ocsenmoi01.beco.vn Open in urlscan Pro
13.228.81.39 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ocsenmoi01.beco.vn/
Submission: On June 23 via api (June 23rd 2024, 2:38:05 pm UTC) from US — Scanned from SG

Summary HTTP 46 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 2 countries across 14 domains to perform 46 HTTP transactions. The main IP is 13.228.81.39, located in Singapore, Singapore and belongs to AMAZON-02, US. The main domain is ocsenmoi01.beco.vn.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on June 19th 2024. Valid for: 3 months.

This is the only time ocsenmoi01.beco.vn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	13.228.81.39 13.228.81.39	16509 (AMAZON-02) (AMAZON-02)
1	2404:6800:400... 2404:6800:4003:c1a::5f	15169 (GOOGLE) (GOOGLE)
8	2600:9000:223... 2600:9000:223b:2e00:11:52e1:b680:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2404:6800:400... 2404:6800:4003:c01::61	15169 (GOOGLE) (GOOGLE)
2 2	18.140.111.49 18.140.111.49	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f00... 2a03:2880:f00c:19:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a03:2880:f10... 2a03:2880:f10c:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2404:6800:400... 2404:6800:4003:c06::64	15169 (GOOGLE) (GOOGLE)
7	2404:6800:400... 2404:6800:4003:c1a::5e	15169 (GOOGLE) (GOOGLE)
2	54.254.52.7 54.254.52.7	16509 (AMAZON-02) (AMAZON-02)
1	2404:6800:400... 2404:6800:4003:c01::64	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4003:c11::5d	15169 (GOOGLE) (GOOGLE)
2	74.125.68.155 74.125.68.155	15169 (GOOGLE) (GOOGLE)
2	74.125.68.147 74.125.68.147	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c04::5e	15169 (GOOGLE) (GOOGLE)
1	157.240.7.26 157.240.7.26	32934 (FACEBOOK) (FACEBOOK)
6	157.240.7.35 157.240.7.35	32934 (FACEBOOK) (FACEBOOK)
46	17

1 13.228.81.39 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-81-39.ap-southeast-1.compute.amazonaws.com

ocsenmoi01.beco.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c1a::5f (Singapore, Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:223b:2e00:11:52e1:b680:93a1 (United States)

ASN16509 (AMAZON-02, US)

w.ladicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c01::61 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.140.111.49 (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-111-49.ap-southeast-1.compute.amazonaws.com

static.ladipage.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f00c:19:face:b00c:0:3 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f10c:83:face:b00c:0:25de (Singapore, Singapore)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c06::64 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4003:c1a::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.254.52.7 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-254-52-7.ap-southeast-1.compute.amazonaws.com

a.ladipage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c01::64 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

docs.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c11::5d (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.68.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f155.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.68.147 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c04::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.7.26 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-sin6.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 157.240.7.35 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-sin6.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	943 B
8	ladicdn.com w.ladicdn.com — Cisco Umbrella Rank: 66316	841 KB
7	gstatic.com fonts.gstatic.com	156 KB
4	youtube.com img.youtube.com — Cisco Umbrella Rank: 1994 www.youtube.com — Cisco Umbrella Rank: 96	12 KB
3	google.com docs.google.com — Cisco Umbrella Rank: 291 www.google.com — Cisco Umbrella Rank: 5	5 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 204	74 KB
2	google.com.sg www.google.com.sg — Cisco Umbrella Rank: 14705	565 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 70	3 KB
2	ladipage.com a.ladipage.com — Cisco Umbrella Rank: 74986	652 B
2	ladipage.net 2 redirects static.ladipage.net — Cisco Umbrella Rank: 144930	219 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	85 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	2 KB
1	beco.vn ocsenmoi01.beco.vn	68 KB
0	bytedance.com Failed static.bytedance.com Failed
46	14

	Domain	Requested by
9	www.facebook.com	ocsenmoi01.beco.vn
8	w.ladicdn.com	ocsenmoi01.beco.vn
7	fonts.gstatic.com	fonts.googleapis.com
3	www.youtube.com	w.ladicdn.com www.youtube.com
3	connect.facebook.net	ocsenmoi01.beco.vn connect.facebook.net
2	www.google.com.sg	ocsenmoi01.beco.vn
2	www.google.com	ocsenmoi01.beco.vn
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	a.ladipage.com	w.ladicdn.com
2	static.ladipage.net	2 redirects
1	docs.google.com	w.ladicdn.com
1	img.youtube.com	ocsenmoi01.beco.vn
1	www.googletagmanager.com	ocsenmoi01.beco.vn
1	fonts.googleapis.com	ocsenmoi01.beco.vn
1	ocsenmoi01.beco.vn
0	static.bytedance.com Failed	ocsenmoi01.beco.vn
46	16

This site contains no links.

Subject Issuer	Validity	Valid
ocsenmoi01.beco.vn ZeroSSL RSA Domain Secure Site CA	`2024-06-19` - `2024-09-17`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
w.ladicdn.com Amazon RSA 2048 M02	`2023-10-12` - `2024-11-10`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-31` - `2024-06-29`	3 months	crt.sh
*.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
a.ladipage.com Amazon RSA 2048 M03	`2024-04-17` - `2025-05-16`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.google.com.sg WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://ocsenmoi01.beco.vn/
Frame ID: FE3646112FD921A73BAAC879FCEB0A7B
Requests: 46 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fphunulaphaixinh%2F&tabs=timeline&width=340&height=175&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Frame ID: 3C0EDF5B3EF4004449AB327B27A1A736
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/0bEQ8XN1ijg?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Focsenmoi01.beco.vn&widgetid=1
Frame ID: B600BBCB68A6C7BCB6E932EC4CDF64F6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mỹ Phẩm Ốc Sên Goodal Hàn Quốc

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

46
Requests

89 %
HTTPS

59 %
IPv6

14
Domains

16
Subdomains

17
IPs

2
Countries

1248 kB
Transfer

2550 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://static.ladipage.net/source/notify.svg HTTP 301
https://w.ladicdn.com/source/notify.svg

Request Chain 38

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=3649606338441281&ev=PageView&dl=https%3A%2F%2Focsenmoi01.beco.vn%2F&rl=&if=false&ts=1719153480045&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1719153480043.419318882208505039&ler=empty&cdl=API_unavailable&it=1719153479556&coo=false&rqm=FGET HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D3649606338441281%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Focsenmoi01.beco.vn%252F%26rl%26if%3Dfalse%26ts%3D1719153480045%26sw%3D1600%26sh%3D1200%26v%3D2.9.158%26r%3Dstable%26ec%3D0%26o%3D4126%26fbp%3Dfb.1.1719153480043.419318882208505039%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1719153479556%26coo%3Dfalse%26rqm%3DFGET

