URL: https://nromt.fun/
Submission: On December 21 via api from US — Scanned from US

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 15 HTTP transactions. The main IP is 103.252.137.187, located in Viet Nam and belongs to MEGACORE-AS-VN Megacore Technology Company Limited, VN. The main domain is nromt.fun.
TLS certificate: Issued by R3 on December 21st 2023. Valid for: 3 months.
This is the only time nromt.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.252.137.187 140810 (MEGACORE-...)
1 146.75.36.193 54113 (FASTLY)
10 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
15 6
Apex Domain
Subdomains
Transfer
10 ngocrongonline.com
ngocrongonline.com
485 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
1 teamobi.com
my.teamobi.com
1 KB
1 imgur.com
i.imgur.com — Cisco Umbrella Rank: 7364
527 KB
1 nromt.fun
nromt.fun
6 KB
15 5
Domain Requested by
10 ngocrongonline.com nromt.fun
1 www.google-analytics.com nromt.fun
1 my.teamobi.com nromt.fun
1 i.imgur.com nromt.fun
1 nromt.fun
15 5

This site contains links to these domains. Also see Links.

Domain
ngocrongonline.com
id.nromt.fun
27.0.14.78
www.mediafire.com
nrovip.top
teamobi.com
Subject Issuer Validity Valid
nromt.fun
R3
2023-12-21 -
2024-03-20
3 months crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA
2023-03-13 -
2024-03-12
a year crt.sh
ngocrongonline.com
E1
2023-11-05 -
2024-02-03
3 months crt.sh
teamobi.com
E1
2023-11-29 -
2024-02-27
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh

This page contains 1 frames:

Primary Page: https://nromt.fun/
Frame ID: 74BB9E1A4D6D85ECA66A919EFF60DE52
Requests: 15 HTTP requests in this frame

Screenshot

Page Title

Trang chủ nromtnromt - Ngọc Rồng MMT

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

15
Requests

93 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

1040 kB
Transfer

1078 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
nromt.fun/
18 KB
6 KB
Document
General
Full URL
https://nromt.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.252.137.187 , Viet Nam, ASN140810 (MEGACORE-AS-VN Megacore Technology Company Limited, VN),
Reverse DNS
Software
LiteSpeed / PHP/7.4.33
Resource Hash
ab4d4e043caf42218576b829eb13286cb67dc75b30a2fd8c8200d23666d9dd31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
5377
content-type
text/html; charset=UTF-8
date
Thu, 21 Dec 2023 17:46:18 GMT
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
jdpWKE7.png
i.imgur.com/
526 KB
527 KB
Image
General
Full URL
https://i.imgur.com/jdpWKE7.png
Requested by
Host: nromt.fun
URL: https://nromt.fun/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.193 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
acbf55c0c54f2048999f856db3b87a05388908d12a62af349e8bd63920aa2bac
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nromt.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:46:18 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-P1
age
27269
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
538863
x-served-by
cache-iad-kcgs7200025-IAD
last-modified
Thu, 21 Dec 2023 10:11:49 GMT
server
cat factory 1.0
x-timer
S1703180779.561959,VS0,VE3
etag
"cc0d83581ce34554372b7a0baea736b3"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
5HlL0E7nB33Pn00KYtAPzPUD3rq3rStYXhzhkHtmRqs7WrtWJpuIUg==
x-cache-hits
1
banner_2.png
ngocrongonline.com/images/
119 KB
120 KB
Image
General
Full URL
https://ngocrongonline.com/images/banner_2.png
Requested by
Host: nromt.fun
URL: https://nromt.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1375 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8af64b51c6d55e0aae2be20340a21c31faa3bc73e869c551c6b95e353acff5e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nromt.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:46:19 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 25 May 2015 21:16:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0cd531d3097d01:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=txCi48mmY3tdnUrrulxvX6MDO68JStbB6XlPf%2FKeSTAautgnBBl3VqqzWTWeCQVWYa%2BgRo1qm6i8bjIhLjd4kX8EGVdrwAAkqJAiAVkgx74wAM15selLK7hBLkVGvUc%2BaXeNaf7gcvVpeW%2F9VyXD%2B3w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8391f199a8d4da9f-MIA
alt-svc
h3=":443"; ma=86400
content-length
122215
jar.png
ngocrongonline.com/images/
2 KB
3 KB
Image
General
Full URL
https://ngocrongonline.com/images/jar.png
Requested by
Host: nromt.fun
URL: https://nromt.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1375 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcbe76c9c4d0fabcc97c4fa107f441fd5fd12add72fae38d5e56174292a671a4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nromt.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:46:19 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 11 Jan 2014 17:56:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"086fd69f6ecf1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f67UEC0DfciAFjiEQsySKa%2BeqCXlHsRsMAbXwYc1Auehk%2FxF9OVQBJvYARFffK2fj6twh5E%2FDPhDYStQbL%2BOU1RQPp9ieO99SmyJdjmDEsjEhWe3YCcKNQZgpdQxJMPht%2B%2BST37Jo9DCh4fqXhXIMfA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8391f199a8d5da9f-MIA
alt-svc
h3=":443"; ma=86400
content-length
2538
android.png
ngocrongonline.com/images/
3 KB
3 KB
Image
General
Full URL
https://ngocrongonline.com/images/android.png
Requested by
Host: nromt.fun
URL: https://nromt.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1375 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bbc31372e7c4ff78a24159affc40157414cef4294e4c158e1533a3848994fec

