URL: https://lekhang.me/
Submission: On November 05 via api from US — Scanned from US

Summary

This website contacted 8 IPs in 2 countries across 9 domains to perform 21 HTTP transactions. The main IP is 172.67.218.12, located in United States and belongs to CLOUDFLARENET, US. The main domain is lekhang.me.
TLS certificate: Issued by WE1 on September 26th 2024. Valid for: 3 months.
This is the only time lekhang.me was scanned on urlscan.io!

urlscan.io Verdict: No classification


Live information

Domain & IP information

IP Address AS Autonomous System
5 172.67.218.12 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
1 123.30.134.233 7643 (VNPT-AS-V...)
4 2607:f8b0:400... 15169 (GOOGLE)
1 172.67.140.77 13335 (CLOUDFLAR...)
3 142.250.80.35 15169 (GOOGLE)
21 8
Apex Domain
Subdomains
Transfer
5 lekhang.me
lekhang.me
45 KB
4 googleusercontent.com
lh4.googleusercontent.com — Cisco Umbrella Rank: 842
570 KB
4 blogspot.com
1.bp.blogspot.com — Cisco Umbrella Rank: 17648
166 KB
3 gstatic.com
fonts.gstatic.com
71 KB
1 anonyviet.com
anonyviet.com
16 KB
1 nhaccuatui.com
www.nhaccuatui.com — Cisco Umbrella Rank: 224794
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
959 B
0 fptshop.com.vn Failed
fptshop.com.vn Failed
0 websitecuaban.com Failed
websitecuaban.com Failed
21 9
Domain Requested by
5 lekhang.me lekhang.me
4 lh4.googleusercontent.com lekhang.me
4 1.bp.blogspot.com lekhang.me
3 fonts.gstatic.com fonts.googleapis.com
1 anonyviet.com lekhang.me
1 www.nhaccuatui.com lekhang.me
1 fonts.googleapis.com lekhang.me
0 fptshop.com.vn Failed lekhang.me
0 websitecuaban.com Failed lekhang.me
21 9

This site contains no links.

Subject Issuer Validity Valid
lekhang.me
WE1
2024-09-26 -
2024-12-25
3 months crt.sh
upload.video.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
misc-sni.blogspot.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.nhaccuatui.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-01-03 -
2025-02-02
a year crt.sh
*.googleusercontent.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
anonyviet.com
WE1
2024-10-01 -
2024-12-30
3 months crt.sh
*.gstatic.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh

This page contains 2 frames:

Primary Page: https://lekhang.me/
Frame ID: D24B4FEE79583744165DD26575CBE13E
Requests: 20 HTTP requests in this frame

Frame: https://www.nhaccuatui.com/bai-hat/chuyen-cu-bo-qua-bich-phuong.xY56LWaPbGG4.html
Frame ID: 60D599B9A7389659F6B870AE985D71D9
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Đếm ngược đến Tết Ất Tỵ 2025 - Sắp Tết!

