLqka/assets/prefetch.html
Requested by
Host: cf68vn.win
URL: https://cf68vn.win/oLqka/313d18838021ca0/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.14.233.82 Ho Chi Minh City, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
no-ptr.123host.vn
Software
nginx /
Resource Hash
367f6d9d1ddc450708c143af85ac954e0b56e54225c8cb5771b63588da4f72cb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://cf68vn.win/oLqka/313d18838021ca0/

Response headers

server
nginx
date
Tue, 16 Nov 2021 02:54:24 GMT
content-type
text/html; charset=UTF-8
content-length
7032
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, must-revalidate, max-age=0
link
<https://cf68vna.asia/wp-json/>; rel="https://api.w.org/"
vary
Accept-Encoding,User-Agent
content-encoding
gzip
bk.svg
cf68vn.win/oLqka/assets/img/ 		2 KB
823 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf68vn.win/oLqka/assets/img/bk.svg
Requested by
Host: cf68vn.win
URL: https://cf68vn.win/oLqka/313d18838021ca0/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.14.233.82 Ho Chi Minh City, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
no-ptr.123host.vn
Software
nginx /
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://cf68vn.win/oLqka/313d18838021ca0/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 02:54:23 GMT
content-encoding
gzip
last-modified
Mon, 15 Nov 2021 21:33:07 GMT
server
nginx
etag
W/"6192d213-748"
vary
Accept-Encoding
content-type
image/svg+xml
develop.css
cf68vna.asia/wp-content/themes/flatsome/assets/develop/css/ Frame 3120 		2 KB
876 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cf68vna.asia/wp-content/themes/flatsome/assets/develop/css/develop.css?ver=5.8.1
Requested by
Host: cf68vn.win
URL: https://cf68vn.win/oLqka/assets/prefetch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.148.79.137 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
207.148.79.137.vultr.com
Software
HOSTVN.NET /
Resource Hash
4fab3eaec2b3b1d28b9e90348d4c3d27ed169fe7f95f7dec2e965871f9d3d33d
Security Headers
Name Value
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options "nosniff" always
X-Xss-Protection "1; mode=block" always

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://cf68vn.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 02:54:25 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 07 Oct 2021 05:37:04 GMT
server
HOSTVN.NET
etag
W/"615e8780-804"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
"1; mode=block" always
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security
"max-age=31536000; includeSubDomains; preload" always
x-content-type-options
"nosniff" always
expires
Wed, 16 Nov 2022 02:54:25 GMT
style.min.css
cf68vna.asia/wp-includes/css/dist/block-library/ Frame 3120 		79 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cf68vna.asia/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
Requested by
Host: cf68vn.win
URL: https://cf68vn.win/oLqka/assets/prefetch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.148.79.137 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
207.148.79.137.vultr.com
Software
HOSTVN.NET /
Resource Hash
af6e88bf9133a466da766b44b040840cb2b9e3747ba1e6b96a277b35df5cf8cb
Security Headers
Name Value
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options "nosniff" always
X-Xss-Protection "1; mode=block" always

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://cf68vn.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 02:54:25 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 07 Oct 2021 05:37:54 GMT
server
HOSTVN.NET
etag
W/"615e87b2-13ac8"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
"1; mode=block" always
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security
"max-age=31536000; includeSubDomains; preload" always
x-content-type-options
"nosniff" always
expires
Wed, 16 Nov 2022 02:54:25 GMT
styles.css
cf68vna.asia/wp-content/plugins/contact-form-7/includes/css/ Frame 3120 		2 KB
1021 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cf68vna.asia/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.7
Requested by
Host: cf68vn.win
URL: https://cf68vn.win/oLqka/assets/prefetch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.148.79.137 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
207.148.79.137.vultr.com
Software
HOSTVN.NET /
Resource Hash
24c09a0ea660914ff224ff7d113765e47aa4ba8ef394a941724e9571d21c0161
Security Headers
Name Value
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options "nosniff" always
X-Xss-Protection "1; mode=block" always

