xemlivehaynhat.click Open in urlscan Pro
172.96.185.222 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://xemlivehaynhat.click/
Submission: On March 09 via api (March 9th 2024, 9:20:39 am UTC) from BE — Scanned from DE

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 9 domains to perform 30 HTTP transactions. The main IP is 172.96.185.222, located in Hong Kong and belongs to LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK. The main domain is xemlivehaynhat.click.
TLS certificate: Issued by R3 on February 2nd 2024. Valid for: 3 months.

This is the only time xemlivehaynhat.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	172.96.185.222 172.96.185.222	133752 (LEASEWEB-...) (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd.)
7	123.30.242.13 123.30.242.13	135905 (VNPT-AS-V...) (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP)
1	14.225.10.21 14.225.10.21	135905 (VNPT-AS-V...) (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP)
2	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
1	146.75.120.193 146.75.120.193	54113 (FASTLY) (FASTLY)
10	123.30.242.10 123.30.242.10	135905 (VNPT-AS-V...) (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	172.96.185.220 172.96.185.220	133752 (LEASEWEB-...) (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd.)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
30	12

1 172.96.185.222 (Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
PTR: 172.96.185.222-static.reverse.arandomserver.com

xemlivehaynhat.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 123.30.242.13 (Viet Nam)

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)
PTR: static.vnpt.vn

static.mediacdn.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 14.225.10.21 (Hanoi, Viet Nam)

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)
PTR: static.vnpt.vn

adminplayer.sohatv.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 123.30.242.10 (Viet Nam)

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)
PTR: static.vnpt.vn

nld.mediacdn.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.96.185.220 (Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
PTR: 172.96.185.220-static.reverse.arandomserver.com

mongemhp.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	mediacdn.vn static.mediacdn.vn — Cisco Umbrella Rank: 60447 nld.mediacdn.vn — Cisco Umbrella Rank: 208448	468 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29 region1.google-analytics.com — Cisco Umbrella Rank: 2089	21 KB
2	mongemhp.click mongemhp.click
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	151 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 310	48 KB
1	imgur.com i.imgur.com — Cisco Umbrella Rank: 7986	21 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 760	30 KB
1	sohatv.vn adminplayer.sohatv.vn — Cisco Umbrella Rank: 44466	10 KB
1	xemlivehaynhat.click xemlivehaynhat.click	9 KB
30	9

	Domain	Requested by
10	nld.mediacdn.vn	xemlivehaynhat.click
7	static.mediacdn.vn	xemlivehaynhat.click static.mediacdn.vn
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	mongemhp.click	xemlivehaynhat.click
2	www.googletagmanager.com	xemlivehaynhat.click www.googletagmanager.com
2	cdn.jsdelivr.net	xemlivehaynhat.click
1	region1.google-analytics.com	www.googletagmanager.com
1	i.imgur.com	xemlivehaynhat.click
1	code.jquery.com	xemlivehaynhat.click
1	adminplayer.sohatv.vn	xemlivehaynhat.click
1	xemlivehaynhat.click
30	11

This site contains no links.

Subject Issuer	Validity	Valid
www.livetinhyeuhi.click R3	`2024-02-02` - `2024-05-02`	3 months	crt.sh
*.mediacdn.vn AlphaSSL CA - SHA256 - G4	`2023-06-01` - `2024-07-02`	a year	crt.sh
*.sohatv.vn Sectigo RSA Domain Validation Secure Server CA	`2023-10-20` - `2024-10-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-15` - `2025-02-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
mongemhpg.click R3	`2024-01-23` - `2024-04-22`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://xemlivehaynhat.click/
Frame ID: D99024B4C1B137DC711E20A341A43951
Requests: 28 HTTP requests in this frame

Frame: https://mongemhp.click/1.mp4
Frame ID: CA898DFF1E7BAFEE50FCAF6B1115C6A1
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Click Để Xem: 8 phút sau chia tay của hót tik.took bản FuII dành cho ai chưa xem.