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

90 %
HTTPS

43 %
IPv6

9
Domains

9
Subdomains

8
IPs

2
Countries

869 kB
Transfer

960 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
lekhang.me/
39 KB
9 KB
Document
General
Full URL
https://lekhang.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.218.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4af528fa3eb2718e27d6a7b89a93209569e3e7957702685749281979226ab6c0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8de0aa71df5e67bd-MIA
content-encoding
br
content-type
text/html
date
Tue, 05 Nov 2024 23:36:25 GMT
last-modified
Fri, 18 Nov 2022 03:59:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5SoXEMz620SLDDWyVjOVKM3ePVAN%2Fq4C%2FQkUdyR%2F2aTJA4Zsk%2BLPh9sVBZw7VKTaquoH1I7Uws18%2BWB%2BMTmwxpqPd%2BlOzAsGILkRrRif%2BY3wD6KOTnlpL5X1FZ2O"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=31772&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4272&recv_bytes=4527&delivery_rate=494&cwnd=12000&unsent_bytes=0&cid=b3dbf275a4b83627&ts=853&x=1" cfHdrFlush;dur=0
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
jquery-3.2.1.min.js
lekhang.me/
85 KB
31 KB
Script
General
Full URL
https://lekhang.me/jquery-3.2.1.min.js
Requested by
Host: lekhang.me
URL: https://lekhang.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.218.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c54833cfb9b63455e0d3d6e102fceb691244f89d2738abf89ddb2ea2c5313d3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://lekhang.me/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ESwdy61Gt7lQ5fJLMlnp0C7NMK5nySZhO289jfIU8BlHve7wcTJCNgwTT5gDB9JF0j%2Fszm4F6XFIIkrJ3z4C0%2BRwclSAwoaTV7AasheWeu9UXJrCXzGernEECwt9"}],"group":"cf-nel","max_age":604800}
cf-ray
8de0aa770ff567bd-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34391&sent=27&recv=20&lost=0&retrans=0&sent_bytes=17505&recv_bytes=5637&delivery_rate=4299&cwnd=12000&unsent_bytes=0&cid=b3dbf275a4b83627&ts=1924&x=1", cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 23:36:26 GMT
x-turbo-charged-by
LiteSpeed
content-type
text/javascript
last-modified
Fri, 04 Sep 2020 08:23:02 GMT
vary
Accept-Encoding
server
cloudflare
js.js
lekhang.me/
3 KB
2 KB
Script
General
Full URL
https://lekhang.me/js.js
Requested by
Host: lekhang.me
URL: https://lekhang.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.218.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84c1ca4103682b0b3c7575b18267145d9df3ecd722eb57cea54c24231012f46f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://lekhang.me/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BtfXXFmTgzMJPnEZ0zaCtZqdPo36%2F2%2F5wqqlqsS970yNEWmApBNWkPTbv7lCO4QLtqjUvNtiaW%2F7odHyYHjQTBDHhdO7xcvwzGmb8107iMRdM%2BkRvyXhtIumkT04"}],"group":"cf-nel","max_age":604800}
cf-ray
8de0aa770ffb67bd-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31632&sent=23&recv=18&lost=0&retrans=0&sent_bytes=14117&recv_bytes=5551&delivery_rate=313519&cwnd=12000&unsent_bytes=0&cid=b3dbf275a4b83627&ts=1657&x=1", cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 23:36:26 GMT
x-turbo-charged-by
LiteSpeed
content-type
text/javascript
last-modified
Tue, 11 Dec 2018 07:28:58 GMT
vary
Accept-Encoding
server
cloudflare
phaohoa.css
lekhang.me/
9 KB
2 KB
Script
General
Full URL
https://lekhang.me/phaohoa.css
Requested by
Host: lekhang.me
URL: https://lekhang.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.218.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e40f9dcfbc67c18391e7d6f692c36a8a802c262b3c66f042a4c8abdc6371de56

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://lekhang.me/

Response headers

cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o8VXTydhG2qtFieLv6EvCqou4%2FV%2Bae%2F4Nakoenb4zRp1G9U7PulE%2Be0Wkj9E55sQFF1tQXESMnd5kPYL1k%2F8IyOWE8YYxgRYUOiGfIcS9YKrr%2BkeJRnm4z4PTxAH"}],"group":"cf-nel","max_age":604800}
cf-ray
8de0aa770ffc67bd-MIA
expires
Tue, 12 Nov 2024 23:36:25 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31632&sent=25&recv=18&lost=0&retrans=0&sent_bytes=15793&recv_bytes=5551&delivery_rate=313519&cwnd=12000&unsent_bytes=0&cid=b3dbf275a4b83627&ts=1677&x=1", cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 23:36:26 GMT
x-turbo-charged-by
LiteSpeed
content-type
text/css
last-modified
Thu, 17 Nov 2022 07:28:26 GMT
vary
Accept-Encoding
server
cloudflare
css
fonts.googleapis.com/
2 KB
959 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Dancing+Script:400,700&subset=vietnamese
Requested by
Host: lekhang.me
URL: https://lekhang.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3aebfa20b7560f4ab71260dc443e6425c5353df23899671fbdae147ebc4960cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://lekhang.me/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 05 Nov 2024 23:36:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 23:36:25 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 05 Nov 2024 23:36:25 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
phaohoa.js
websitecuaban.com/
0
0

Home.min.js
fptshop.com.vn/Content/v5d-bundle/js/
0
0

asset-left.png
1.bp.blogspot.com/-whlaCMYZ5Ak/YCju0HsERMI/AAAAAAAABSk/lf7DP4scVpgY3cnyxSoNq_xYd2ipD4X3gCLcBGAsYHQ/s0/
7 KB
7 KB
Image
General
Full URL
https://1.bp.blogspot.com/-whlaCMYZ5Ak/YCju0HsERMI/AAAAAAAABSk/lf7DP4scVpgY3cnyxSoNq_xYd2ipD4X3gCLcBGAsYHQ/s0/asset-left.png
Requested by
Host: lekhang.me
URL: https://lekhang.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
cc329eb6b07989378eb74cb0a2d1f2744939e094ac52ecf48132db76deeca300
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://lekhang.me/

