urlscan.io logo urlscan.io
SecurityTrails logo

www.viva6889.cc Open in urlscan Pro
31.22.4.145  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bbmgr.kesug.com/
Effective URL: https://www.viva6889.cc/?i=1
Submission: On May 14 via api from LU — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 5 countries across 7 domains to perform 20 HTTP transactions. The main IP is 31.22.4.145, located in Leeds, United Kingdom and belongs to WILDCARD-AS Wildcard UK Limited, GB. The main domain is www.viva6889.cc.
TLS certificate: Issued by R3 on April 28th 2024. Valid for: 3 months.
This is the only time www.viva6889.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 185.27.134.57 34119 (WILDCARD-...)
2 31.22.4.145 34119 (WILDCARD-...)
1 103.77.214.201 140810 (MEGACORE-...)
3 104.17.25.14 13335 (CLOUDFLAR...)
5 172.67.128.25 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 103.169.35.121 140817 (ODSONLINE...)
1 2001:4860:480... 15169 (GOOGLE)
20 9
3    185.27.134.57 (United Kingdom)

ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)
bbmgr.kesug.com
2    31.22.4.145 (Leeds, United Kingdom)

ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)
PTR: sv56.ifastnet5.org
www.viva6889.cc
viva6889.cc
1    103.77.214.201 (Viet Nam)

ASN140810 (MEGACORE-AS-VN Megacore Technology Company Limited, VN)
security.datacenters.vn
3    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
5    172.67.128.25 (United States)

ASN13335 (CLOUDFLARENET, US)
agbong8.com
2    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    103.169.35.121 (Viet Nam)

ASN140817 (ODSONLINE-AS-VN ODS ONLINE DATA SOLUTION JOINT STOCK COMPANY, VN)
cdn.datacenters.vn
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
5 agbong8.com
agbong8.com
54 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
56 KB
3 kesug.com
bbmgr.kesug.com
6 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
164 KB
2 datacenters.vn
security.datacenters.vn
cdn.datacenters.vn
14 KB
2 viva6889.cc
www.viva6889.cc
viva6889.cc
6 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2533
255 B
20 7
Domain Requested by
5 agbong8.com www.viva6889.cc
agbong8.com
3 cdnjs.cloudflare.com www.viva6889.cc
3 bbmgr.kesug.com 1 redirects bbmgr.kesug.com
2 www.googletagmanager.com www.viva6889.cc
1 viva6889.cc
1 region1.google-analytics.com www.googletagmanager.com
1 cdn.datacenters.vn security.datacenters.vn
1 security.datacenters.vn www.viva6889.cc
security.datacenters.vn
1 www.viva6889.cc bbmgr.kesug.com
20 9

This site contains no links.

Subject Issuer Validity Valid
bbmgr.kesug.com
GoGetSSL RSA DV CA		 2023-11-27 -
2024-02-25		 3 months crt.sh
*.viva6889.cc
R3		 2024-04-28 -
2024-07-27		 3 months crt.sh
security.datacenters.vn
R3		 2024-03-18 -
2024-06-16		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
agbong8.com
GTS CA 1P5		 2024-03-16 -
2024-06-14		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
cdn.datacenters.vn
Sectigo RSA Domain Validation Secure Server CA		 2024-03-16 -
2025-03-16		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.viva6889.cc/?i=1
Frame ID: 3D39641AA76990BB735D77BA966F57F1
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

QUẢN LÝ BONG88 -🎖️-Trang thay thế quản lý bóng88 - Link vào www.viva6889.com

Page URL History Show full URLs

  1. http://bbmgr.kesug.com/ HTTP 307
    https://bbmgr.kesug.com/ Page URL
  2. https://bbmgr.kesug.com/?i=1 HTTP 301
    https://www.viva6889.cc/?i=1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

75 %
HTTPS

25 %
IPv6

7
Domains

9
Subdomains

9
IPs

5
Countries

299 kB
Transfer

845 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bbmgr.kesug.com/ HTTP 307
    https://bbmgr.kesug.com/ Page URL
  2. https://bbmgr.kesug.com/?i=1 HTTP 301
    https://www.viva6889.cc/?i=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://bbmgr.kesug.com/ HTTP 307
  • https://bbmgr.kesug.com/