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

30
Requests

100 %
HTTPS

45 %
IPv6

9
Domains

11
Subdomains

12
IPs

4
Countries

758 kB
Transfer

1814 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
xemlivehaynhat.click/ 45 KB
9 KB 1868ms
257ms Document
text/html 172.96.185.222
LEASEWEB-APAC-HKG...

General

Check archive.org

Show headers Download Go to

Full URL: https://xemlivehaynhat.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.185.222 , Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS: 172.96.185.222-static.reverse.arandomserver.com
Software: LiteSpeed / PHP/7.4.33
Resource Hash: f545807a2dd097d07e73b2cd3fe8a2e1b41988feb627eff1a1d06bd8b5ad3520

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 09 Mar 2024 09:20:30 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 detail-03062021v1.min.css
static.mediacdn.vn/nld/min/ 194 KB
41 KB 1449ms
552ms Stylesheet
text/css 123.30.242.13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.mediacdn.vn/nld/min/detail-03062021v1.min.css

Requested by

Host: xemlivehaynhat.click
URL: https://xemlivehaynhat.click/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.1af598a2e57e14f4ff7ab4316fc01857 /

Resource Hash

f82be9132e6fa9f058c5461548b0e4ee64423a5e59775f0e285c0bb32160859b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xemlivehaynhat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 09:20:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Feb 2024 08:22:00 GMT
server: VCCloud CDN / 247.1af598a2e57e14f4ff7ab4316fc01857
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cache: HIT from VCCloud CDN
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H2 200 playerInitScript.js Show response
adminplayer.sohatv.vn/resource/init-script/ 25 KB
10 KB 1394ms
273ms Script
application/javascript 14.225.10.21
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://adminplayer.sohatv.vn/resource/init-script/playerInitScript.js
Requested by: Host: xemlivehaynhat.click
URL: https://xemlivehaynhat.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 14.225.10.21 Hanoi, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS: static.vnpt.vn
Software: / X3-PLAYER
Resource Hash: 2cffcfaacd57b1261f9528bf5cf177907f5dbfc64d5f39796a8bb329e8d1a430

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xemlivehaynhat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-response-time: 0.984ms
date: Sat, 09 Mar 2024 09:20:31 GMT
content-encoding: gzip
x-powered-by: X3-PLAYER
etag: W/"64e6-AlsgVvW/MvfywaUw1cv7LgBWh9A"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=120
x-content-length: 25830
x-host-name: admin-player

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/ 158 KB
25 KB 42ms
22ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css

Requested by

Host: xemlivehaynhat.click
URL: https://xemlivehaynhat.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xemlivehaynhat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 09:20:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8396933
x-jsd-version: 4.6.0
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230102-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"27681-LKxK/BIJg5IUESlr1Oj9ipS6I34"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RoMtHFoxynxewZpcKfmRimy%2B3JUGTdgR%2BqsyhpfkVm0cux3cvDl2y1OBnCbpkTF%2F9u24E5cM4u9FTh74en7aRHMba8nye83pOJi%2FWbX9RlkueIYsvhZ%2BjjAmpMLxrw43E3FkoNjpdjl80%2BxqSkE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8619fd4f59f08eb7-FRA

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 40ms
10ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: xemlivehaynhat.click
URL: https://xemlivehaynhat.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xemlivehaynhat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 09:20:30 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 11521343
x-cache: HIT, HIT
content-length: 30879
x-served-by: cache-lga13628-LGA, cache-fra-eddf8230138-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1709976031.627291,VS0,VE0
etag: W/"28feccc0-15d84"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 31, 845358

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/ 82 KB
22 KB 47ms
27ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js

Requested by

Host: xemlivehaynhat.click
URL: https://xemlivehaynhat.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xemlivehaynhat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 09:20:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8647703
x-jsd-version: 4.6.0
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220070-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"1499a-rsVR5NVzRjCI/KfRT7ZE6zifGDk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m9rJxArySALQgpOAxwJDDANLvBE88ps7sz0UxWh9DinaOkkNP2bUzM%2BQBSBEizOMyAs1e5muR8DgNntj1GlRepKqkd1s%2BlbhGHv8w0bryN4P9GZS1dv32j2XDRDCIxHNUQBdT3%2B86BgeaZEqLT4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8619fd4f59f48eb7-FRA