Request Chain 40

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=3649606338441281&ev=ViewContent&dl=https%3A%2F%2Focsenmoi01.beco.vn%2F&rl=&if=false&ts=1719153480046&sw=1600&sh=1200&v=2.9.158&r=stable&ec=1&o=4126&fbp=fb.1.1719153480043.419318882208505039&ler=empty&cdl=API_unavailable&it=1719153479556&coo=false&rqm=FGET HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D3649606338441281%26ev%3DViewContent%26dl%3Dhttps%253A%252F%252Focsenmoi01.beco.vn%252F%26rl%26if%3Dfalse%26ts%3D1719153480046%26sw%3D1600%26sh%3D1200%26v%3D2.9.158%26r%3Dstable%26ec%3D1%26o%3D4126%26fbp%3Dfb.1.1719153480043.419318882208505039%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1719153479556%26coo%3Dfalse%26rqm%3DFGET

Request Chain 47

https://static.ladipage.net/59cba0db2b138379b150bf7a/goodal_1461894963-1551842106.png HTTP 301
https://w.ladicdn.com/59cba0db2b138379b150bf7a/goodal_1461894963-1551842106.png

46 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ocsenmoi01.beco.vn/ 598 KB
68 KB 157ms
11ms Document
text/html 13.228.81.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ocsenmoi01.beco.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.228.81.39 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-228-81-39.ap-southeast-1.compute.amazonaws.com

Software

openresty /

Resource Hash

170a0ed571f154ae7b333f3a5955707953ee9a0121b8331593321d27413a8b95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-SG,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 23 Jun 2024 14:37:59 GMT
server: openresty
statuscode: 200
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 19 KB
2 KB 24ms
10ms Stylesheet
text/css 2404:6800:4003:c1a::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Montserrat:bold,regular&display=swap

Requested by

Host: ocsenmoi01.beco.vn
URL: https://ocsenmoi01.beco.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

276f0c6a3be6e6b643aedf2288a78cb60ccca2c6022d42b4f1c4bee8c6fe631b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ocsenmoi01.beco.vn/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 23 Jun 2024 14:37:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 23 Jun 2024 14:37:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 23 Jun 2024 14:37:59 GMT

GET
H2 200 ladipage.vi.min.js Show response
w.ladicdn.com/v2/source/ 377 KB
87 KB 40ms
10ms Script
text/javascript 2600:9000:223b:2e00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1624614446103
Requested by: Host: ocsenmoi01.beco.vn
URL: https://ocsenmoi01.beco.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223b:2e00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5c248a509f1aafd9c718b1b6e6d933e6c9ebd9451c60a249052eb83755fc9f60

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ocsenmoi01.beco.vn/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 09:14:04 GMT
content-encoding: gzip
via: 1.1 9f7a987f61c1e9f7d25cd5462f22a14a.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P2
age: 5981035
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: h2EQO0O-m3PI_kCwjOTqUcYRd3e3zBQIr8s9X73byY6KPYQfZ3IzGA==
expires: Tue, 15 Apr 2025 09:14:04 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 238 KB
85 KB 65ms
16ms Script
application/javascript 2404:6800:4003:c01::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-876279190

Requested by

Host: ocsenmoi01.beco.vn
URL: https://ocsenmoi01.beco.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

36bb31f75381db498d5d21a3483ab2988d45d09c8a36e58401a4290605883137

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ocsenmoi01.beco.vn/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 14:37:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86841
x-xss-protection: 0
last-modified: Sun, 23 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 23 Jun 2024 14:37:59 GMT

GET
H2

200

notify.svg
w.ladicdn.com/source/
Redirect Chain

https://static.ladipage.net/source/notify.svg
https://w.ladicdn.com/source/notify.svg

2 KB
869 B

24ms
23ms

Image
image/svg+xml

2600:9000:223b:2e00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/source/notify.svg
Requested by: Host: ocsenmoi01.beco.vn
URL: https://ocsenmoi01.beco.vn/
Protocol: H2
Server: 2600:9000:223b:2e00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c950f9d8711acbcb718c05c7d12d9297acfd418b228382d45c92c36deab49b12

Request headers

Accept-Language: en-SG,en;q=0.9;q=0.9
Referer: https://ocsenmoi01.beco.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 14 May 2024 04:31:22 GMT
content-encoding: gzip
via: 1.1 9f7a987f61c1e9f7d25cd5462f22a14a.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P2
age: 3492397
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: QHjnqKZUgfHxAP7E1ZCd6yfBoJCppM8FfLkpeC5TSiID12bHQz5VyA==
expires: Wed, 14 May 2025 04:31:22 GMT

Redirect headers

location: https://w.ladicdn.com:443/source/notify.svg
date: Sun, 23 Jun 2024 14:37:59 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 ladipage.min.css
w.ladicdn.com/v2/source/ 66 KB
6 KB 60ms
33ms Stylesheet
text/css 2600:9000:223b:2e00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/v2/source/ladipage.min.css?v=1624614446103
Requested by: Host: ocsenmoi01.beco.vn
URL: https://ocsenmoi01.beco.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223b:2e00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: cdf280f70a1b4ee57e3451e5aecb0d56269e5feec54513bed76598df05acabdf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ocsenmoi01.beco.vn/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 09:14:04 GMT
content-encoding: gzip
via: 1.1 9f7a987f61c1e9f7d25cd5462f22a14a.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P2
age: 5981035
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: JVaTPkMA6OVl06cX9W227d4ZgrRzh2ChjM4CenTnH46-1kxQu-syGA==
expires: Tue, 15 Apr 2025 09:14:04 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 52ms
4ms Script
application/x-javascript 2a03:2880:f00c:19:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ocsenmoi01.beco.vn
URL: https://ocsenmoi01.beco.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:19:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ocsenmoi01.beco.vn/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 23 Jun 2024 14:37:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58024
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=12, mss=1297, tbw=2783, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: cya4+WI3SnlWb3JBwi2HlUtpquRINB2oBDXPtEbi+4k2Oxq2M+ylG3h1wPzG/7aneFmhGkbNhb6s99GsPym7Wg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET sdk.js
static.bytedance.com/pixel/ 0
0

GET
H2 200 page.php
www.facebook.com/plugins/ Frame 3C0E 0
0 234ms
197ms Document
text/html 2a03:2880:f10c:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fphunulaphaixinh%2F&tabs=timeline&width=340&height=175&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Requested by

Host: ocsenmoi01.beco.vn
URL: https://ocsenmoi01.beco.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10c:83:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-SG,en;q=0.9;q=0.9
Referer: https://ocsenmoi01.beco.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: zstd
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
cross-origin-resource-policy: cross-origin
date: Sun, 23 Jun 2024 14:37:59 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7383707970259582034"}]}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7383707970259582034"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=9, rtx=0, c=10, mss=1297, tbw=2798, tp=-1, tpl=-1, uplat=190, ullat=0
x-fb-debug: rl7B6yKY+arrRW/bUyqsP2p0OXXnC0zWOQEPUvD/Gwjl/ffbcU9R0a9ek2hQ0DBYzVQcSeYyHdq51YgQxlWoBw==
x-frame-options: DENY
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 175 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adcb027cf318eaf3981bc17c449deacb610690db5b3fdd131ac2b77fdc73280