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nromt.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:46:19 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 11 Jan 2014 17:56:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"086fd69f6ecf1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HdILc%2BrOZajePCq3KbCDPf2flKGiV7ry03RybcWkqFySdV4EzhpBIwqd1Se%2FUowDrSQCZkDl%2F9TznehOodEuP4EweGj91tF0dKE1l8CtzZZwuT29bK3hvkXJFOPzyBNGqVqimX2wt2Hl2MDDrvDHc%2BU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8391f199a8d6da9f-MIA
alt-svc
h3=":443"; ma=86400
content-length
3249
play.png
ngocrongonline.com/images/
3 KB
4 KB
Image
General
Full URL
https://ngocrongonline.com/images/play.png
Requested by
Host: nromt.fun
URL: https://nromt.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1375 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fff440c732575dd7618f5351b3120a4371d7527abcc8e4c776008d6b774f910

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nromt.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:46:19 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 09 Jan 2014 23:40:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"013d43794dcf1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XSRbPSuyxShKmNBmrtroFgKDmGQlKfHxiooaCxCskfll5LA8aBVZpCtjRgxTQU%2BEYqx5yNL2zmza8Ew0641t41irDpxQ%2FLcFMYXs8UszydemVEFTyF%2Fsd2gSKhBZzg2g6G1Nt2jGGfb4WeNBlKLokh4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8391f199a8d3da9f-MIA
alt-svc
h3=":443"; ma=86400
content-length
3505
pc.png
ngocrongonline.com/images/
3 KB
3 KB
Image
General
Full URL
https://ngocrongonline.com/images/pc.png
Requested by
Host: nromt.fun
URL: https://nromt.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1375 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b5e48e865ce2ff1a301a091b6fb32214101dc927d7de3fa81aba2ddf5b8b203

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nromt.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:46:19 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 04 Dec 2013 23:31:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0bc21f948f1ce1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pSoEyLzRv5sQMvoAa9bvPpeMnRtHgVk0C3X3K1yhppzZz7iCfijN1WwYn9qoBaj8JjeKan%2BXjvy3Am6MqMuaroLazJu9bJdj9JshsaFb6w46SSKFsjYPpppznYpqg%2FTmUF12LUUMzKcO2phld9cDEh0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8391f199a8d1da9f-MIA
alt-svc
h3=":443"; ma=86400
content-length
3058
wp.png
ngocrongonline.com/images/
3 KB
4 KB
Image
General
Full URL
https://ngocrongonline.com/images/wp.png
Requested by
Host: nromt.fun
URL: https://nromt.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1375 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96e852e557ddbed01b0a2516134e77329d9ef6d29dcbcf26274c78b94b707f63