GET
H2 200 4U2AHRY_d.jpg
i.imgur.com/ 21 KB
21 KB 36ms
8ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/4U2AHRY_d.jpg?maxwidth=520&shape=thumb&fidelity=high

Requested by

Host: xemlivehaynhat.click
URL: https://xemlivehaynhat.click/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

60b7372c928cebd34bb4da0ffc3228b25b377f5b30902ccbc7698a57ddaf3200

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xemlivehaynhat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 09:20:30 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 901360
x-cache: HIT, HIT
content-length: 21017
x-served-by: cache-iad-kiad7000061-IAD, cache-fra-etou8220027-FRA
last-modified: Tue, 27 Feb 2024 22:57:51 GMT
server: cat factory 1.0
x-timer: S1709976031.625631,VS0,VE2
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 8, 1

GET
H2 200 icon-print-3.png
nld.mediacdn.vn/web_images/ 8 KB
8 KB 1162ms
283ms Image
image/webp 123.30.242.10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nld.mediacdn.vn/web_images/icon-print-3.png

Requested by

Host: xemlivehaynhat.click
URL: https://xemlivehaynhat.click/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.1f8447273c84343311b87c074233c749 /

Resource Hash

f6da75a24824c31012d6bf878356e65f920cace159a738582fd022ab09fb1bfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xemlivehaynhat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 09:20:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 14 Nov 2023 21:18:30 GMT
server: VCCloud CDN / 247.1f8447273c84343311b87c074233c749
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-cache: HIT from VCCloud CDN
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 7728
x-xss-protection: 1; mode=block

GET
H2 200 z281705496045606001cc4ebf0c604af65e2552abd0a0b-16333462809181815756677.jpg
nld.mediacdn.vn/zoom/198_124/291774122806476800/2021/10/4/ 11 KB
11 KB 1374ms
535ms Image
image/webp 123.30.242.10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nld.mediacdn.vn/zoom/198_124/291774122806476800/2021/10/4/z281705496045606001cc4ebf0c604af65e2552abd0a0b-16333462809181815756677.jpg

Requested by

Host: xemlivehaynhat.click
URL: https://xemlivehaynhat.click/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.6ed4d22ce18a8386899295d14f65e6c1 /

Resource Hash

b867e7ebedc405050d5bf1d298928b464a85ec4f285e7f07005f65163f06aad7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xemlivehaynhat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 09:20:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 27 Sep 2023 09:05:11 GMT
server: VCCloud CDN / 247.6ed4d22ce18a8386899295d14f65e6c1
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-cache: HIT from VCCloud CDN
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 11172
x-xss-protection: 1; mode=block

GET
H2 200 base64-16334042104621651172903.png
nld.mediacdn.vn/zoom/198_124/291774122806476800/2021/10/5/ 34 KB
34 KB 480ms
480ms Image
image/webp 123.30.242.10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nld.mediacdn.vn/zoom/198_124/291774122806476800/2021/10/5/base64-16334042104621651172903.png

Requested by

Host: xemlivehaynhat.click
URL: https://xemlivehaynhat.click/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.0d75ee493a93d0c47c1b06829d93b2c6 /

Resource Hash

26f136266dd8252dbf2f75dbbb5d9afb32f9a25eb15cad786b8405c1813972a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xemlivehaynhat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 09:20:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 08 Jan 2024 09:21:17 GMT
server: VCCloud CDN / 247.0d75ee493a93d0c47c1b06829d93b2c6
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-cache: HIT from VCCloud CDN
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 34386
x-xss-protection: 1; mode=block

GET
H2 200 base64-163334028560814800763.png
nld.mediacdn.vn/zoom/198_124/291774122806476800/2021/10/4/ 23 KB
23 KB 472ms
472ms Image
image/webp 123.30.242.10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nld.mediacdn.vn/zoom/198_124/291774122806476800/2021/10/4/base64-163334028560814800763.png