Request headers

Accept-Language: en-SG,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 178 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 854bede5db9b251ab4165239c434f68488781fb31e0d8dcbdb24737d125c7ab7

Request headers

Accept-Language: en-SG,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 474 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 26dc91be43919872e42011b880765da195e6ecd0513e52a301af8053034f49ec

Request headers

Accept-Language: en-SG,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 404 hqdefault.jpg
img.youtube.com/vi/0bEQ8XN1ijg/ 1 KB
1 KB 267ms
238ms Image
image/jpeg 2404:6800:4003:c06::64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/0bEQ8XN1ijg/hqdefault.jpg

Requested by

Host: ocsenmoi01.beco.vn
URL: https://ocsenmoi01.beco.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::64 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ocsenmoi01.beco.vn/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 14:37:59 GMT
x-content-type-options: nosniff
server: sffe
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=30
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1097
x-xss-protection: 0
expires: Sun, 23 Jun 2024 14:38:29 GMT

GET
H2 200 118428f0-e5d0-491a-ae0f-294e6ffb7cab.jpg
w.ladicdn.com/uploads/images/ 77 KB
67 KB 13ms
12ms Image
image/jpeg 2600:9000:223b:2e00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/uploads/images/118428f0-e5d0-491a-ae0f-294e6ffb7cab.jpg
Requested by: Host: ocsenmoi01.beco.vn
URL: https://ocsenmoi01.beco.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223b:2e00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: de5c6e6cadf59bc0cf86bbd0bda44cb5aec80b6d8e1e64ef2b5280ba7fe64fbb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ocsenmoi01.beco.vn/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 02:30:39 GMT
content-encoding: gzip
via: 1.1 9f7a987f61c1e9f7d25cd5462f22a14a.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P2
age: 648440
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: xkanQDUjmsTH9AstczcB7mzdoLCneOHPVjrCE97JaaU2O_J4fkyaZg==
expires: Mon, 16 Jun 2025 02:30:39 GMT

GET
H2 200 set-20200525023827.png
w.ladicdn.com/s900x600/59cba0db2b138379b150bf7a/ 327 KB
324 KB 2972ms
2971ms Image
image/png 2600:9000:223b:2e00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s900x600/59cba0db2b138379b150bf7a/set-20200525023827.png
Requested by: Host: ocsenmoi01.beco.vn
URL: https://ocsenmoi01.beco.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223b:2e00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a7641aa821af19906f7b83ce72de741db3884614472a455dc82f8e0dd2355d60

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ocsenmoi01.beco.vn/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 14:38:02 GMT
content-encoding: gzip
via: 1.1 9f7a987f61c1e9f7d25cd5462f22a14a.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P2
x-cache: Miss from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: haV3XFlVaZVflmZJ-xUyXrKPxdrn5x_dj_pURh9vVJWPQco6qUBB8w==
expires: Mon, 23 Jun 2025 14:38:02 GMT

GET
H2 200 50g-20200329161609.png
w.ladicdn.com/s950x700/59cba0db2b138379b150bf7a/ 343 KB
339 KB 3011ms
3011ms Image
image/png 2600:9000:223b:2e00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s950x700/59cba0db2b138379b150bf7a/50g-20200329161609.png
Requested by: Host: ocsenmoi01.beco.vn
URL: https://ocsenmoi01.beco.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223b:2e00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: cb54962d1330cc06c0feffbb12125c1771306e59dc67a2a8068ac5357c0d83fd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ocsenmoi01.beco.vn/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 14:38:02 GMT
content-encoding: gzip
via: 1.1 9f7a987f61c1e9f7d25cd5462f22a14a.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P2
x-cache: Miss from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: 0YIDBQsvFE3Gj8tJypM_5aVoKwkoyioPX67vkYDQ-Cg2AWVJI0FQJw==
expires: Mon, 23 Jun 2025 14:38:02 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 38ms
13ms Font
font/woff2 2404:6800:4003:c1a::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Montserrat:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://ocsenmoi01.beco.vn
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 20:19:07 GMT
x-content-type-options: nosniff
age: 65932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Jun 2025 20:19:07 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 35 KB
35 KB 31ms
7ms Font
font/woff2 2404:6800:4003:c1a::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Montserrat:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://ocsenmoi01.beco.vn
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 14:38:47 GMT
x-content-type-options: nosniff
age: 86352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35328
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Jun 2025 14:38:47 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 16 KB
16 KB 41ms
18ms Font
font/woff2 2404:6800:4003:c1a::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Montserrat:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://ocsenmoi01.beco.vn
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 14:23:21 GMT
x-content-type-options: nosniff
age: 87278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16552
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Jun 2025 14:23:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 29ms
5ms Font
font/woff2 2404:6800:4003:c1a::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Montserrat:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://ocsenmoi01.beco.vn
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 14:25:42 GMT
x-content-type-options: nosniff
age: 87137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Jun 2025 14:25:42 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 45ms
22ms Font
font/woff2 2404:6800:4003:c1a::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Montserrat:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://ocsenmoi01.beco.vn
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 14:38:25 GMT
x-content-type-options: nosniff
age: 86374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11824
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Jun 2025 14:38:25 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 5 KB
6 KB 35ms
12ms Font
font/woff2 2404:6800:4003:c1a::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Montserrat:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://ocsenmoi01.beco.vn
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 14:20:26 GMT
x-content-type-options: nosniff
age: 87453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5548
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Jun 2025 14:20:26 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 24 KB
25 KB 42ms
19ms Font
font/woff2 2404:6800:4003:c1a::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular|Montserrat:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://ocsenmoi01.beco.vn
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 14:40:46 GMT
x-content-type-options: nosniff
age: 86233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24984
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:04:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Jun 2025 14:40:46 GMT

OPTIONS
H2 200 event
a.ladipage.com/ Frame 0
0 28ms
5ms Preflight
application/json 54.254.52.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a.ladipage.com/event

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.254.52.7 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-254-52-7.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,ladi_camp_form_submit,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_page_view
Access-Control-Request-Method: POST
Origin: https://ocsenmoi01.beco.vn
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 2592000
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 23 Jun 2024 14:37:59 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 tq Show response
docs.google.com/spreadsheets/d/1ZwtdmWq5FSJs4pcOKH-QFN33UQe7_kTVXC3coohltlE/gviz/ 5 KB
5 KB 326ms
308ms XHR
application/javascript 2404:6800:4003:c01::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/spreadsheets/d/1ZwtdmWq5FSJs4pcOKH-QFN33UQe7_kTVXC3coohltlE/gviz/tq?tqx=out:json

Requested by

Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1624614446103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::64 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