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nromt.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:46:19 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Nov 2013 22:29:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0d25ded3fe6ce1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5MdQ65vTIP2lM0S5%2FRjOa20BhMH1FNPPxafLl6ihTRI%2Bc4N2sGPLyG0P3%2BRPqGn9iLFesESqt5kFS0hxGGuRRBwL86t%2Bvku7p6Wfj8BWEzwuSdX94vxfdm2uDYZu72Qt7OYE3ojMn118V%2BnGDCB2eA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8391f199a8cfda9f-MIA
alt-svc
h3=":443"; ma=86400
content-length
3526
new.gif
my.teamobi.com/images/
1 KB
1 KB
Image
General
Full URL
https://my.teamobi.com/images/new.gif
Requested by
Host: nromt.fun
URL: https://nromt.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:875d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0f3b8ed254e3e967cdce3793c90486fe7e9c386414af62eaaadacd7195f3c5d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nromt.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:46:19 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 02 May 2013 07:05:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"050b95e347ce1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iq17HjDv42oBozHrC3PqP292W%2BXVuTIJMYpdw30FIaKSIEQcwIf%2BrvLxqGSVWkzIua4oCNMOxLwmKAUT8YKE0xnQlDiLxe1%2FI1SukJBzGxZCc3J%2F%2FZyUassE0FvgDpclCpzjk1lXeinau%2FOADA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8391f199ccd43dd7-MIA
alt-svc
h3=":443"; ma=86400
content-length
1024
TD_Danhthuong.gif
ngocrongonline.com/gif/
84 KB
84 KB
Image
General
Full URL
https://ngocrongonline.com/gif/TD_Danhthuong.gif
Requested by
Host: nromt.fun
URL: https://nromt.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1375 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e690f8b6bda90179dc436c824cfb51420465e59b90440cc33b74355a053202fd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nromt.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:46:19 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 13 Jun 2014 15:54:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"033a1c71f87cf1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k98aKpB56mEOtGwoSn0dOYjziyWZNlqRA4NWaP7RgmXaHATE5858D%2F%2FUcNSqkRTrm5awJFL8M40m02tfnDwz7z44zrx3OQJ4K09qNIDpcjnAufQ%2FKL%2FR1MdjhTEjWHsIzsMf%2BGmQci56pnk%2FmDjAH8g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8391f199d900da9f-MIA
alt-svc
h3=":443"; ma=86400
content-length
85730
XayDa_DanhThuong.gif
ngocrongonline.com/gif/
81 KB
81 KB
Image
General
Full URL
https://ngocrongonline.com/gif/XayDa_DanhThuong.gif
Requested by
Host: nromt.fun
URL: https://nromt.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1375 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e989e7621dbe15e391a8963c9d08e700b1857f5e95ae9f21ef7876c602215294

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nromt.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:46:19 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 13 Jun 2014 15:56:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0fd3b32087cf1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=winaCwGmtklTKqJJGdJqZn5n8bKaLVyhyeto8QkHNoJcUamXBCvnSvnuDqI9Iy8fLjbTIU3M%2BhKOuPS8q1HX7nn90Qr8noLmoVkCvZ63iPJaz0%2FBEab82MLz0r4AlaRqBPzLKLfg7VbKPKcoolMNVU8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8391f199a8d8da9f-MIA
alt-svc
h3=":443"; ma=86400
content-length
82994
XD_Kame.gif
ngocrongonline.com/gif/
80 KB
80 KB
Image
General
Full URL
https://ngocrongonline.com/gif/XD_Kame.gif
Requested by
Host: nromt.fun
URL: https://nromt.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1375 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f69ef0bd222ac838e670244fc74b20c3c32474f518428cec67f674d942be90ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nromt.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:46:19 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 24 May 2014 18:30:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"070174d7e77cf1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V3CbtrdZwmZdvl4Sfr0qJa3iETieTNUOflEj2UYytT%2FyQarc2nx1up9uW%2FejCnSFl9b9q7zPENJjohLH2SXa%2BJwF1WmCdnOB5UKGKNOCou5TYkqOZZldMEqujwaXySIlqrftJN5aIJbixvBR%2BCGkMbs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8391f199a8ccda9f-MIA
alt-svc
h3=":443"; ma=86400
content-length
81941
TD_kaioshen.gif
ngocrongonline.com/gif/
101 KB
102 KB
Image
General
Full URL
https://ngocrongonline.com/gif/TD_kaioshen.gif
Requested by
Host: nromt.fun
URL: https://nromt.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1375 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8c7800e873b606ec9dced7ec2402c1f6d36945fb24ff67e3111327f3b3f265a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nromt.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:46:19 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 26 May 2014 17:50:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"098de1b79cf1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BniT1ZJ7Q4OX0aRgNuUjLphRvQ6ZObSEXDLuMn4vF2opiPGARHprqEAuYF4jRz5LImp4kz1kEQSX1GSe5duQD2fcbxyOddJ5NeLd1qKLP0nJaxsy0E9JGGHWw2gxsjh3YaQ5CSFmqEYlwBqAqSr%2BNWE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8391f199d8fcda9f-MIA
alt-svc
h3=":443"; ma=86400
content-length
103513
template.css
ngocrongonline.com/css/
0
0

analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: nromt.fun
URL: https://nromt.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nromt.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 21 Dec 2023 17:16:40 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1778
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 21 Dec 2023 19:16:40 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ngocrongonline.com
URL
http://ngocrongonline.com/css/template.css