Response headers

access-control-expose-headers
Content-Length
etag
"v52c"
age
0
x-content-type-options
nosniff
expires
Wed, 06 Nov 2024 23:36:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 23:36:25 GMT
content-disposition
inline;filename="asset-left.png"
content-type
image/png
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
6682
x-xss-protection
0
server
fife
asset-right.png
1.bp.blogspot.com/-QtXZIbveZqQ/YCju9vMsr1I/AAAAAAAABSs/oF8IbCzYQLMh9UoZXGFOJlaZUrarhYRhACLcBGAsYHQ/s0/
7 KB
7 KB
Image
General
Full URL
https://1.bp.blogspot.com/-QtXZIbveZqQ/YCju9vMsr1I/AAAAAAAABSs/oF8IbCzYQLMh9UoZXGFOJlaZUrarhYRhACLcBGAsYHQ/s0/asset-right.png
Requested by
Host: lekhang.me
URL: https://lekhang.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1c84652ee6c9df25c9070a4cc8153a2642594f4acc807fc640e5a8c403a27724
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://lekhang.me/

Response headers

access-control-expose-headers
Content-Length
timing-allow-origin
*
cache-control
public, max-age=86400, no-transform
etag
"v52d"
x-content-type-options
nosniff
expires
Wed, 06 Nov 2024 23:36:25 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7004
date
Tue, 05 Nov 2024 23:36:25 GMT
x-xss-protection
0
content-type
image/png
vary
Origin
server
fife
content-disposition
inline;filename="asset-right.png"
chuyen-cu-bo-qua-bich-phuong.xY56LWaPbGG4.html
www.nhaccuatui.com/bai-hat/ Frame 60D5
0
0
Document
General
Full URL
https://www.nhaccuatui.com/bai-hat/chuyen-cu-bo-qua-bich-phuong.xY56LWaPbGG4.html
Requested by
Host: lekhang.me
URL: https://lekhang.me/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
123.30.134.233 , Viet Nam, ASN7643 (VNPT-AS-VN Vietnam Posts and Telecommunications VNPT, VN),
Reverse DNS
static.vnpt.vn
Software
/
Resource Hash

Request headers

Referer
https://lekhang.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-store
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 05 Nov 2024 23:36:28 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'
vary
Accept-Encoding Accept-Encoding, User-Agent
tet1.png
lh4.googleusercontent.com/-HXBsyeylNsk/XDQOO3VSvjI/AAAAAAAACm0/mN6mv1PCfgc8o3PrRm_kvBWN7KmMjsPqQCLcBGAs/s1600/
85 KB
85 KB
Image
General
Full URL
https://lh4.googleusercontent.com/-HXBsyeylNsk/XDQOO3VSvjI/AAAAAAAACm0/mN6mv1PCfgc8o3PrRm_kvBWN7KmMjsPqQCLcBGAs/s1600/tet1.png
Requested by
Host: lekhang.me
URL: https://lekhang.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b1890e8e891221215d3d62a065a0b8b4052c28542aaf65cc30528d63d535bf65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://lekhang.me/

Response headers

access-control-expose-headers
Content-Length
timing-allow-origin
*
cache-control
public, max-age=86400, no-transform
etag
"va6e"
x-content-type-options
nosniff
expires
Wed, 06 Nov 2024 23:36:27 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87144
date
Tue, 05 Nov 2024 23:36:27 GMT
x-xss-protection
0
content-type
image/png
vary
Origin
server
fife
content-disposition
inline;filename="tet1.png"
tet2.png
lh4.googleusercontent.com/-tlsSRiDAay8/XDQOjlNI5uI/AAAAAAAACm8/66f7Unvw1J039PCBEUX9q-gFOfUw8JoGgCLcBGAs/s1600/
98 KB
98 KB
Image
General
Full URL
https://lh4.googleusercontent.com/-tlsSRiDAay8/XDQOjlNI5uI/AAAAAAAACm8/66f7Unvw1J039PCBEUX9q-gFOfUw8JoGgCLcBGAs/s1600/tet2.png
Requested by
Host: lekhang.me
URL: https://lekhang.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
c474d4fbbd8ab16f885669bc5847311788cb0703775df12bc0a312f06bc66e6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://lekhang.me/