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
bbmgr.kesug.com/
Redirect Chain
  • http://bbmgr.kesug.com/
  • https://bbmgr.kesug.com/
827 B
690 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bbmgr.kesug.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.57 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
0d13631683f56d9f1cd26defaabb6311a405a89a8f04242e9203d771e50f9cba

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
br
Content-Type
text/html
Date
Tue, 14 May 2024 11:42:22 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Server
nginx
Transfer-Encoding
chunked

Redirect headers

Location
https://bbmgr.kesug.com/
Non-Authoritative-Reason
HttpsUpgrades
aes.js
bbmgr.kesug.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bbmgr.kesug.com/aes.js
Requested by
Host: bbmgr.kesug.com
URL: https://bbmgr.kesug.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.57 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://bbmgr.kesug.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

Date
Tue, 14 May 2024 11:42:22 GMT
Content-Encoding
br
Last-Modified
Mon, 30 Oct 2023 22:37:31 GMT
Server
nginx
ETag
W/"6540302b-35a5"
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
Primary Request /
www.viva6889.cc/
Redirect Chain
  • https://bbmgr.kesug.com/?i=1
  • https://www.viva6889.cc/?i=1
10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.viva6889.cc/?i=1
Requested by
Host: bbmgr.kesug.com
URL: https://bbmgr.kesug.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.22.4.145 Leeds, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
sv56.ifastnet5.org
Software
nginx /
Resource Hash
81065e56fdd83a79934f64707d01b6a674e933867baa43143a8295ea5b577789

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://bbmgr.kesug.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

cache-control
max-age=500, public, proxy-revalidate
content-encoding
gzip
content-type
text/html
date
Tue, 14 May 2024 11:42:23 GMT
expires
Tue, 14 May 2024 11:50:43 GMT
last-modified
Fri, 15 Mar 2024 03:23:26 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

Cache-Control
max-age=0
Connection
keep-alive
Content-Length
235
Content-Type
text/html; charset=iso-8859-1
Date
Tue, 14 May 2024 11:42:22 GMT
Expires
Tue, 14 May 2024 11:42:22 GMT
Location
https://www.viva6889.cc?i=1
Server
nginx
customer.js
security.datacenters.vn/public/js/ 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.datacenters.vn/public/js/customer.js?token=$2a$08$LJwpqk1eoixrlQscmubC2ODt6NC4i4lb5mjAwujap2vJtrR.B1v1S
Requested by
Host: www.viva6889.cc
URL: https://www.viva6889.cc/?i=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.77.214.201 , Viet Nam, ASN140810 (MEGACORE-AS-VN Megacore Technology Company Limited, VN),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
d2003bd16d151405dd03081d1ab95bc45ecb1c84d7cbe8444a3616364961dad1

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://www.viva6889.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

Date
Tue, 14 May 2024 11:42:25 GMT
Last-Modified
Sat, 13 Apr 2024 00:50:18 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"34f7-18ed4ef05f2"
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13559
bootstrap.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.6/css/ 		143 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.6/css/bootstrap.css
Requested by
Host: www.viva6889.cc
URL: https://www.viva6889.cc/?i=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad850187e2746ffcc60b36c6d36c0986277e9dc1f277406ca146298cb2d2a309
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.viva6889.cc/
Origin
https://www.viva6889.cc
Accept-Language
en-GB,en;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

date
Tue, 14 May 2024 11:42:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
484955
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
17052
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-23aa2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lyCSlKOVO9n0msVWvF4AhrDMMQbBGtV5EF%2FqviVT%2F80rpimsu3BFSUkd0YXB9CQiHqEfp52NMb9mnM1Y7RRgphKKrOxboA5mqBchOpL0Yb6sQBEtwexzV9tT9veGslUD4r84%2FbKc"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
883a9fe679e393ee-LHR
expires
Sun, 04 May 2025 11:42:23 GMT
main.css
agbong8.com/public/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://agbong8.com/public/main.css
Requested by
Host: www.viva6889.cc
URL: https://www.viva6889.cc/?i=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ed6a640d23cb8e560fc6ca0ba1aa2c26cc6eaf95d679db5cbe1edd54553d2e77