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

0 Cookies

25 Console Messages

Source Level URL
Text
security warning URL: https://nromt.fun/
Message:
Mixed Content: The page at 'https://nromt.fun/' was loaded over HTTPS, but requested an insecure element 'http://ngocrongonline.com/images/banner_2.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://nromt.fun/
Message:
Mixed Content: The page at 'https://nromt.fun/' was loaded over HTTPS, but requested an insecure element 'http://ngocrongonline.com/images/jar.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://nromt.fun/
Message:
Mixed Content: The page at 'https://nromt.fun/' was loaded over HTTPS, but requested an insecure element 'http://ngocrongonline.com/images/android.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://nromt.fun/
Message:
Mixed Content: The page at 'https://nromt.fun/' was loaded over HTTPS, but requested an insecure element 'http://ngocrongonline.com/images/play.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://nromt.fun/
Message:
Mixed Content: The page at 'https://nromt.fun/' was loaded over HTTPS, but requested an insecure element 'http://ngocrongonline.com/images/pc.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://nromt.fun/
Message:
Mixed Content: The page at 'https://nromt.fun/' was loaded over HTTPS, but requested an insecure element 'http://ngocrongonline.com/images/wp.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://nromt.fun/
Message:
Mixed Content: The page at 'https://nromt.fun/' was loaded over HTTPS, but requested an insecure element 'http://my.teamobi.com/images/new.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://nromt.fun/
Message:
Mixed Content: The page at 'https://nromt.fun/' was loaded over HTTPS, but requested an insecure element 'http://my.teamobi.com/images/new.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://nromt.fun/
Message:
Mixed Content: The page at 'https://nromt.fun/' was loaded over HTTPS, but requested an insecure element 'http://ngocrongonline.com/gif/TD_Danhthuong.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://nromt.fun/
Message:
Mixed Content: The page at 'https://nromt.fun/' was loaded over HTTPS, but requested an insecure element 'http://ngocrongonline.com/gif/XayDa_DanhThuong.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://nromt.fun/
Message:
Mixed Content: The page at 'https://nromt.fun/' was loaded over HTTPS, but requested an insecure element 'http://ngocrongonline.com/gif/XD_Kame.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://nromt.fun/
Message:
Mixed Content: The page at 'https://nromt.fun/' was loaded over HTTPS, but requested an insecure element 'http://ngocrongonline.com/gif/TD_kaioshen.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security error URL: https://nromt.fun/(Line 14)
Message:
Mixed Content: The page at 'https://nromt.fun/' was loaded over HTTPS, but requested an insecure stylesheet 'http://ngocrongonline.com/css/template.css'. This request has been blocked; the content must be served over HTTPS.
security warning URL: https://nromt.fun/
Message:
Mixed Content: The page at 'https://nromt.fun/' was loaded over HTTPS, but requested an insecure element 'http://ngocrongonline.com/images/banner_2.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://nromt.fun/
Message:
Mixed Content: The page at 'https://nromt.fun/' was loaded over HTTPS, but requested an insecure element 'http://ngocrongonline.com/images/jar.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://nromt.fun/
Message:
Mixed Content: The page at 'https://nromt.fun/' was loaded over HTTPS, but requested an insecure element 'http://ngocrongonline.com/images/android.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://nromt.fun/
Message:
Mixed Content: The page at 'https://nromt.fun/' was loaded over HTTPS, but requested an insecure element 'http://ngocrongonline.com/images/play.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://nromt.fun/
Message:
Mixed Content: The page at 'https://nromt.fun/' was loaded over HTTPS, but requested an insecure element 'http://ngocrongonline.com/images/pc.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://nromt.fun/
Message:
Mixed Content: The page at 'https://nromt.fun/' was loaded over HTTPS, but requested an insecure element 'http://ngocrongonline.com/images/wp.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://nromt.fun/
Message:
Mixed Content: The page at 'https://nromt.fun/' was loaded over HTTPS, but requested an insecure element 'http://my.teamobi.com/images/new.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://nromt.fun/
Message:
Mixed Content: The page at 'https://nromt.fun/' was loaded over HTTPS, but requested an insecure element 'http://my.teamobi.com/images/new.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://nromt.fun/
Message:
Mixed Content: The page at 'https://nromt.fun/' was loaded over HTTPS, but requested an insecure element 'http://ngocrongonline.com/gif/TD_Danhthuong.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://nromt.fun/
Message:
Mixed Content: The page at 'https://nromt.fun/' was loaded over HTTPS, but requested an insecure element 'http://ngocrongonline.com/gif/XayDa_DanhThuong.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://nromt.fun/
Message:
Mixed Content: The page at 'https://nromt.fun/' was loaded over HTTPS, but requested an insecure element 'http://ngocrongonline.com/gif/XD_Kame.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://nromt.fun/
Message:
Mixed Content: The page at 'https://nromt.fun/' was loaded over HTTPS, but requested an insecure element 'http://ngocrongonline.com/gif/TD_kaioshen.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html