Response headers

access-control-expose-headers
Content-Length
timing-allow-origin
*
cache-control
public, max-age=86400, no-transform
etag
"va70"
x-content-type-options
nosniff
expires
Wed, 06 Nov 2024 23:36:27 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100253
date
Tue, 05 Nov 2024 23:36:27 GMT
x-xss-protection
0
content-type
image/png
vary
Origin
server
fife
content-disposition
inline;filename="tet2.png"
buttom-left.png
lh4.googleusercontent.com/-JvldBXC9IQU/XEUxNox_npI/AAAAAAAACoQ/QsRD4t1H5jwJx57_prsTcJyvQ1-4k1oCgCLcBGAs/s1600/
61 KB
61 KB
Image
General
Full URL
https://lh4.googleusercontent.com/-JvldBXC9IQU/XEUxNox_npI/AAAAAAAACoQ/QsRD4t1H5jwJx57_prsTcJyvQ1-4k1oCgCLcBGAs/s1600/buttom-left.png
Requested by
Host: lekhang.me
URL: https://lekhang.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5ae72747fb90897584ec9f68fa04a5e4e2d2cbe89dc32074d6f55fd37198c303
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://lekhang.me/

Response headers

access-control-expose-headers
Content-Length
timing-allow-origin
*
cache-control
public, max-age=86400, no-transform
etag
"va85"
x-content-type-options
nosniff
expires
Wed, 06 Nov 2024 23:36:27 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62633
date
Tue, 05 Nov 2024 23:36:27 GMT
x-xss-protection
0
content-type
image/png
vary
Origin
server
fife
content-disposition
inline;filename="buttom-left.png"
hoadao.png
anonyviet.com/resource/hodaoroi/
15 KB
16 KB
Image
General
Full URL
https://anonyviet.com/resource/hodaoroi/hoadao.png
Requested by
Host: lekhang.me
URL: https://lekhang.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a80c0e079842b430976b327a3b4924b514d4c7c306612a5642e5a9836d7ff297

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://lekhang.me/

Response headers

cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4sSoK9DEoWl14Gu6zbl5AS4hS716lMO910NoSAQWtg4POzdAT6EDmwGK17k0vERLP66BTjjIAWn1IseqYfrWVQU4UqUO4crxoPLITrdI%2F48I8%2BDNB%2FIXYR7FYOE5fqfr"}],"group":"cf-nel","max_age":604800}
expires
max-age=A10368000, public
x-proxy-cache
MISS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31554&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4259&recv_bytes=4500&delivery_rate=494&cwnd=12000&unsent_bytes=0&cid=e39de9b9fc89fedb&ts=733&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 23:36:27 GMT
content-type
image/png
last-modified
Thu, 13 Jan 2022 01:37:30 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8de0aa80ddd1a4e6-MIA
accept-ranges
bytes
content-length
15689
server
cloudflare
31.jpg
lekhang.me/banner/
1 KB
1 KB
Image
General
Full URL
https://lekhang.me/banner/31.jpg
Requested by
Host: lekhang.me
URL: https://lekhang.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.218.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://lekhang.me/

Response headers

cache-control
private, no-cache, no-store, must-revalidate, max-age=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
BYPASS
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LtqgrMVmfr2knwW%2B5mOXWwhi7PNiiGQh9cjSyLf3o8o61qWb7hKin0maLl27Po5xt7q1WE5VDn%2BxCaf06%2BNzn8s3xjBZGW9jI03W6FmjLKH%2BPlxeLXAAYIWi3efA"}],"group":"cf-nel","max_age":604800}
cf-ray
8de0aa7e0c7a67bd-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31805&sent=56&recv=35&lost=0&retrans=0&sent_bytes=50183&recv_bytes=6570&delivery_rate=666273&cwnd=24000&unsent_bytes=0&cid=b3dbf275a4b83627&ts=2809&x=1", cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 23:36:27 GMT
x-turbo-charged-by
LiteSpeed
content-type
text/html
vary
Accept-Encoding
server
cloudflare
bottom.png
lh4.googleusercontent.com/-QbePDLdhNNY/XEUwuZ9uKNI/AAAAAAAACoI/X_VrU2mBsAU9HuZ73LtLydwGPatl_ESXgCLcBGAs/s1600/
325 KB
325 KB
Image
General
Full URL
https://lh4.googleusercontent.com/-QbePDLdhNNY/XEUwuZ9uKNI/AAAAAAAACoI/X_VrU2mBsAU9HuZ73LtLydwGPatl_ESXgCLcBGAs/s1600/bottom.png
Requested by
Host: lekhang.me
URL: https://lekhang.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
301d58a73c6e350431ceceb6e98b70474a55e81fa5c29d631b1c0f1fc7fe5c93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://lekhang.me/