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://cf68vn.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 02:54:25 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 07 Oct 2021 05:36:47 GMT
server
HOSTVN.NET
etag
W/"615e876f-741"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
"1; mode=block" always
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security
"max-age=31536000; includeSubDomains; preload" always
x-content-type-options
"nosniff" always
expires
Wed, 16 Nov 2022 02:54:25 GMT
dashicons.min.css
cf68vna.asia/wp-includes/css/ Frame 3120 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cf68vna.asia/wp-includes/css/dashicons.min.css?ver=5.8.1
Requested by
Host: cf68vn.win
URL: https://cf68vn.win/oLqka/assets/prefetch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.148.79.137 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
207.148.79.137.vultr.com
Software
HOSTVN.NET /
Resource Hash
128e27fe89ce384324a1b93577abd5f36833e6f8c29b0547370655dfae9646a0
Security Headers
Name Value
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options "nosniff" always
X-Xss-Protection "1; mode=block" always

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://cf68vn.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 02:54:25 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 07 Oct 2021 05:37:53 GMT
server
HOSTVN.NET
etag
W/"615e87b1-e689"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
"1; mode=block" always
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security
"max-age=31536000; includeSubDomains; preload" always
x-content-type-options
"nosniff" always
expires
Wed, 16 Nov 2022 02:54:25 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 3120 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?ver=5.8.1
Requested by
Host: cf68vn.win
URL: https://cf68vn.win/oLqka/assets/prefetch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://cf68vn.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 02:54:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723, 617
age
5874419
cdn-cachedat
2021-07-24 08:09:23
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
9d557c6a9398a657e063aa31b037ba88
cf-ray
6aed6f3b2ea93760-MXP
cdn-requestcountrycode
EG
cdn-status
200
cdn-requestpullsuccess
True
fl-icons.css
cf68vna.asia/wp-content/themes/flatsome/assets/css/ Frame 3120 		329 B
583 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cf68vna.asia/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.11
Requested by
Host: cf68vn.win
URL: https://cf68vn.win/oLqka/assets/prefetch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.148.79.137 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
207.148.79.137.vultr.com
Software
HOSTVN.NET /
Resource Hash
2d2894eb4ee3f14993b943ee6f044c9c2b2759c225439ae15b8b9d659ad96757
Security Headers
Name Value
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options "nosniff" always
X-Xss-Protection "1; mode=block" always

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://cf68vn.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 02:54:25 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 07 Oct 2021 05:37:04 GMT
server
HOSTVN.NET
etag
W/"615e8780-149"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
"1; mode=block" always
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security
"max-age=31536000; includeSubDomains; preload" always
x-content-type-options
"nosniff" always
expires
Wed, 16 Nov 2022 02:54:25 GMT
flatsome.css
cf68vna.asia/wp-content/themes/flatsome/assets/css/ Frame 3120 		134 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cf68vna.asia/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.11.3
Requested by
Host: cf68vn.win
URL: https://cf68vn.win/oLqka/assets/prefetch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.148.79.137 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
207.148.79.137.vultr.com
Software
HOSTVN.NET /
Resource Hash
63b16e2bdc0f9e0ffc434f20733ff5bf5dc510dc9a3f3454787efacd914771e2
Security Headers
Name Value
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options "nosniff" always
X-Xss-Protection "1; mode=block" always

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://cf68vn.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 02:54:25 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 07 Oct 2021 05:37:04 GMT
server
HOSTVN.NET
etag
W/"615e8780-218a6"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
"1; mode=block" always
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security
"max-age=31536000; includeSubDomains; preload" always
x-content-type-options
"nosniff" always
expires
Wed, 16 Nov 2022 02:54:25 GMT
style.css
cf68vna.asia/wp-content/themes/flatsome-child/ Frame 3120 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cf68vna.asia/wp-content/themes/flatsome-child/style.css?ver=1630823439
Requested by
Host: cf68vn.win
URL: https://cf68vn.win/oLqka/assets/prefetch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.148.79.137 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
207.148.79.137.vultr.com
Software
HOSTVN.NET /
Resource Hash
d005fa2d9a22a5bd91ccba08d30a6b3d82cca7ab79520664097c03e490ea9174
Security Headers
Name Value
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options "nosniff" always
X-Xss-Protection "1; mode=block" always