936fc8052f653309352caafd509016fe40dee08cef95ee693462ebd1c9173dfe

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt, base-uri 'self';object-src 'self';report-uri https://docs.google.com/spreadsheets/cspreport;script-src 'report-sample' 'nonce-mz7xC99UuMGL-UGcK83KhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ocsenmoi01.beco.vn/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 14:37:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt, base-uri 'self';object-src 'self';report-uri https://docs.google.com/spreadsheets/cspreport;script-src 'report-sample' 'nonce-mz7xC99UuMGL-UGcK83KhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
reporting-endpoints: default="/spreadsheets/d/1ZwtdmWq5FSJs4pcOKH-QFN33UQe7_kTVXC3coohltlE/web-reports?context=eJwV0Xtcz_ceB_B3n-_7Y0YRSuagYctQ0YWh0uX3_f0qCh2dPl-3GarJdd3coxk7HZeZzrbGGf2qn2TZRh23dSo0Gh7SdGTmEWKlmEv4UXZwXvvj-Xh83p_L4_P6vD9dfnSx_BFHF-CZg6IZnRTldlYkXlf0bVdFpY6KfJwVFYBbD0V_g2MwoKeiIa6KfoRKN0WefRTtg8q-inr-RVFcP0X9-yvyGqDIBrPcFSVB_GBF73koWgoV0HOooj-GKXLyVNQDhnspyvZW9ImPoi_B2VfRQHgEOX6K_gW2UYoOjVHUOlbRnkBF-4MVlcNts6L2SEWnJymqB_c4ZDQUvQvaNEW9IAHSoXa6ohtweQ7OwZtzFb0er-gN8F-oSIdCOAx5SxUdhLvpyAq9VigaCi3rcB_8kokx1KxXdA30jxXFQvMGRU_h4CZFJ2DMVkUREPOpojlwGW6D1xeKgmDTl4p2wts5ikZB8VeKyuAldNuhaHoB3m_DPFTtVVQHGd8pygKXA4reAipBz2DHn_6NP4GqMuyFgP8omggN5YruwRsVeAdMhXlQU4n8EHoOGWHreUW7wK0WfYTr9YoeQPFl5ILDV9BrOHlN0UUY0KjIG3J-U7QXBjcp8oMSOAmnoR5amtE3CLqnKBoutSlqglbogHkdilIhVDMoBtLZoI1wobNB12FEF4OCoRjK4JuuBv0Ar5wN6t7DoPDBBilwG27QEHjL3yB_-OVdg1rAaaxB_eEldBtn0HGohRmBBi2Eo0EG_QS9wgwaDFfCDWqFXhNRgyXaoDjYOsmgXZAxGWOoizPoFmRMRw15Mw06CP7xBunQ-oFBHRA936BZEJ9kUBqULzDoPExZaND7sAKywGkJcsLDVIMozaCPYDv4LTfIBB4rDBoNgasNioJOawzqDcMyDRoH111_Jt9hd8U4sM5sE0Vw_4M28RQGrWsTw-BSVZtogJUej8TVxkfiFjR4PxZN4BL3WPQDp3WPhSvc9baLx3BppF1YIuxiEiRl2EUy6Jl2EQVT19vFDLj5g13cgYSFz8RiyLY9EzvhUGC7KIfMoHaRBZbEdjEJ3De3iyGwoXeH2AJ1qzrEVdh0tkNkg09thxgLdf_FPEzu-VwoaFj_XDRBjfW5qIfhO_8n_OC7b1-IwzBm6ksRAgPolfCAzH6vRBYMW_VK-EJpd9LKIMmZtGQYs5S0EIhNIW0miEbSuvwpwUFrynfQ2gscNLI5aGVbhFYFpVahlYE4JbTXzgutO9y8IbR7oLGmdYXP39G0ryF8qqZNhrpYTbsK0X_XNANWNWnaehg6kDUf2PJgHH8OyesCeCXcaA3gFvC6E8CjYNf9AN4DC-0BnAr2yYF8OieQa8C-P5BfQO3QIG7OCeI2qPcdz9fgefx4Fgnj-aQM5rOwOySYC-HFp8EstwWzx5lg9oZ9C0L4IOjFIRwFey6FcJsllDvANTKU34SGCaHcBFmZofwZ-N0L5QBYEBbGKfDbljB-AuavwjgabMVhfG9_GPKFcVR9GMdClauJ6-CAm4mPwtjhJo4EjxgTe8PmZSb-J3SsMrHDaqxlmDgGrNtNXAT3vzfxU1hcYuJ00C-ZOAoG3jXxUGj83cStYH9o4hdwcaDOv8JqD503w_FgnWuBTTo7gq7rHAvJqTp_BEGFOr9TpPNIyDim80ZwP67zEOh_QmcvaL-rM_2us-dDnf0hFCJhE2RDOZwCpzadXWE4-MGsJzovhmIHM5fCjnlmjlpg5lhITzZzBixLMfMnwMvM7Ai7s81cCBVfmLkG6naa-RaszcU-cKwwswssqzbz8WYz_wT6KAtHgXrfwrPh60QL22DRIguvgeebLSy2WLjxkIXboHJtOF-AkpZwPgkTOkfwdBjfLYItcMw1gvv1jmBPSLJGcDJcPh3BtyGnVyTnQolLJB9ZGcmVsCkrkrPB-toELoLTXSZwDbRAO1T9NVeegxGJuTIYquajhqKkXHkUvs_MlUcg60iu_AwcK3JlPzh2K1eegLT7uXINXAi3yutQF2WVtyApwSqTwXmRVfaBhn1WuaDcKlPgXKVVftNglSWQfd0qIxqtcgp0PLZKhydWeQSq4ef-efIKRC7Pk9Ogry1PDoImsEPfA3nybYhzz5eJsM8rXx6ExqB82QoTo_PlDCjdni-r4OaZfHkHAl0KZB1chQy3ArkVKqYVyBqIeK9AToGJ2wrkVNj-oEDugM7uNtkHjkA1dIy3yeZFNnkfQpfbZAz4VtpkGNRV2-QtcDtjk4O1PdIPypz2yHOwcWyhnDuxUG4oL5TbwNm2V2bX7JWRN_fKaXDWp0j-Cu6hRXIEVP6jSFZD4sUiuQQ8nPfJ0WBaWywngWdFsRx3ar_s6di5uvlGaSfnG-UPdou-XWLnzF2UEJOekLJykGdCfFLa0pRU79QPUxLmxKfOT0hIS_VKTFm6JC1hSfxs35G-_iNH-_h4j_Sd_eGo_wO78bjr&build-label=editors.spreadsheets-frontend_20240611.02_p5&imp-sid=CMGg3eP58YYDFXPGSgAdvkoOiw&is-cached-offline=false"
pragma: no-cache
x-l2-request-path: l2-managed-6
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Reduced
server: GSE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://ocsenmoi01.beco.vn
access-control-expose-headers: Cache-Control,Content-Disposition,Content-Encoding,Content-Length,Content-Type,Date,Expires,Pragma,Server,Transfer-Encoding
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: Arlbm3aYP4F8jryBe5TXZ49CJDmGTgEpjkLwYKtvJpvg65pxTRq/0LtrY3S/FMwogUWu6GvOhoCX1WWtJ8wVXQkAAABpeyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IlVzZXJBZ2VudFJlZHVjdGlvbiIsImV4cGlyeSI6MTY1MDQxMjc5OSwiaXNTdWJkb21haW4iOnRydWV9,AlxirBMO0Zrt+/FCQwhfQxuhU2q8qQ0fZl/zRBr5aZucIdH3rN78FYx0ADbK45iRvhagIe2q1K4ypeVQ0cDMKgIAAAByeyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IldlYkFzc2VtYmx5SlNTdHJpbmdCdWlsdGlucyIsImV4cGlyeSI6MTcxOTM1OTk5OSwiaXNTdWJkb21haW4iOnRydWV9
x-robots-tag: noindex, nofollow, nosnippet
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 event Show response
a.ladipage.com/ 125 B
652 B 11ms
9ms XHR
text/plain 54.254.52.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a.ladipage.com/event