Requested by

Host: xemlivehaynhat.click
URL: https://xemlivehaynhat.click/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.e9ac586b5d18a6f8991700435df9d03e /

Resource Hash

c2d9d85bc906906634412f035aefeadb4a057637b586968dadbda10c39a8e3f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xemlivehaynhat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 09:20:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 13 Nov 2023 06:29:48 GMT
server: VCCloud CDN / 247.e9ac586b5d18a6f8991700435df9d03e
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-cache: HIT from VCCloud CDN
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 23402
x-xss-protection: 1; mode=block

GET
H2 200 lamgif631-1633355329206331628766.gif
nld.mediacdn.vn/zoom/198_124/291774122806476800/2021/10/4/ 13 KB
13 KB 386ms
385ms Image
image/webp 123.30.242.10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nld.mediacdn.vn/zoom/198_124/291774122806476800/2021/10/4/lamgif631-1633355329206331628766.gif

Requested by

Host: xemlivehaynhat.click
URL: https://xemlivehaynhat.click/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.c244a892bcdd7aed5d60fb1ce774c57f /

Resource Hash

54e8223f37c85ed15f4467a14d93d47d7c6019f72c53fa5109f85fefcbb46863

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xemlivehaynhat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 09:20:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 14 Nov 2023 07:40:06 GMT
server: VCCloud CDN / 247.c244a892bcdd7aed5d60fb1ce774c57f
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-cache: HIT from VCCloud CDN
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 13380
x-xss-protection: 1; mode=block

GET
H2 200 z280287369970825906c6e32ebc489105e641657cbf827-1632905485183914455461.jpg
nld.mediacdn.vn/zoom/198_124/291774122806476800/2021/9/29/ 10 KB
11 KB 487ms
486ms Image
image/webp 123.30.242.10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nld.mediacdn.vn/zoom/198_124/291774122806476800/2021/9/29/z280287369970825906c6e32ebc489105e641657cbf827-1632905485183914455461.jpg

Requested by

Host: xemlivehaynhat.click
URL: https://xemlivehaynhat.click/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.1a89368e236534494198bca3544793a3 /

Resource Hash

e311a08f36a82eaa293c79a683fc07c46e4fdcb4704f04ed38fe7c59a029d86d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xemlivehaynhat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 09:20:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Feb 2024 22:51:20 GMT
server: VCCloud CDN / 247.1a89368e236534494198bca3544793a3
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-cache: HIT from VCCloud CDN
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 10690
x-xss-protection: 1; mode=block

GET
H2 200 lamgif631-16258879445171687263698.gif
nld.mediacdn.vn/zoom/185_110/291774122806476800/2021/7/10/ 6 KB
6 KB 1319ms
1318ms Image
image/webp 123.30.242.10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nld.mediacdn.vn/zoom/185_110/291774122806476800/2021/7/10/lamgif631-16258879445171687263698.gif

Requested by

Host: xemlivehaynhat.click
URL: https://xemlivehaynhat.click/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.483352bbb2327a40dbd27b1ed66a57a0 /

Resource Hash

d2f2865c52a9fb4977884a71ebba5823b3c9d95b391262df6e08b8e9d8918f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xemlivehaynhat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 09:20:33 GMT
x-content-type-options: nosniff
server: VCCloud CDN / 247.483352bbb2327a40dbd27b1ed66a57a0
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
xcache-created-at: Saturday, 09-Mar-2024 16:20:24 +07
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
x-cache: MISS from VCCloud CDN
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H2 200 img1303-16257971750851983174371.jpg
nld.mediacdn.vn/zoom/185_110/291774122806476800/2021/7/9/ 20 KB
20 KB 438ms
438ms Image
image/webp 123.30.242.10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nld.mediacdn.vn/zoom/185_110/291774122806476800/2021/7/9/img1303-16257971750851983174371.jpg