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://www.viva6889.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

date
Tue, 14 May 2024 11:42:24 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 15 May 2022 15:06:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"2087-180c8421e50"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xRWCrQOEB33Uot4kx1v%2FtiTDdzj%2FP9Lr2fuRVOlF%2FE6qnfoU%2BLc6qtzhSMBnCG%2BD9nq2TVAmN7s3%2BQZLTq4iDPO6mHA%2F%2Frx2L%2B%2BYWp4DHxGHnfghXZCiXEV4MHSJIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=14400
cf-ray
883a9fe6b90e94bb-LHR
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		302 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q83MPKSLB8
Requested by
Host: www.viva6889.cc
URL: https://www.viva6889.cc/?i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
905969354f8646728b02354149706644d6a758d52ee4ec24215640c97b9b0476
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://www.viva6889.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

date
Tue, 14 May 2024 11:42:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102440
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 May 2024 11:42:24 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: www.viva6889.cc
URL: https://www.viva6889.cc/?i=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.viva6889.cc/
Origin
https://www.viva6889.cc
Accept-Language
en-GB,en;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

date
Tue, 14 May 2024 11:42:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
477613
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
29363
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-169d5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tD8QQ8YFgwh97W%2BdgbanMbazYVughtcPBayQjHyJoqFzOauZTnZQK6Tq9Kbn1ovWZZFNQasnUIe86IJ%2B6P3WiYnfrU2KFUKstAp2PozqgVjdabwr9MuyffiUdpcm9kFnZ4JDCwIw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
883a9fe679e093ee-LHR
expires
Sun, 04 May 2025 11:42:23 GMT
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.6/js/ 		36 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.6/js/bootstrap.min.js
Requested by
Host: www.viva6889.cc
URL: https://www.viva6889.cc/?i=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.viva6889.cc/
Origin
https://www.viva6889.cc
Accept-Language
en-GB,en;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

date
Tue, 14 May 2024 11:42:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2747974
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
8654
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-9004"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wi6aOAuAcqnFl5oaLggKhMIUE%2B%2BHV2KgzSEejG5RcIJAIVaR58TcdE39MhPlLOYqwrY1%2BQm8oB0QS8630t6peMgeHKg9WYP%2BCb%2FrgD6b%2BwUgAJBmxEbrAx7GpWf93KuJjyoRQONx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
883a9fe679dd93ee-LHR
expires
Sun, 04 May 2025 11:42:23 GMT
jquery.cookie.js
agbong8.com/public/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agbong8.com/public/jquery.cookie.js
Requested by
Host: www.viva6889.cc
URL: https://www.viva6889.cc/?i=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
4c3900ad528497c7f05e1bfae35d0b424d4493dc5c24578112b5469f9f413be8

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://www.viva6889.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

date
Tue, 14 May 2024 11:42:24 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 15 May 2022 14:50:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"e8f-180c8334970"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K9eV74hUGzh4%2B2US%2B9312OOEMDN9oXV89qqtJ3KqbPtAGb%2BMlV0pNH%2FHf8X%2FF3DZNeXCMWp2RTYKfRDrr62VsTTuJ5mAxRBfWMFlOVoXJ8RnzXhHfp8fsW9LKdpcMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400
cf-ray
883a9fe6b90c94bb-LHR
alt-svc
h3=":443"; ma=86400
apisd.js
cdn.datacenters.vn/js/ 		0
391 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.datacenters.vn/js/apisd.js?code=null
Requested by
Host: security.datacenters.vn
URL: https://security.datacenters.vn/public/js/customer.js?token=$2a$08$LJwpqk1eoixrlQscmubC2ODt6NC4i4lb5mjAwujap2vJtrR.B1v1S
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
103.169.35.121 , Viet Nam, ASN140817 (ODSONLINE-AS-VN ODS ONLINE DATA SOLUTION JOINT STOCK COMPANY, VN),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://www.viva6889.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