Requested by

Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1624614446103

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.254.52.7 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-254-52-7.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

0e8766356e7b8f563df27d4e7928077709065f892850c9089cb42d922530fc7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
LADI_CLIENT_ID: a3a78baa-d5b0-42db-4fc8-a33ec9d86632
LADI_CAMP_ORIGIN_URL
LADI_FORM_SUBMIT: 0
LADI_CAMP_ID
LADI_CAMP_FORM_SUBMIT: 0
Accept-Language: en-SG,en;q=0.9;q=0.9
LADI_CAMP_TYPE
sec-ch-ua-platform: "Win32"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
LADI_CAMP_NAME
Content-Type: application/json
Referer: https://ocsenmoi01.beco.vn/
LADI_CAMP_TARGET_URL
LADI_CAMP_PAGE_VIEW: 0
LADI_PAGE_VIEW: 1

Response headers

date: Sun, 23 Jun 2024 14:37:59 GMT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
x-xss-protection: 0

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 52ms
19ms Script
text/javascript 2404:6800:4003:c11::5d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1624614446103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::5d Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a4e88216e4b2485d3a1d2a86a9ff63d2bdb82c739587057e1477d7b12235bd84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ocsenmoi01.beco.vn/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 14:37:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sun, 23 Jun 2024 14:37:59 GMT

GET
H2 200 notify.svg
w.ladicdn.com/source/ 2 KB
0 2ms
2ms Image
image/svg+xml 2600:9000:223b:2e00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/source/notify.svg
Requested by: Host: ocsenmoi01.beco.vn
URL: https://ocsenmoi01.beco.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223b:2e00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c950f9d8711acbcb718c05c7d12d9297acfd418b228382d45c92c36deab49b12

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ocsenmoi01.beco.vn/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 04:31:22 GMT
content-encoding: gzip
via: 1.1 9f7a987f61c1e9f7d25cd5462f22a14a.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P2
age: 3492397
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: QHjnqKZUgfHxAP7E1ZCd6yfBoJCppM8FfLkpeC5TSiID12bHQz5VyA==
expires: Wed, 14 May 2025 04:31:22 GMT

GET
H2 200 3649606338441281 Show response
connect.facebook.net/signals/config/ 58 KB
12 KB 408ms
407ms Script
application/x-javascript 2a03:2880:f00c:19:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3649606338441281?v=2.9.158&r=stable&domain=ocsenmoi01.beco.vn&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:19:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a7f44060ea415adae065aef20f880a43f0491cdc4363f9007d1b8ac2e13744a6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ocsenmoi01.beco.vn/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 23 Jun 2024 14:37:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=60, mss=1297, tbw=63520, tp=-1, tpl=-1, uplat=403, ullat=0
pragma: public
x-fb-debug: 1A5KuVNSZYdDxkRYp9Cy7FWW71x8rOB/WVuYBIpATZAbOnCzmMuV9684Qkpf+rUDVyqQ6myYU0oUVM3E2YdauA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/876279190/ 3 KB
1 KB 22ms
13ms Script
text/javascript 74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/876279190/?random=1719153479587&cv=11&fst=1719153479587&bg=ffffff&guid=ON&async=1&gtm=45be46j0v9187493571za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Focsenmoi01.beco.vn%2F&hn=www.googleadservices.com&frm=0&tiba=M%E1%BB%B9%20Ph%E1%BA%A9m%20%E1%BB%90c%20S%C3%AAn%20Goodal%20H%C3%A0n%20Qu%E1%BB%91c&npa=0&pscdl=noapi&auid=839915945.1719153480&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-876279190

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f155.1e100.net

Software

cafe /

Resource Hash

5cb09f65b5e903aec3cb6fa8da0771d35e871475c714f5ad3acf2e8ac657d62c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ocsenmoi01.beco.vn/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 23 Jun 2024 14:37:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1470
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/876279190/ 4 KB
2 KB 17ms
12ms Script
text/javascript 74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/876279190/?random=1719153479608&cv=11&fst=1719153479608&bg=ffffff&guid=ON&async=1&gtm=45be46j0v9187493571za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Focsenmoi01.beco.vn%2F&hn=www.googleadservices.com&frm=0&tiba=M%E1%BB%B9%20Ph%E1%BA%A9m%20%E1%BB%90c%20S%C3%AAn%20Goodal%20H%C3%A0n%20Qu%E1%BB%91c&npa=0&pscdl=noapi&auid=839915945.1719153480&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3DScrollDepth_25_percent%3Bevent_category%3DLadiPageScrollDepth%3Bevent_label%3Docsenmoi01.beco.vn%2F%3Bnon_interaction%3Dtrue&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-876279190

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f155.1e100.net

Software

cafe /

Resource Hash

14e40ac198124381a5e0985e32db9025010af246089e3a9aa1e7b6d72a2da3f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ocsenmoi01.beco.vn/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 23 Jun 2024 14:37:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1521
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/84314bef/www-widgetapi.vflset/ 24 KB
8 KB 8ms
7ms Script
text/javascript 2404:6800:4003:c11::5d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/84314bef/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::5d Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9a72654f03de616b6fd58b742dff09a02588726c80f6a1fca5809365b591930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ocsenmoi01.beco.vn/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 07:24:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 544413
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8237
x-xss-protection: 0
last-modified: Mon, 17 Jun 2024 04:18:28 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 17 Jun 2025 07:24:26 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/876279190/ 42 B
64 B 40ms
16ms Image
image/gif 74.125.68.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/876279190/?random=1719153479608&cv=11&fst=1719151200000&bg=ffffff&guid=ON&async=1&gtm=45be46j0v9187493571za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Focsenmoi01.beco.vn%2F&hn=www.googleadservices.com&frm=0&tiba=M%E1%BB%B9%20Ph%E1%BA%A9m%20%E1%BB%90c%20S%C3%AAn%20Goodal%20H%C3%A0n%20Qu%E1%BB%91c&npa=0&pscdl=noapi&auid=839915945.1719153480&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3DScrollDepth_25_percent%3Bevent_category%3DLadiPageScrollDepth%3Bevent_label%3Docsenmoi01.beco.vn%2F%3Bnon_interaction%3Dtrue&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooL0pb63Falqaz1PPrEdviLYbcNBkJ7nA&random=131658013&rmt_tld=0&ipr=y