Requested by

Host: xemlivehaynhat.click
URL: https://xemlivehaynhat.click/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.52cb169a87186987be5c633cb0b130f5 /

Resource Hash

040ea607b6a76b776cbf19dd8765b3994e3abb5a5ea0d8ff4e0227885d84aa7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xemlivehaynhat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 09:20:32 GMT
x-content-type-options: nosniff
last-modified: Wed, 15 Nov 2023 10:01:14 GMT
server: VCCloud CDN / 247.52cb169a87186987be5c633cb0b130f5
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-cache: HIT from VCCloud CDN
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 20836
x-xss-protection: 1; mode=block

GET
H2 200 img1223-16252372299451709651519.jpg
nld.mediacdn.vn/zoom/185_110/291774122806476800/2021/7/2/ 9 KB
9 KB 270ms
270ms Image
image/webp 123.30.242.10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nld.mediacdn.vn/zoom/185_110/291774122806476800/2021/7/2/img1223-16252372299451709651519.jpg

Requested by

Host: xemlivehaynhat.click
URL: https://xemlivehaynhat.click/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.1b6b2223c81dc0183239c48746b8e396 /

Resource Hash

b0eb46615622d13c34e007e8f3434b1eb2eec4be398bc0383218210a5ca02ec0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xemlivehaynhat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 09:20:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 14 Nov 2023 07:40:06 GMT
server: VCCloud CDN / 247.1b6b2223c81dc0183239c48746b8e396
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-cache: HIT from VCCloud CDN
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 8766
x-xss-protection: 1; mode=block

GET
H2 200 img1119-16250495015841450673833.jpg
nld.mediacdn.vn/zoom/185_110/291774122806476800/2021/6/30/ 26 KB
26 KB 314ms
314ms Image
image/webp 123.30.242.10
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nld.mediacdn.vn/zoom/185_110/291774122806476800/2021/6/30/img1119-16250495015841450673833.jpg

Requested by

Host: xemlivehaynhat.click
URL: https://xemlivehaynhat.click/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.5910900bb263b25c71d70236fd4e9b67 /

Resource Hash

f4826bd7a8d57b61e6ca76a55ad516f06fa532e2eb8e882f1792c8700688c9c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xemlivehaynhat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 09:20:32 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Feb 2024 08:21:56 GMT
server: VCCloud CDN / 247.5910900bb263b25c71d70236fd4e9b67
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-cache: HIT from VCCloud CDN
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 26920
x-xss-protection: 1; mode=block

GET
H2 200 facebox.css
static.mediacdn.vn/nld/min/ 1 KB
581 B 605ms
604ms Stylesheet
text/css 123.30.242.13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.mediacdn.vn/nld/min/facebox.css

Requested by

Host: xemlivehaynhat.click
URL: https://xemlivehaynhat.click/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.d6e919c2b7c9be06d3329e0d2053268c /

Resource Hash

3e428a2e1d953118964492d99c6ff64f4787e1a16519b5eb3aec2eed0ba1e361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xemlivehaynhat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 09:20:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jan 2024 08:13:06 GMT
server: VCCloud CDN / 247.d6e919c2b7c9be06d3329e0d2053268c
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cache: HIT from VCCloud CDN
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
71 KB 61ms
38ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-121903999-1

Requested by

Host: xemlivehaynhat.click
URL: https://xemlivehaynhat.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

66b794d3a899c4e7b6a7ee6266111b9cb1c2f1dd469c00170d752611137371da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xemlivehaynhat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 09:20:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 71927
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Mar 2024 09:20:32 GMT

GET
H2 200 1.mp4
mongemhp.click/ Frame CA89 0
0 1405ms
250ms Document
video/mp4 172.96.185.220
LEASEWEB-APAC-HKG...