Date
Tue, 14 May 2024 11:42:27 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Access-Control-Allow-Methods
GET,POST
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
private
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Content-Length
0
gtm.js
www.googletagmanager.com/ 		174 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T4MFM9WT
Requested by
Host: www.viva6889.cc
URL: https://www.viva6889.cc/?i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2a756061a5841daaabc202bb6b45e7dd5127ecaed4212b6d852cea7af9e185db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://www.viva6889.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

date
Tue, 14 May 2024 11:42:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64643
x-xss-protection
0
last-modified
Tue, 14 May 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 May 2024 11:42:26 GMT
crossword.png
agbong8.com/public/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://agbong8.com/public/crossword.png
Requested by
Host: agbong8.com
URL: https://agbong8.com/public/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2f23f323330dd47e39b3af4892097e56ef0cabf5980e4c2ed794f58d4f629437

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://agbong8.com/public/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

date
Tue, 14 May 2024 11:42:26 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 15 Nov 2020 15:01:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"aaae-175cc6c77b0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=68yTA%2BZ2GvhylRUmGZhVyaie61umjZ11AKq0P4sQqNZbzTGoTe71JmXmigOvZHqphTg%2FT6RzV0%2FyHuFVM3owIoMJoyjkvyvD1XFa%2BjgNE%2FIz8%2BY7cM%2FHXvyWPHoAUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
883a9ff4ab7794bb-LHR
alt-svc
h3=":443"; ma=86400
content-length
43694
sprites2.png
agbong8.com/public/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://agbong8.com/public/sprites2.png
Requested by
Host: agbong8.com
URL: https://agbong8.com/public/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c79966b969c421b3c2ce86193262adaddf406717f7899a071204bc62975b2a57

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://agbong8.com/public/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

date
Tue, 14 May 2024 11:42:26 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 15 Nov 2020 14:58:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"175d-175cc69d3e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rxi%2BVFQN%2FIDAZ1tRhnb8oMoMjwtm2JP6QqpIiwKPiB8J3wnyZRY8%2F%2Fk0ikfL%2B1IMgC9PVDn9ZWqp1BWiYAyh1SBC8Q7HMYE62CQDkM9Q8uv%2FeRcHpEynjWKxa1c30w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
883a9ff4ab7a94bb-LHR
alt-svc
h3=":443"; ma=86400
content-length
5981
y9.svg
agbong8.com/public/ 		648 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://agbong8.com/public/y9.svg
Requested by
Host: agbong8.com
URL: https://agbong8.com/public/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
29efa1b62629e9bb35328b924001d0c79cefedc968c87aa69351fd013f3e2417

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://agbong8.com/public/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

date
Tue, 14 May 2024 11:42:26 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 15 May 2022 14:31:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"288-180c8217308"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kLbVP1mt1WXPmfMmP%2FXWn5%2Fp4Bql7J%2Bj7Fn8dhzWguRqPRhgl0ZOh0NMf3pqYfOSbP%2B%2FYegUseBVov2yR9Yf%2BkOcPrZdRB09nznFxUgSXlqAj5M85%2BeOH88BOo8Zzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
883a9ff4ab7f94bb-LHR
alt-svc
h3=":443"; ma=86400
collect
region1.google-analytics.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Q83MPKSLB8&gtm=45je45d0v9178611070za200&_p=1715686945999&gcd=13l3l3l3l1&npa=0&dma=0&cid=451059650.1715686946&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715686946&sct=1&seg=0&dl=https%3A%2F%2Fwww.viva6889.cc%2F%3Fi%3D1&dr=https%3A%2F%2Fbbmgr.kesug.com%2F&dt=QU%E1%BA%A2N%20L%C3%9D%20BONG88%20-%F0%9F%8E%96%EF%B8%8F-Trang%20thay%20th%E1%BA%BF%20qu%E1%BA%A3n%20l%C3%BD%20b%C3%B3ng88%20-%20Link%20v%C3%A0o%20www.viva6889.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2741
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q83MPKSLB8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://www.viva6889.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 May 2024 11:42:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.viva6889.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
icon.png
viva6889.cc/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://viva6889.cc/icon.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.22.4.145 Leeds, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
sv56.ifastnet5.org
Software
nginx /
Resource Hash
1d0198e1dff0e4ca46a1be7a85c12e583bd5f7077a829a09312894b43395a4f5

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://www.viva6889.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.57 Safari/537.36