Requested by

Host: ocsenmoi01.beco.vn
URL: https://ocsenmoi01.beco.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ocsenmoi01.beco.vn/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 23 Jun 2024 14:37:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.sg/pagead/1p-user-list/876279190/ 42 B
456 B 34ms
10ms Image
image/gif 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/876279190/?random=1719153479608&cv=11&fst=1719151200000&bg=ffffff&guid=ON&async=1&gtm=45be46j0v9187493571za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Focsenmoi01.beco.vn%2F&hn=www.googleadservices.com&frm=0&tiba=M%E1%BB%B9%20Ph%E1%BA%A9m%20%E1%BB%90c%20S%C3%AAn%20Goodal%20H%C3%A0n%20Qu%E1%BB%91c&npa=0&pscdl=noapi&auid=839915945.1719153480&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3DScrollDepth_25_percent%3Bevent_category%3DLadiPageScrollDepth%3Bevent_label%3Docsenmoi01.beco.vn%2F%3Bnon_interaction%3Dtrue&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooL0pb63Falqaz1PPrEdviLYbcNBkJ7nA&random=131658013&rmt_tld=1&ipr=y

Requested by

Host: ocsenmoi01.beco.vn
URL: https://ocsenmoi01.beco.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ocsenmoi01.beco.vn/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 23 Jun 2024 14:37:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/876279190/ 42 B
64 B 32ms
10ms Image
image/gif 74.125.68.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/876279190/?random=1719153479587&cv=11&fst=1719151200000&bg=ffffff&guid=ON&async=1&gtm=45be46j0v9187493571za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Focsenmoi01.beco.vn%2F&hn=www.googleadservices.com&frm=0&tiba=M%E1%BB%B9%20Ph%E1%BA%A9m%20%E1%BB%90c%20S%C3%AAn%20Goodal%20H%C3%A0n%20Qu%E1%BB%91c&npa=0&pscdl=noapi&auid=839915945.1719153480&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLNhl6Uy6_J4qm6KRvLZYOPW0372sUgg&random=3092051056&rmt_tld=0&ipr=y

Requested by

Host: ocsenmoi01.beco.vn
URL: https://ocsenmoi01.beco.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ocsenmoi01.beco.vn/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 23 Jun 2024 14:37:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.sg/pagead/1p-user-list/876279190/ 42 B
109 B 34ms
11ms Image
image/gif 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/876279190/?random=1719153479587&cv=11&fst=1719151200000&bg=ffffff&guid=ON&async=1&gtm=45be46j0v9187493571za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Focsenmoi01.beco.vn%2F&hn=www.googleadservices.com&frm=0&tiba=M%E1%BB%B9%20Ph%E1%BA%A9m%20%E1%BB%90c%20S%C3%AAn%20Goodal%20H%C3%A0n%20Qu%E1%BB%91c&npa=0&pscdl=noapi&auid=839915945.1719153480&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLNhl6Uy6_J4qm6KRvLZYOPW0372sUgg&random=3092051056&rmt_tld=1&ipr=y

Requested by

Host: ocsenmoi01.beco.vn
URL: https://ocsenmoi01.beco.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ocsenmoi01.beco.vn/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 23 Jun 2024 14:37:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0bEQ8XN1ijg
www.youtube.com/embed/ Frame B600 0
0 76ms
68ms Document
text/html 2404:6800:4003:c11::5d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/0bEQ8XN1ijg?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Focsenmoi01.beco.vn&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/84314bef/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::5d Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-SG,en;q=0.9;q=0.9
Referer: https://ocsenmoi01.beco.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sun, 23 Jun 2024 14:37:59 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 2555368574787341 Show response
connect.facebook.net/signals/config/ 16 KB
3 KB 271ms
271ms Script
application/x-javascript 157.240.7.26
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2555368574787341?v=2.9.158&r=stable&domain=ocsenmoi01.beco.vn&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C219%2C154%2C111%2C134%2C127%2C115

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.7.26 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-sin6.fbcdn.net

Software

Resource Hash

856bf4a606af80be6513d6a49763050dfa580e7ddd338b5d94d9d323f18c3184

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ocsenmoi01.beco.vn/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 23 Jun 2024 14:38:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4328, tp=9, tpl=0, uplat=266, ullat=0
pragma: public
x-fb-debug: cnPAzvmGBZ/KW/e0bfH2uDy7bXz2QSPsa+XHef8mzORB77Q3fUcRaRN33Gm+GpTEHct+HiFyeJXnNVfdKfe0Aw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 18ms
8ms Image
text/plain 2a03:2880:f10c:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3649606338441281&ev=PageView&dl=https%3A%2F%2Focsenmoi01.beco.vn%2F&rl=&if=false&ts=1719153480045&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1719153480043.419318882208505039&ler=empty&cdl=API_unavailable&it=1719153479556&coo=false&rqm=GET

Requested by

Host: ocsenmoi01.beco.vn
URL: https://ocsenmoi01.beco.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10c:83:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ocsenmoi01.beco.vn/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=10, mss=1297, tbw=2836, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 23 Jun 2024 14:38:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET

/
www.facebook.com/login/
Redirect Chain

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=3649606338441281&ev=PageView&dl=https%3A%2F%2Focsenmoi01.beco.vn%2F&rl=&if=false&ts=1719153480045&sw=1600&sh=1200&v=2.9.158&r=sta...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D3649606338441281%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Focsenmoi01.b...

0
0

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 17ms
7ms Image
text/plain 2a03:2880:f10c:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3649606338441281&ev=ViewContent&dl=https%3A%2F%2Focsenmoi01.beco.vn%2F&rl=&if=false&ts=1719153480046&sw=1600&sh=1200&v=2.9.158&r=stable&ec=1&o=4126&fbp=fb.1.1719153480043.419318882208505039&ler=empty&cdl=API_unavailable&it=1719153479556&coo=false&rqm=GET

Requested by

Host: ocsenmoi01.beco.vn
URL: https://ocsenmoi01.beco.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10c:83:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ocsenmoi01.beco.vn/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=10, mss=1297, tbw=2836, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 23 Jun 2024 14:38:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET

/
www.facebook.com/login/
Redirect Chain

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=3649606338441281&ev=ViewContent&dl=https%3A%2F%2Focsenmoi01.beco.vn%2F&rl=&if=false&ts=1719153480046&sw=1600&sh=1200&v=2.9.158&r=...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D3649606338441281%26ev%3DViewContent%26dl%3Dhttps%253A%252F%252Focsenmoi0...