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://cf68vn.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 02:54:25 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Oct 2021 10:41:20 GMT
server
HOSTVN.NET
etag
W/"6177db50-49c1"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
"1; mode=block" always
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security
"max-age=31536000; includeSubDomains; preload" always
x-content-type-options
"nosniff" always
expires
Wed, 16 Nov 2022 02:54:25 GMT
css
fonts.googleapis.com/ Frame 3120 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C500%2Cregular%2C500%7CDancing+Script%3Aregular%2Cdefault&display=swap&ver=3.9
Requested by
Host: cf68vn.win
URL: https://cf68vn.win/oLqka/assets/prefetch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
df1c0728bc7a6e1f290f000f4b64474cad87a04b19c5ca44163a0a738ede27b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://cf68vn.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 02:54:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 16 Nov 2021 02:54:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 16 Nov 2021 02:54:24 GMT
jquery.min.js
cf68vna.asia/wp-includes/js/jquery/ Frame 3120 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf68vna.asia/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: cf68vn.win
URL: https://cf68vn.win/oLqka/assets/prefetch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.148.79.137 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
207.148.79.137.vultr.com
Software
HOSTVN.NET /
Resource Hash
fa01a88ab1ad3f2d9dfbe0f4cef276a854b3630c58dab548030b0d99806aaeae
Security Headers
Name Value
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options "nosniff" always
X-Xss-Protection "1; mode=block" always

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://cf68vn.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 02:54:25 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 07 Oct 2021 05:38:02 GMT
server
HOSTVN.NET
etag
W/"615e87ba-15db3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-xss-protection
"1; mode=block" always
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security
"max-age=31536000; includeSubDomains; preload" always
x-content-type-options
"nosniff" always
expires
Wed, 16 Nov 2022 02:54:25 GMT
jquery-migrate.min.js
cf68vna.asia/wp-includes/js/jquery/ Frame 3120 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf68vna.asia/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: cf68vn.win
URL: https://cf68vn.win/oLqka/assets/prefetch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.148.79.137 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
207.148.79.137.vultr.com
Software
HOSTVN.NET /
Resource Hash
d301bad6e867bd0803600fb51a818a777655abe5513a2e9ac1128502d93f09ac
Security Headers
Name Value
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options "nosniff" always
X-Xss-Protection "1; mode=block" always

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://cf68vn.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 02:54:25 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 07 Oct 2021 05:38:02 GMT
server
HOSTVN.NET
etag
W/"615e87ba-2bda"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-xss-protection
"1; mode=block" always
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security
"max-age=31536000; includeSubDomains; preload" always
x-content-type-options
"nosniff" always
expires
Wed, 16 Nov 2022 02:54:25 GMT
js
www.googletagmanager.com/gtag/ Frame 3120 		163 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2SLRV26GNP
Requested by
Host: cf68vn.win
URL: https://cf68vn.win/oLqka/assets/prefetch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
85c506365188b2b0e2ff1399b2c427250dce838ad63fee38ffee9f81ea23bb2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://cf68vn.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 02:54:25 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61775
x-xss-protection
0
expires
Tue, 16 Nov 2021 02:54:25 GMT
cf68-club-logo.png
kubet771.win/wp-content/uploads/2021/09/ Frame 3120 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kubet771.win/wp-content/uploads/2021/09/cf68-club-logo.png
Requested by
Host: cf68vn.win
URL: https://cf68vn.win/oLqka/assets/prefetch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.148.79.137 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
207.148.79.137.vultr.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://cf68vn.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
scripts.js
cf68vna.asia/wp-content/plugins/contact-form-7/includes/js/ Frame 3120 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf68vna.asia/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.7
Requested by
Host: cf68vn.win
URL: https://cf68vn.win/oLqka/assets/prefetch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.148.79.137 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
207.148.79.137.vultr.com
Software
HOSTVN.NET /
Resource Hash
c9f30a341799dcc4a8944ba59d2468bf3148fb79afa381dd7055a57150eefd34
Security Headers
Name Value
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options "nosniff" always
X-Xss-Protection "1; mode=block" always