General

Check archive.org

Show headers Download Go to

Full URL: https://mongemhp.click/1.mp4
Requested by: Host: xemlivehaynhat.click
URL: https://xemlivehaynhat.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.185.220 , Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS: 172.96.185.220-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://xemlivehaynhat.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3274519
content-type: video/mp4
date: Sat, 09 Mar 2024 09:20:33 GMT
last-modified: Sun, 18 Feb 2024 04:05:08 GMT
server: LiteSpeed

GET
H2 200 spritesV8.png
static.mediacdn.vn/nld/web_images/ 40 KB
40 KB 337ms
337ms Image
image/webp 123.30.242.13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mediacdn.vn/nld/web_images/spritesV8.png

Requested by

Host: static.mediacdn.vn
URL: https://static.mediacdn.vn/nld/min/detail-03062021v1.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.fe540801ba1852ac8fec7676a6c0cd89 /

Resource Hash

e47c88ad2dcfb12aed6ee94036211b5a78d3cc80c038e81a8c159d59cba8e7e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.mediacdn.vn/nld/min/detail-03062021v1.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 09:20:32 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Oct 2023 08:51:49 GMT
server: VCCloud CDN / 247.fe540801ba1852ac8fec7676a6c0cd89
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-cache: HIT from VCCloud CDN
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 41014
x-xss-protection: 1; mode=block

GET
H2 200 Roboto-Medium.woff2
static.mediacdn.vn/nld/Styles/Fonts/ 65 KB
65 KB 1435ms
858ms Font
application/font-woff2 123.30.242.13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.mediacdn.vn/nld/Styles/Fonts/Roboto-Medium.woff2

Requested by

Host: static.mediacdn.vn
URL: https://static.mediacdn.vn/nld/min/detail-03062021v1.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 250.0825f8b0132447a780af072c80f629dd /

Resource Hash

998b049e731114e2fa35d65f23fc6e6e153249a4ef328912e3c7c49546e2d207

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://static.mediacdn.vn/nld/min/detail-03062021v1.min.css
Origin: https://xemlivehaynhat.click
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 09:20:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 14 Nov 2023 08:16:50 GMT
server: VCCloud CDN / 250.0825f8b0132447a780af072c80f629dd
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
x-cache: HIT from VCCloud CDN
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 66792
x-xss-protection: 1; mode=block

GET
H2 200 Roboto-Bold.woff2
static.mediacdn.vn/nld/Styles/Fonts/ 64 KB
65 KB 1136ms
559ms Font
application/font-woff2 123.30.242.13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.mediacdn.vn/nld/Styles/Fonts/Roboto-Bold.woff2

Requested by

Host: static.mediacdn.vn
URL: https://static.mediacdn.vn/nld/min/detail-03062021v1.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 250.f5b7b5f16aa34108f212558f01daf4ea /

Resource Hash

4d7dd6e02d849e181e51db84d9d230d369b8ce7412dbcee9d7d1d19ad8a16741

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://static.mediacdn.vn/nld/min/detail-03062021v1.min.css
Origin: https://xemlivehaynhat.click
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 09:20:32 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Jan 2024 08:18:13 GMT
server: VCCloud CDN / 250.f5b7b5f16aa34108f212558f01daf4ea
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
x-cache: HIT from VCCloud CDN
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 65972
x-xss-protection: 1; mode=block

GET
H2 200 spritesV4.png
static.mediacdn.vn/nld/web_images/ 30 KB
30 KB 488ms
488ms Image
image/webp 123.30.242.13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mediacdn.vn/nld/web_images/spritesV4.png

Requested by

Host: static.mediacdn.vn
URL: https://static.mediacdn.vn/nld/min/detail-03062021v1.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 247.90ca95c59f6df531932eca9d81108111 /

Resource Hash

c56665ab44e1195ecc264958e1a0e7973bd45000ad31d46576328c215d524163

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.mediacdn.vn/nld/min/detail-03062021v1.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 09:20:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Feb 2024 03:16:55 GMT
server: VCCloud CDN / 247.90ca95c59f6df531932eca9d81108111
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-cache: HIT from VCCloud CDN
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 30680
x-xss-protection: 1; mode=block