0
0

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 14ms
13ms Image
text/plain 157.240.7.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2555368574787341&ev=PageView&dl=https%3A%2F%2Focsenmoi01.beco.vn%2F&rl=&if=false&ts=1719153480324&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4124&fbp=fb.1.1719153480043.419318882208505039&ler=empty&cdl=API_unavailable&it=1719153479556&coo=false&rqm=GET

Requested by

Host: ocsenmoi01.beco.vn
URL: https://ocsenmoi01.beco.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.7.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ocsenmoi01.beco.vn/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=23, mss=1232, tbw=4616, tp=11, tpl=0, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 23 Jun 2024 14:38:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
197 B 234ms
232ms Image
image/png 157.240.7.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2555368574787341&ev=PageView&dl=https%3A%2F%2Focsenmoi01.beco.vn%2F&rl=&if=false&ts=1719153480324&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4124&fbp=fb.1.1719153480043.419318882208505039&ler=empty&cdl=API_unavailable&it=1719153479556&coo=false&rqm=FGET

Requested by

Host: ocsenmoi01.beco.vn
URL: https://ocsenmoi01.beco.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.7.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-sin6.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ocsenmoi01.beco.vn/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x75a0cf8b5b367386","source_keys":["1","2"]},{"key_piece":"0x230fd3daa65a6357","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sun, 23 Jun 2024 14:38:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7383707973918818755", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=24, mss=1232, tbw=5567, tp=24, tpl=0, uplat=222, ullat=0
pragma: no-cache
x-fb-debug: YonTQOP0sQE0denwgZ3rktWtpBU/u+seckYcYttjemLTnPrsRT+wstDzLweCWAFEofgfmSJ1oO2+humVwVQXSA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7383707973918818755"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 17ms
14ms Image
text/plain 157.240.7.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3649606338441281&ev=ScrollDepth_25_percent&dl=https%3A%2F%2Focsenmoi01.beco.vn%2F&rl=&if=false&ts=1719153480325&sw=1600&sh=1200&v=2.9.158&r=stable&ec=2&o=4126&fbp=fb.1.1719153480043.419318882208505039&ler=empty&cdl=API_unavailable&it=1719153479556&coo=false&rqm=GET

Requested by

Host: ocsenmoi01.beco.vn
URL: https://ocsenmoi01.beco.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.7.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ocsenmoi01.beco.vn/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=23, mss=1232, tbw=5176, tp=18, tpl=0, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 23 Jun 2024 14:38:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
195 B 301ms
299ms Image
image/png 157.240.7.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=3649606338441281&ev=ScrollDepth_25_percent&dl=https%3A%2F%2Focsenmoi01.beco.vn%2F&rl=&if=false&ts=1719153480325&sw=1600&sh=1200&v=2.9.158&r=stable&ec=2&o=4126&fbp=fb.1.1719153480043.419318882208505039&ler=empty&cdl=API_unavailable&it=1719153479556&coo=false&rqm=FGET

Requested by

Host: ocsenmoi01.beco.vn
URL: https://ocsenmoi01.beco.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.7.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-sin6.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ocsenmoi01.beco.vn/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x9ae8bdbad2b7ed8a","source_keys":["1","2"]},{"key_piece":"0x89aadecb173576d5","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sun, 23 Jun 2024 14:38:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7383707974490523793", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=28, mss=1232, tbw=10591, tp=30, tpl=0, uplat=287, ullat=0
pragma: no-cache
x-fb-debug: fJ3QYLuHz9vWE6SAHtlAPR0tXAeV0kEpU7xTAbKNlksEqqROyxRBVKkI5uzL85YMZvqWKkuuC12lknBP1NF9uA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7383707974490523793"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 16ms
15ms Image
text/plain 157.240.7.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2555368574787341&ev=ScrollDepth_25_percent&dl=https%3A%2F%2Focsenmoi01.beco.vn%2F&rl=&if=false&ts=1719153480326&sw=1600&sh=1200&v=2.9.158&r=stable&ec=1&o=4124&fbp=fb.1.1719153480043.419318882208505039&ler=empty&cdl=API_unavailable&it=1719153479556&coo=false&rqm=GET

Requested by

Host: ocsenmoi01.beco.vn
URL: https://ocsenmoi01.beco.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.7.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ocsenmoi01.beco.vn/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=23, mss=1232, tbw=5336, tp=20, tpl=0, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 23 Jun 2024 14:38:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
195 B 234ms
232ms Image
image/png 157.240.7.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2555368574787341&ev=ScrollDepth_25_percent&dl=https%3A%2F%2Focsenmoi01.beco.vn%2F&rl=&if=false&ts=1719153480326&sw=1600&sh=1200&v=2.9.158&r=stable&ec=1&o=4124&fbp=fb.1.1719153480043.419318882208505039&ler=empty&cdl=API_unavailable&it=1719153479556&coo=false&rqm=FGET

Requested by

Host: ocsenmoi01.beco.vn
URL: https://ocsenmoi01.beco.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.7.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-sin6.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ocsenmoi01.beco.vn/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x181353e1613ef75b","source_keys":["1","2"]},{"key_piece":"0x1a6357726903c231","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sun, 23 Jun 2024 14:38:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7383707974666323682", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=24, mss=1232, tbw=9263, tp=27, tpl=0, uplat=221, ullat=0
pragma: no-cache
x-fb-debug: eeqLE9ghujmiydrr5IjUxEteP8TkwMZDk33tMHkZ+chdZaPHDZO79rr4JNHURtGJ2FKN6izntJ+aXBL8lHtu3Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7383707974666323682"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

goodal_1461894963-1551842106.png
w.ladicdn.com/59cba0db2b138379b150bf7a/
Redirect Chain

https://static.ladipage.net/59cba0db2b138379b150bf7a/goodal_1461894963-1551842106.png
https://w.ladicdn.com/59cba0db2b138379b150bf7a/goodal_1461894963-1551842106.png

15 KB
15 KB

140ms
140ms

Other
image/png

2600:9000:223b:2e00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/59cba0db2b138379b150bf7a/goodal_1461894963-1551842106.png
Protocol: H2
Server: 2600:9000:223b:2e00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 72779a5bfedd53105e0913c274d5db450b982c1e2114867414dcd8f94a622a44

Request headers

Accept-Language: en-SG,en;q=0.9;q=0.9
Referer: https://ocsenmoi01.beco.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 23 Jun 2024 14:38:02 GMT
content-encoding: gzip
via: 1.1 9f7a987f61c1e9f7d25cd5462f22a14a.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P2
x-cache: Miss from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: B3ixe5M5Jv2xIlI5A4gNkGP0eCqbTS3yxLtMS4JXAQqZSKPklMn9eg==
expires: Mon, 23 Jun 2025 14:38:02 GMT