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://cf68vn.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 02:54:25 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 07 Oct 2021 05:36:47 GMT
server
HOSTVN.NET
etag
W/"615e876f-3a76"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-xss-protection
"1; mode=block" always
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security
"max-age=31536000; includeSubDomains; preload" always
x-content-type-options
"nosniff" always
expires
Wed, 16 Nov 2022 02:54:25 GMT
flatsome-live-search.js
cf68vna.asia/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/ Frame 3120 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf68vna.asia/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.11.3
Requested by
Host: cf68vn.win
URL: https://cf68vn.win/oLqka/assets/prefetch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.148.79.137 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
207.148.79.137.vultr.com
Software
HOSTVN.NET /
Resource Hash
c8be16604c20ab5d5895a6678da49477ea7ec12528234be9119b36f118b9d4e2
Security Headers
Name Value
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options "nosniff" always
X-Xss-Protection "1; mode=block" always

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://cf68vn.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 02:54:25 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 07 Oct 2021 05:37:26 GMT
server
HOSTVN.NET
etag
W/"615e8796-3e52"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-xss-protection
"1; mode=block" always
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security
"max-age=31536000; includeSubDomains; preload" always
x-content-type-options
"nosniff" always
expires
Wed, 16 Nov 2022 02:54:25 GMT
hoverIntent.min.js
cf68vna.asia/wp-includes/js/ Frame 3120 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf68vna.asia/wp-includes/js/hoverIntent.min.js?ver=1.10.1
Requested by
Host: cf68vn.win
URL: https://cf68vn.win/oLqka/assets/prefetch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.148.79.137 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
207.148.79.137.vultr.com
Software
HOSTVN.NET /
Resource Hash
9cc091113ba53c972c78aa6b57c90f801af6f53f8738f569d29e5320cc1ccf65
Security Headers
Name Value
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options "nosniff" always
X-Xss-Protection "1; mode=block" always

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://cf68vn.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 02:54:25 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 07 Oct 2021 05:37:57 GMT
server
HOSTVN.NET
etag
W/"615e87b5-5c9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-xss-protection
"1; mode=block" always
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security
"max-age=31536000; includeSubDomains; preload" always
x-content-type-options
"nosniff" always
expires
Wed, 16 Nov 2022 02:54:25 GMT
flatsome.js
cf68vna.asia/wp-content/themes/flatsome/assets/js/ Frame 3120 		167 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf68vna.asia/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.11.3
Requested by
Host: cf68vn.win
URL: https://cf68vn.win/oLqka/assets/prefetch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.148.79.137 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
207.148.79.137.vultr.com
Software
HOSTVN.NET /
Resource Hash
235f3e116faa1ffe83d218eca7bc96e5700ee56e815eb19c6cf6494f69e1acf4
Security Headers
Name Value
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options "nosniff" always
X-Xss-Protection "1; mode=block" always

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://cf68vn.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 02:54:25 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 07 Oct 2021 05:37:05 GMT
server
HOSTVN.NET
etag
W/"615e8781-29d4c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-xss-protection
"1; mode=block" always
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security
"max-age=31536000; includeSubDomains; preload" always
x-content-type-options
"nosniff" always
expires
Wed, 16 Nov 2022 02:54:25 GMT
flatsome-lazy-load.js
cf68vna.asia/wp-content/themes/flatsome/inc/extensions/flatsome-lazy-load/ Frame 3120 		2 KB
1001 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cf68vna.asia/wp-content/themes/flatsome/inc/extensions/flatsome-lazy-load/flatsome-lazy-load.js?ver=3.11.3
Requested by
Host: cf68vn.win
URL: https://cf68vn.win/oLqka/assets/prefetch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.148.79.137 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
207.148.79.137.vultr.com
Software
HOSTVN.NET /
Resource Hash
518554fd95fd15625f00ef1dafaf27bcd4e01905c6fd556095fe72de663322a6
Security Headers
Name Value
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options "nosniff" always
X-Xss-Protection "1; mode=block" always