Response headers

access-control-expose-headers
Content-Length
timing-allow-origin
*
cache-control
public, max-age=86400, no-transform
etag
"va83"
x-content-type-options
nosniff
expires
Wed, 06 Nov 2024 23:36:27 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332921
date
Tue, 05 Nov 2024 23:36:27 GMT
x-xss-protection
0
content-type
image/png
vary
Origin
server
fife
content-disposition
inline;filename="bottom.png"
If2RXTr6YS-zF4S-kcSWSVi_szLgiuE.woff2
fonts.gstatic.com/s/dancingscript/v25/
42 KB
42 KB
Font
General
Full URL
https://fonts.gstatic.com/s/dancingscript/v25/If2RXTr6YS-zF4S-kcSWSVi_szLgiuE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Dancing+Script:400,700&subset=vietnamese
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.35 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f3.1e100.net
Software
sffe /
Resource Hash
a29a97013ad393d493acb1e33515d103c2f6a2cf6634250faf7cc176720a6135
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://lekhang.me
Referer
https://fonts.googleapis.com/

Response headers

age
443991
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 31 Oct 2025 20:16:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 20:16:36 GMT
last-modified
Thu, 14 Sep 2023 00:02:05 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
42672
x-xss-protection
0
server
sffe
If2RXTr6YS-zF4S-kcSWSVi_szLviuEViw.woff2
fonts.gstatic.com/s/dancingscript/v25/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/dancingscript/v25/If2RXTr6YS-zF4S-kcSWSVi_szLviuEViw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Dancing+Script:400,700&subset=vietnamese
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.35 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f3.1e100.net
Software
sffe /
Resource Hash
92abb906ec46045377504faeb773712dd12fd5954b29d674eec20196bed2a3e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://lekhang.me
Referer
https://fonts.googleapis.com/

Response headers

age
529626
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 20:29:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 20:29:21 GMT
last-modified
Thu, 14 Sep 2023 00:51:44 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7768
x-xss-protection
0
server
sffe
If2RXTr6YS-zF4S-kcSWSVi_szLuiuEViw.woff2
fonts.gstatic.com/s/dancingscript/v25/
22 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/dancingscript/v25/If2RXTr6YS-zF4S-kcSWSVi_szLuiuEViw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Dancing+Script:400,700&subset=vietnamese
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.35 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f3.1e100.net
Software
sffe /
Resource Hash
de7ae97e5d510b92ae3b0589accbd3b1796d76e7cd7bea8968a36ea58846ea24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://lekhang.me
Referer
https://fonts.googleapis.com/

Response headers

age
528330
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 20:50:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 20:50:57 GMT
last-modified
Thu, 14 Sep 2023 00:59:53 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
22456
x-xss-protection
0
server
sffe
bg-top-v2-min.png
1.bp.blogspot.com/-t2pBfrtAiLc/X-6tNiBzsDI/AAAAAAAADf8/kyVRJqpp8G8Mk0EgLuNTJo3zyj_h7oB-gCLcBGAsYHQ/s1920/
149 KB
150 KB
Image
General
Full URL
https://1.bp.blogspot.com/-t2pBfrtAiLc/X-6tNiBzsDI/AAAAAAAADf8/kyVRJqpp8G8Mk0EgLuNTJo3zyj_h7oB-gCLcBGAsYHQ/s1920/bg-top-v2-min.png
Requested by
Host: lekhang.me
URL: https://lekhang.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2df977ad5d6c2ece328f113d9898a4f32ba2eaddba53237a8a0986c2feae1b62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://lekhang.me/