Response headers

pragma
public
date
Tue, 14 May 2024 11:42:28 GMT
last-modified
Tue, 27 Feb 2024 02:29:09 GMT
server
nginx
content-type
image/png
cache-control
max-age=7200, public
accept-ranges
bytes
content-length
1827
expires
Tue, 14 May 2024 13:42:28 GMT
/
security.datacenters.vn/alive/ 		0
0
/
security.datacenters.vn/alive/ 		0
0
collect
region1.google-analytics.com/g/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
security.datacenters.vn
URL
https://security.datacenters.vn/alive/
Domain
security.datacenters.vn
URL
https://security.datacenters.vn/alive/
Domain
region1.google-analytics.com
URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Q83MPKSLB8&gtm=45je45d0v9178611070za200&_p=1715686945999&gcd=13l3l3l3l1&npa=0&dma=0&cid=451059650.1715686946&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1715686946&sct=1&seg=0&dl=https%3A%2F%2Fwww.viva6889.cc%2F%3Fi%3D1&dr=https%3A%2F%2Fbbmgr.kesug.com%2F&dt=QU%E1%BA%A2N%20L%C3%9D%20BONG88%20-%F0%9F%8E%96%EF%B8%8F-Trang%20thay%20th%E1%BA%BF%20qu%E1%BA%A3n%20l%C3%BD%20b%C3%B3ng88%20-%20Link%20v%C3%A0o%20www.viva6889.com&en=scroll&epn.percent_scrolled=90&_et=7&tfd=7754

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| myHash function| generateFingerprint function| a0_0x30b9 function| a0_0x4f04 function| postData function| analyzeUserBehavior function| createPopup function| setCookie function| getCookie function| hexToString function| getAsciiFromHex function| getTokenFromCurrentScript function| initPage function| gtag object| dataLayer function| $ function| jQuery object| jQuery19106578542724695597 object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

4 Cookies

Domain/Path Name / Value
bbmgr.kesug.com/ Name: __test
Value: c1a55a4a9aa134afc47dd25a7228a8a9
www.viva6889.cc/ Name: Dtc
Value: be9531bff9307b0db386509a6675bde1ae19708a53fd2960c5e3b62c161988db
.viva6889.cc/ Name: _ga
Value: GA1.1.451059650.1715686946
.viva6889.cc/ Name: _ga_Q83MPKSLB8
Value: GS1.1.1715686946.1.0.1715686946.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

agbong8.com
bbmgr.kesug.com
cdn.datacenters.vn
cdnjs.cloudflare.com
region1.google-analytics.com
security.datacenters.vn
viva6889.cc
www.googletagmanager.com
www.viva6889.cc
region1.google-analytics.com
security.datacenters.vn
103.169.35.121
103.77.214.201
104.17.25.14
172.67.128.25
185.27.134.57
2001:4860:4802:34::36
2a00:1450:4001:80b::2008
31.22.4.145
0d13631683f56d9f1cd26defaabb6311a405a89a8f04242e9203d771e50f9cba
1d0198e1dff0e4ca46a1be7a85c12e583bd5f7077a829a09312894b43395a4f5
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
29efa1b62629e9bb35328b924001d0c79cefedc968c87aa69351fd013f3e2417
2a756061a5841daaabc202bb6b45e7dd5127ecaed4212b6d852cea7af9e185db
2f23f323330dd47e39b3af4892097e56ef0cabf5980e4c2ed794f58d4f629437
4c3900ad528497c7f05e1bfae35d0b424d4493dc5c24578112b5469f9f413be8
5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96
81065e56fdd83a79934f64707d01b6a674e933867baa43143a8295ea5b577789
905969354f8646728b02354149706644d6a758d52ee4ec24215640c97b9b0476
ad850187e2746ffcc60b36c6d36c0986277e9dc1f277406ca146298cb2d2a309
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c79966b969c421b3c2ce86193262adaddf406717f7899a071204bc62975b2a57
d2003bd16d151405dd03081d1ab95bc45ecb1c84d7cbe8444a3616364961dad1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed6a640d23cb8e560fc6ca0ba1aa2c26cc6eaf95d679db5cbe1edd54553d2e77