GET
H2 200 Roboto-Regular.woff2
static.mediacdn.vn/nld/Styles/Fonts/ 64 KB
65 KB 825ms
825ms Font
application/font-woff2 123.30.242.13
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.mediacdn.vn/nld/Styles/Fonts/Roboto-Regular.woff2

Requested by

Host: static.mediacdn.vn
URL: https://static.mediacdn.vn/nld/min/detail-03062021v1.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

123.30.242.13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),

Reverse DNS

static.vnpt.vn

Software

VCCloud CDN / 250.4a95cdb6e13376e92e37b0f101173983 /

Resource Hash

8cef08634dc57d6519717c5a99a9e502bdc96586fe64770520a4820b0b089920

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://static.mediacdn.vn/nld/min/detail-03062021v1.min.css
Origin: https://xemlivehaynhat.click
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 09:20:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 28 Feb 2024 06:39:23 GMT
server: VCCloud CDN / 250.4a95cdb6e13376e92e37b0f101173983
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
x-cache: HIT from VCCloud CDN
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length: 65916
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 225 KB
81 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-072R7F4W8F&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-121903999-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a38bb24550037fc6c84d4f0bbdf4fccdafe1ac6ecc12af87ac851d3b036dc255

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xemlivehaynhat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 09:20:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82543
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Mar 2024 09:20:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-121903999-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xemlivehaynhat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 09 Mar 2024 07:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5544
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 09 Mar 2024 09:48:08 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
210 B 15ms
14ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=805011601&t=pageview&_s=1&dl=https%3A%2F%2Fxemlivehaynhat.click%2F&ul=en-us&de=UTF-8&dt=Click%20%C4%90%C3%AA%CC%89%20Xem%3A%208%20phu%CC%81t%20sau%20chia%20tay%20cu%CC%89a%20ho%CC%81t%20tik.took%20ba%CC%89n%20FuII%20da%CC%80nh%20cho%20ai%20ch%C6%B0a%20xem.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=294008180&gjid=1596166594&cid=1837706084.1709976033&tid=UA-121903999-1&_gid=178652959.1709976033&_r=1&gtm=457e4360za220&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=704556600

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://xemlivehaynhat.click/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Mar 2024 09:20:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xemlivehaynhat.click
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
258 B 37ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-072R7F4W8F&gtm=45je4360v9106309236za220&_p=1709976032890&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1837706084.1709976033&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1709976032&sct=1&seg=0&dl=https%3A%2F%2Fxemlivehaynhat.click%2F&dt=Click%20%C4%90%C3%AA%CC%89%20Xem%3A%208%20phu%CC%81t%20sau%20chia%20tay%20cu%CC%89a%20ho%CC%81t%20tik.took%20ba%CC%89n%20FuII%20da%CC%80nh%20cho%20ai%20ch%C6%B0a%20xem.&en=page_view&_fv=1&_ss=1&tfd=4280
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-072R7F4W8F&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xemlivehaynhat.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Mar 2024 09:20:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xemlivehaynhat.click
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame CA89 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 206 1.mp4
mongemhp.click/ Frame CA89 304 KB
0 980ms
980ms Media
video/mp4 172.96.185.220
LEASEWEB-APAC-HKG...

General

Check archive.org

Show headers Download Go to

Full URL: https://mongemhp.click/1.mp4
Requested by: Host: xemlivehaynhat.click
URL: https://xemlivehaynhat.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.185.220 , Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS: 172.96.185.220-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://mongemhp.click/1.mp4
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-3274518/3274519
date: Sat, 09 Mar 2024 09:20:33 GMT
last-modified: Sun, 18 Feb 2024 04:05:08 GMT
server: LiteSpeed
Content-Length: 3274519
content-type: video/mp4