Response headers

access-control-expose-headers
Content-Length
timing-allow-origin
*
cache-control
public, max-age=86400, no-transform
etag
"ve01"
x-content-type-options
nosniff
expires
Wed, 06 Nov 2024 23:36:27 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
152893
date
Tue, 05 Nov 2024 23:36:27 GMT
x-xss-protection
0
content-type
image/png
vary
Origin
server
fife
content-disposition
inline;filename="bg-top-v2-min.png"
leaf.png
1.bp.blogspot.com/-QsabW6gzIzs/X-6sdiYCZ1I/AAAAAAAADfw/kROKXwxwnpoQwwKlXgZ4JhC-dphtp__5wCLcBGAsYHQ/s75/
2 KB
2 KB
Image
General
Full URL
https://1.bp.blogspot.com/-QsabW6gzIzs/X-6sdiYCZ1I/AAAAAAAADfw/kROKXwxwnpoQwwKlXgZ4JhC-dphtp__5wCLcBGAsYHQ/s75/leaf.png
Requested by
Host: lekhang.me
URL: https://lekhang.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
da846fffd8e6ab88f0281437122614cd98647534d2073285c1a83f86a3ba1136
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://lekhang.me/

Response headers

access-control-expose-headers
Content-Length
timing-allow-origin
*
cache-control
public, max-age=86400, no-transform
etag
"vdfd"
x-content-type-options
nosniff
expires
Wed, 06 Nov 2024 23:36:26 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2284
date
Tue, 05 Nov 2024 23:36:26 GMT
x-xss-protection
0
content-type
image/png
vary
Origin
server
fife
content-disposition
inline;filename="leaf.png"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
websitecuaban.com
URL
https://websitecuaban.com/phaohoa.js
Domain
fptshop.com.vn
URL
https://fptshop.com.vn/Content/v5d-bundle/js/Home.min.js?v=oXKnwjr9r0DdaS2BTq9q94IBXtcWNbqN3AjSCE07lkc

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery number| no string| snowdistance number| ns6up function| iecompattest object| dx object| xp object| yp object| am object| stx object| sty number| doc_width number| doc_height string| color_snow function| snowIE_NS6 function| hidesnow number| snowtimer number| bgBegin number| bgEnd number| bgTetId string| bgTetUrl number| bits number| speed number| bangs object| colours object| bangheight object| intensity object| colour object| Xpos object| Ypos object| dX object| dY object| stars object| decay number| swide number| shigh function| write_fire function| createDiv function| launch function| bang function| stepthrough function| set_width

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: https://fptshop.com.vn/Content/v5d-bundle/js/Home.min.js?v=oXKnwjr9r0DdaS2BTq9q94IBXtcWNbqN3AjSCE07lkc
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://lekhang.me/banner/31.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
anonyviet.com
fonts.googleapis.com
fonts.gstatic.com
fptshop.com.vn
lekhang.me
lh4.googleusercontent.com
websitecuaban.com
www.nhaccuatui.com
fptshop.com.vn
websitecuaban.com
123.30.134.233
142.250.80.35
172.67.140.77
172.67.218.12
2607:f8b0:4006:809::2001
2607:f8b0:4006:80c::2001
2607:f8b0:4006:81e::200a
1c84652ee6c9df25c9070a4cc8153a2642594f4acc807fc640e5a8c403a27724
2df977ad5d6c2ece328f113d9898a4f32ba2eaddba53237a8a0986c2feae1b62
301d58a73c6e350431ceceb6e98b70474a55e81fa5c29d631b1c0f1fc7fe5c93
3aebfa20b7560f4ab71260dc443e6425c5353df23899671fbdae147ebc4960cd
4af528fa3eb2718e27d6a7b89a93209569e3e7957702685749281979226ab6c0
5ae72747fb90897584ec9f68fa04a5e4e2d2cbe89dc32074d6f55fd37198c303
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
84c1ca4103682b0b3c7575b18267145d9df3ecd722eb57cea54c24231012f46f
8c54833cfb9b63455e0d3d6e102fceb691244f89d2738abf89ddb2ea2c5313d3
92abb906ec46045377504faeb773712dd12fd5954b29d674eec20196bed2a3e6
a29a97013ad393d493acb1e33515d103c2f6a2cf6634250faf7cc176720a6135
a80c0e079842b430976b327a3b4924b514d4c7c306612a5642e5a9836d7ff297
b1890e8e891221215d3d62a065a0b8b4052c28542aaf65cc30528d63d535bf65
c474d4fbbd8ab16f885669bc5847311788cb0703775df12bc0a312f06bc66e6c
cc329eb6b07989378eb74cb0a2d1f2744939e094ac52ecf48132db76deeca300
da846fffd8e6ab88f0281437122614cd98647534d2073285c1a83f86a3ba1136
de7ae97e5d510b92ae3b0589accbd3b1796d76e7cd7bea8968a36ea58846ea24
e40f9dcfbc67c18391e7d6f692c36a8a802c262b3c66f042a4c8abdc6371de56