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://cf68vn.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 02:54:25 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 07 Oct 2021 05:37:26 GMT
server
HOSTVN.NET
etag
W/"615e8796-98c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-xss-protection
"1; mode=block" always
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security
"max-age=31536000; includeSubDomains; preload" always
x-content-type-options
"nosniff" always
expires
Wed, 16 Nov 2022 02:54:25 GMT
wp-embed.min.js
cf68vna.asia/wp-includes/js/ Frame 3120 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf68vna.asia/wp-includes/js/wp-embed.min.js?ver=5.8.1
Requested by
Host: cf68vn.win
URL: https://cf68vn.win/oLqka/assets/prefetch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.148.79.137 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
207.148.79.137.vultr.com
Software
HOSTVN.NET /
Resource Hash
fddba483a4615f2ef1f989bdd2c0a3f783ef7c56bbc7b5f913819b368c86cc89
Security Headers
Name Value
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options "nosniff" always
X-Xss-Protection "1; mode=block" always

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://cf68vn.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 02:54:25 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 07 Oct 2021 05:37:57 GMT
server
HOSTVN.NET
etag
W/"615e87b5-593"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-xss-protection
"1; mode=block" always
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security
"max-age=31536000; includeSubDomains; preload" always
x-content-type-options
"nosniff" always
expires
Wed, 16 Nov 2022 02:54:25 GMT
wp-emoji-release.min.js
cf68vna.asia/wp-includes/js/ Frame 3120 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf68vna.asia/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by
Host: cf68vn.win
URL: https://cf68vn.win/oLqka/assets/prefetch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.148.79.137 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
207.148.79.137.vultr.com
Software
HOSTVN.NET /
Resource Hash
12c914b2de0994b91d24103625cffd72154df8f8d53b4aed8cd429bc679a1918
Security Headers
Name Value
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options "nosniff" always
X-Xss-Protection "1; mode=block" always

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://cf68vn.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 02:54:25 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 07 Oct 2021 05:37:57 GMT
server
HOSTVN.NET
etag
W/"615e87b5-4709"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-xss-protection
"1; mode=block" always
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security
"max-age=31536000; includeSubDomains; preload" always
x-content-type-options
"nosniff" always
expires
Wed, 16 Nov 2022 02:54:25 GMT
ConvergedLogin_PCore_FZ20atAlhirHa_737xNftg2.js.download
cf68vn.win/oLqka/assets/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cf68vn.win/oLqka/assets/ConvergedLogin_PCore_FZ20atAlhirHa_737xNftg2.js.download
Requested by
Host: cf68vn.win
URL: https://cf68vn.win/oLqka/313d18838021ca0/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.14.233.82 Ho Chi Minh City, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
no-ptr.123host.vn
Software
nginx /
Resource Hash

Request headers

Referer
https://cf68vn.win/oLqka/313d18838021ca0/
Origin
https://cf68vn.win
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 02:54:25 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
link
<https://cf68vna.asia/wp-json/>; rel="https://api.w.org/"
content-length
7032
expires
Wed, 11 Jan 1984 05:00:00 GMT
collect
www.google-analytics.com/g/ Frame 3120 		0
344 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-2SLRV26GNP&gtm=2oeba1&_p=1751403945&sr=1600x1200&ul=en-us&cid=451637402.1637031266&_s=1&dl=https%3A%2F%2Fcf68vn.win%2FoLqka%2Fassets%2Fprefetch.html&dr=https%3A%2F%2Fcf68vn.win%2FoLqka%2F313d18838021ca0%2F&dt=Page%20not%20found%20-%20CF68&sid=1637031265&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2SLRV26GNP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cf68vn.win/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 16 Nov 2021 02:54:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cf68vn.win
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| $Debug object| $Do function| $Loader function| GetString function| GetErrorString function| GetUrl object| $B object| StringRepository object| PROOF boolean| __

3 Cookies

Domain/Path Name / Value
cf68vn.win/ Name: PHPSESSID
Value: 8f40boe05til1ju6bvkstbolub
.cf68vn.win/ Name: _ga
Value: GA1.1.451637402.1637031266
.cf68vn.win/ Name: _ga_2SLRV26GNP
Value: GS1.1.1637031265.1.0.1637031266.0