GET
DATA 200
OK truncated
/ Frame CA89 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame CA89 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame CA89 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame CA89 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame CA89 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.xemlivehaynhat.click/	1970-01-20 19:01:02	Name: _gid Value: GA1.2.178652959.1709976033
.xemlivehaynhat.click/	1970-01-20 18:59:36	Name: _gat_gtag_UA_121903999_1 Value: 1
.xemlivehaynhat.click/	1970-01-21 04:35:36	Name: _ga_072R7F4W8F Value: GS1.1.1709976032.1.0.1709976032.0.0.0
.xemlivehaynhat.click/	1970-01-21 04:35:36	Name: _ga Value: GA1.1.1837706084.1709976033

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adminplayer.sohatv.vn
cdn.jsdelivr.net
code.jquery.com
i.imgur.com
mongemhp.click
nld.mediacdn.vn
region1.google-analytics.com
static.mediacdn.vn
www.google-analytics.com
www.googletagmanager.com
xemlivehaynhat.click
123.30.242.10
123.30.242.13
14.225.10.21
146.75.120.193
172.96.185.220
172.96.185.222
2001:4860:4802:34::36
2606:4700::6810:5814
2a00:1450:4001:812::2008
2a00:1450:4001:828::200e
2a04:4e42::649
040ea607b6a76b776cbf19dd8765b3994e3abb5a5ea0d8ff4e0227885d84aa7f
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
26f136266dd8252dbf2f75dbbb5d9afb32f9a25eb15cad786b8405c1813972a4
2cffcfaacd57b1261f9528bf5cf177907f5dbfc64d5f39796a8bb329e8d1a430
3e428a2e1d953118964492d99c6ff64f4787e1a16519b5eb3aec2eed0ba1e361
4d7dd6e02d849e181e51db84d9d230d369b8ce7412dbcee9d7d1d19ad8a16741
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
54e8223f37c85ed15f4467a14d93d47d7c6019f72c53fa5109f85fefcbb46863
60b7372c928cebd34bb4da0ffc3228b25b377f5b30902ccbc7698a57ddaf3200
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
66b794d3a899c4e7b6a7ee6266111b9cb1c2f1dd469c00170d752611137371da
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
8cef08634dc57d6519717c5a99a9e502bdc96586fe64770520a4820b0b089920
998b049e731114e2fa35d65f23fc6e6e153249a4ef328912e3c7c49546e2d207
a38bb24550037fc6c84d4f0bbdf4fccdafe1ac6ecc12af87ac851d3b036dc255
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b
b0eb46615622d13c34e007e8f3434b1eb2eec4be398bc0383218210a5ca02ec0
b867e7ebedc405050d5bf1d298928b464a85ec4f285e7f07005f65163f06aad7
c2d9d85bc906906634412f035aefeadb4a057637b586968dadbda10c39a8e3f2
c56665ab44e1195ecc264958e1a0e7973bd45000ad31d46576328c215d524163
d2f2865c52a9fb4977884a71ebba5823b3c9d95b391262df6e08b8e9d8918f01
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e311a08f36a82eaa293c79a683fc07c46e4fdcb4704f04ed38fe7c59a029d86d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47c88ad2dcfb12aed6ee94036211b5a78d3cc80c038e81a8c159d59cba8e7e7
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
f4826bd7a8d57b61e6ca76a55ad516f06fa532e2eb8e882f1792c8700688c9c9
f545807a2dd097d07e73b2cd3fe8a2e1b41988feb627eff1a1d06bd8b5ad3520
f6da75a24824c31012d6bf878356e65f920cace159a738582fd022ab09fb1bfd
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f82be9132e6fa9f058c5461548b0e4ee64423a5e59775f0e285c0bb32160859b

xemlivehaynhat.click Open in urlscan Pro 172.96.185.222 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

30 Requests

100 %HTTPS

45 %IPv6

9 Domains

11 Subdomains

12 IPs

4 Countries

758 kBTransfer

1814 kBSize

4 Cookies

0 Outgoing links

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

xemlivehaynhat.click Open in urlscan Pro
172.96.185.222 Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

100 %
HTTPS

45 %
IPv6

9
Domains

11
Subdomains

12
IPs

4
Countries

758 kB
Transfer

1814 kB
Size

4
Cookies

30 HTTP transactions
6 data transactions