Redirect headers

location: https://w.ladicdn.com:443/59cba0db2b138379b150bf7a/goodal_1461894963-1551842106.png
date: Sun, 23 Jun 2024 14:38:02 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.bytedance.com
URL: https://static.bytedance.com/pixel/sdk.js?sdkid=BO4DQGPELNR8ES2900U0

Domain: www.facebook.com
URL: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D3649606338441281%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Focsenmoi01.beco.vn%252F%26rl%26if%3Dfalse%26ts%3D1719153480045%26sw%3D1600%26sh%3D1200%26v%3D2.9.158%26r%3Dstable%26ec%3D0%26o%3D4126%26fbp%3Dfb.1.1719153480043.419318882208505039%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1719153479556%26coo%3Dfalse%26rqm%3DFGET

Domain: www.facebook.com
URL: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D3649606338441281%26ev%3DViewContent%26dl%3Dhttps%253A%252F%252Focsenmoi01.beco.vn%252F%26rl%26if%3Dfalse%26ts%3D1719153480046%26sw%3D1600%26sh%3D1200%26v%3D2.9.158%26r%3Dstable%26ec%3D1%26o%3D4126%26fbp%3Dfb.1.1719153480043.419318882208505039%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1719153479556%26coo%3Dfalse%26rqm%3DFGET

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ocsenmoi01.beco.vn/	1970-01-21 07:08:33	Name: LADI_DNS_CHECK Value: "2024-06-23 14:37:59.084468712 +0000 UTC m=+737439.462027135"
ocsenmoi01.beco.vn/	1970-01-21 07:08:33	Name: LADI_CLIENT_ID Value: a3a78baa-d5b0-42db-4fc8-a33ec9d86632
ocsenmoi01.beco.vn/	1970-01-21 07:08:33	Name: LADI_FORM_SUBMIT Value: 0
ocsenmoi01.beco.vn/	1970-01-21 07:08:33	Name: LADI_PAGE_VIEW Value: 1
ocsenmoi01.beco.vn/	1970-01-20 21:33:59	Name: _timenow Value: 1719153479366
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: hkRftDn00hA
.youtube.com/	1970-01-21 01:51:45	Name: VISITOR_INFO1_LIVE Value: 5dE-Bb0G1tM
.youtube.com/	1970-01-21 01:51:45	Name: VISITOR_PRIVACY_METADATA Value: CgJTRxIEGgAgGA%3D%3D
.beco.vn/	1970-01-20 23:42:09	Name: _gcl_au Value: 1.1.839915945.1719153480
.doubleclick.net/	1970-01-20 21:32:34	Name: test_cookie Value: CheckForPermission
.beco.vn/	1970-01-20 23:42:09	Name: _fbp Value: fb.1.1719153480043.419318882208505039

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://static.bytedance.com/pixel/sdk.js?sdkid=BO4DQGPELNR8ES2900U0 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://img.youtube.com/vi/0bEQ8XN1ijg/hqdefault.jpg Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://www.youtube.com/s/player/84314bef/www-widgetapi.vflset/www-widgetapi.js(Line 138) Message: Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ladipage.com
connect.facebook.net
docs.google.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
img.youtube.com
ocsenmoi01.beco.vn
static.bytedance.com
static.ladipage.net
w.ladicdn.com
www.facebook.com
www.google.com
www.google.com.sg
www.googletagmanager.com
www.youtube.com
static.bytedance.com
www.facebook.com
13.228.81.39
157.240.7.26
157.240.7.35
18.140.111.49
2404:6800:4003:c01::61
2404:6800:4003:c01::64
2404:6800:4003:c04::5e
2404:6800:4003:c06::64
2404:6800:4003:c11::5d
2404:6800:4003:c1a::5e
2404:6800:4003:c1a::5f
2600:9000:223b:2e00:11:52e1:b680:93a1
2a03:2880:f00c:19:face:b00c:0:3
2a03:2880:f10c:83:face:b00c:0:25de
54.254.52.7
74.125.68.147
74.125.68.155
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
0e8766356e7b8f563df27d4e7928077709065f892850c9089cb42d922530fc7f
14e40ac198124381a5e0985e32db9025010af246089e3a9aa1e7b6d72a2da3f9
170a0ed571f154ae7b333f3a5955707953ee9a0121b8331593321d27413a8b95
20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711
26dc91be43919872e42011b880765da195e6ecd0513e52a301af8053034f49ec
276f0c6a3be6e6b643aedf2288a78cb60ccca2c6022d42b4f1c4bee8c6fe631b
35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406
36bb31f75381db498d5d21a3483ab2988d45d09c8a36e58401a4290605883137
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9
5c248a509f1aafd9c718b1b6e6d933e6c9ebd9451c60a249052eb83755fc9f60
5cb09f65b5e903aec3cb6fa8da0771d35e871475c714f5ad3acf2e8ac657d62c
6adcb027cf318eaf3981bc17c449deacb610690db5b3fdd131ac2b77fdc73280
72779a5bfedd53105e0913c274d5db450b982c1e2114867414dcd8f94a622a44
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
854bede5db9b251ab4165239c434f68488781fb31e0d8dcbdb24737d125c7ab7
856bf4a606af80be6513d6a49763050dfa580e7ddd338b5d94d9d323f18c3184
936fc8052f653309352caafd509016fe40dee08cef95ee693462ebd1c9173dfe
a4e88216e4b2485d3a1d2a86a9ff63d2bdb82c739587057e1477d7b12235bd84
a7641aa821af19906f7b83ce72de741db3884614472a455dc82f8e0dd2355d60
a7f44060ea415adae065aef20f880a43f0491cdc4363f9007d1b8ac2e13744a6
a9a72654f03de616b6fd58b742dff09a02588726c80f6a1fca5809365b591930
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
c950f9d8711acbcb718c05c7d12d9297acfd418b228382d45c92c36deab49b12
cb54962d1330cc06c0feffbb12125c1771306e59dc67a2a8068ac5357c0d83fd
cdf280f70a1b4ee57e3451e5aecb0d56269e5feec54513bed76598df05acabdf
de5c6e6cadf59bc0cf86bbd0bda44cb5aec80b6d8e1e64ef2b5280ba7fe64fbb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b

ocsenmoi01.beco.vn Open in urlscan Pro 13.228.81.39 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

46 Requests

89 %HTTPS

59 %IPv6

14 Domains

16 Subdomains

17 IPs

2 Countries

1248 kBTransfer

2550 kBSize

11 Cookies

0 Outgoing links

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ocsenmoi01.beco.vn Open in urlscan Pro
13.228.81.39 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

89 %
HTTPS

59 %
IPv6

14
Domains

16
Subdomains

17
IPs

2
Countries

1248 kB
Transfer

2550 kB
Size

11
Cookies

46 HTTP transactions
3 data transactions