9 Console Messages

Source Level URL
Text
network error URL: https://cf68vn.win/oLqka/assets/ConvergedLogin_PCore_FZ20atAlhirHa_737xNftg2.js.download
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://cf68vn.win/oLqka/assets/prefetch.html
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://cf68vn.win/oLqka/assets/prefetch.html
Message:
Mixed Content: The page at 'https://cf68vn.win/oLqka/assets/prefetch.html' was loaded over HTTPS, but requested an insecure element 'http://kubet771.win/wp-content/uploads/2021/09/cf68-club-logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://cf68vn.win/oLqka/assets/prefetch.html
Message:
Mixed Content: The page at 'https://cf68vn.win/oLqka/assets/prefetch.html' was loaded over HTTPS, but requested an insecure element 'http://kubet771.win/wp-content/uploads/2021/09/cf68-club-logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://cf68vn.win/oLqka/assets/ConvergedLogin_PCore_FZ20atAlhirHa_737xNftg2.js.download
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://cf68vn.win/oLqka/assets/ConvergedLogin_PCore_FZ20atAlhirHa_737xNftg2.js.download
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://cf68vn.win/oLqka/assets/prefetch.html
Message:
Mixed Content: The page at 'https://cf68vn.win/oLqka/assets/prefetch.html' was loaded over HTTPS, but requested an insecure element 'http://kubet771.win/wp-content/uploads/2021/09/cf68-club-logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://cf68vn.win/oLqka/assets/prefetch.html
Message:
Mixed Content: The page at 'https://cf68vn.win/oLqka/assets/prefetch.html' was loaded over HTTPS, but requested an insecure element 'http://kubet771.win/wp-content/uploads/2021/09/cf68-club-logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://kubet771.win/wp-content/uploads/2021/09/cf68-club-logo.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cf68vn.win
cf68vna.asia
click.pstmrk.it
fonts.googleapis.com
kubet771.win
maxcdn.bootstrapcdn.com
www.google-analytics.com
www.googletagmanager.com
207.148.79.137
2606:4700::6812:acf
2a00:1450:4001:811::200a
2a00:1450:4001:811::200e
2a00:1450:4001:830::2008
52.209.44.190
61.14.233.82
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
128e27fe89ce384324a1b93577abd5f36833e6f8c29b0547370655dfae9646a0
12c914b2de0994b91d24103625cffd72154df8f8d53b4aed8cd429bc679a1918
235f3e116faa1ffe83d218eca7bc96e5700ee56e815eb19c6cf6494f69e1acf4
24c09a0ea660914ff224ff7d113765e47aa4ba8ef394a941724e9571d21c0161
2d2894eb4ee3f14993b943ee6f044c9c2b2759c225439ae15b8b9d659ad96757
367f6d9d1ddc450708c143af85ac954e0b56e54225c8cb5771b63588da4f72cb
4fab3eaec2b3b1d28b9e90348d4c3d27ed169fe7f95f7dec2e965871f9d3d33d
518554fd95fd15625f00ef1dafaf27bcd4e01905c6fd556095fe72de663322a6
63b16e2bdc0f9e0ffc434f20733ff5bf5dc510dc9a3f3454787efacd914771e2
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
85c506365188b2b0e2ff1399b2c427250dce838ad63fee38ffee9f81ea23bb2c
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
9cc091113ba53c972c78aa6b57c90f801af6f53f8738f569d29e5320cc1ccf65
af6e88bf9133a466da766b44b040840cb2b9e3747ba1e6b96a277b35df5cf8cb
c8be16604c20ab5d5895a6678da49477ea7ec12528234be9119b36f118b9d4e2
c9f30a341799dcc4a8944ba59d2468bf3148fb79afa381dd7055a57150eefd34
d005fa2d9a22a5bd91ccba08d30a6b3d82cca7ab79520664097c03e490ea9174
d301bad6e867bd0803600fb51a818a777655abe5513a2e9ac1128502d93f09ac
df1c0728bc7a6e1f290f000f4b64474cad87a04b19c5ca44163a0a738ede27b2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f68d1762e067c25b07eceed2203661ea4998bd3867ab50e0be054a1ce12633df
fa01a88ab1ad3f2d9dfbe0f4cef276a854b3630c58dab548030b0d99806aaeae
fddba483a4615f2ef1f989bdd2c0a3f783ef7c56bbc7b5f913819b368c86cc89