gai1.buomngon.net Open in urlscan Pro
37.59.29.134 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gai1.buomngon.net/
Submission: On March 27 via api (March 27th 2024, 2:54:29 pm UTC) from US — Scanned from US

Summary HTTP 66 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 9 domains to perform 66 HTTP transactions. The main IP is 37.59.29.134, located in France and belongs to OVH, FR. The main domain is gai1.buomngon.net.
TLS certificate: Issued by R3 on March 25th 2024. Valid for: 3 months.

This is the only time gai1.buomngon.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	37.59.29.134 37.59.29.134	16276 (OVH) (OVH)
1	2607:f8b0:400... 2607:f8b0:4004:c08::61	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
18	2600:9000:269... 2600:9000:269f:4a00:11:52e1:b680:93a1	16509 (AMAZON-02) (AMAZON-02)
17	2600:9000:215... 2600:9000:215f:fc00:1e:4a65:6f00:93a1	16509 (AMAZON-02) (AMAZON-02)
4	8.217.8.99 8.217.8.99	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
12	2607:f8b0:400... 2607:f8b0:4004:c1d::5e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1d::64	15169 (GOOGLE) (GOOGLE)
2	3.1.181.19 3.1.181.19	16509 (AMAZON-02) (AMAZON-02)
1 1	52.77.175.241 52.77.175.241	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:20a... 2600:9000:20aa:e000:f:6577:d340:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:269... 2600:9000:269f:7c00:16:41f9:b9c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:215... 2600:9000:215f:3c00:16:9386:7d40:93a1	() ()
66	13

1 37.59.29.134 (France)

ASN16276 (OVH, FR)
PTR: ns31623955.ip-37-59-29.eu

gai1.buomngon.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2600:9000:269f:4a00:11:52e1:b680:93a1 (United States)

ASN16509 (AMAZON-02, US)

w.ladicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2600:9000:215f:fc00:1e:4a65:6f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.salesmartly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 8.217.8.99 (Hong Kong, Hong Kong)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

8.217.8.99	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4004:c1d::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1d::64 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.1.181.19 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-181-19.ap-southeast-1.compute.amazonaws.com

a.ladipage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.77.175.241 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-175-241.ap-southeast-1.compute.amazonaws.com

static.ladipage.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20aa:e000:f:6577:d340:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.salesmartly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:269f:7c00:16:41f9:b9c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

srz.salesmartly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:215f:3c00:16:9386:7d40:93a1 (None, )

ASN- ()

msg.salesmartly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	salesmartly.com assets.salesmartly.com — Cisco Umbrella Rank: 144396 api.salesmartly.com — Cisco Umbrella Rank: 137754 srz.salesmartly.com — Cisco Umbrella Rank: 150332 msg.salesmartly.com	524 KB
18	ladicdn.com w.ladicdn.com — Cisco Umbrella Rank: 85508	5 MB
12	gstatic.com fonts.gstatic.com	191 KB
2	ladipage.com a.ladipage.com — Cisco Umbrella Rank: 97022	651 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	300 B
1	ladipage.net 1 redirects static.ladipage.net — Cisco Umbrella Rank: 175699	128 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	100 KB
1	buomngon.net gai1.buomngon.net	31 KB
66	9

	Domain	Requested by
18	w.ladicdn.com	gai1.buomngon.net w.ladicdn.com
17	assets.salesmartly.com	gai1.buomngon.net assets.salesmartly.com
12	fonts.gstatic.com	fonts.googleapis.com
3	api.salesmartly.com	assets.salesmartly.com
2	msg.salesmartly.com	assets.salesmartly.com
2	a.ladipage.com	w.ladicdn.com
2	www.google-analytics.com	www.googletagmanager.com
1	srz.salesmartly.com	assets.salesmartly.com
1	static.ladipage.net	1 redirects
1	fonts.googleapis.com	gai1.buomngon.net
1	www.googletagmanager.com	gai1.buomngon.net
1	gai1.buomngon.net
66	12

This site contains links to these domains. Also see Links.

Domain
roses.bio

Subject Issuer	Validity	Valid
buomngon.net R3	`2024-03-25` - `2024-06-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
w.ladicdn.com Amazon RSA 2048 M02	`2023-10-12` - `2024-11-10`	a year	crt.sh
*.salesmartly.com Amazon RSA 2048 M02	`2023-06-20` - `2024-07-19`	a year	crt.sh
8.217.8.99 ZeroSSL ECC Domain Secure Site CA	`2024-01-22` - `2024-04-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
a.ladipage.com Amazon RSA 2048 M02	`2023-05-18` - `2024-06-15`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://gai1.buomngon.net/
Frame ID: 905DD3AB0D1D7E3D9F950E86B1B78E04
Requests: 43 HTTP requests in this frame

Frame: https://assets.salesmartly.com/chat/widget/code/css/chunk-common.4a8deadd.css
Frame ID: 8DC23E75D9FBD9B3A82108112F3C6526
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Phố Đèn Đỏ - Nơi Tận Hưởng Thăng Hoa - Tải Ứng Dụng Phố Đèn Đỏ

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

66
Requests

95 %
HTTPS

69 %
IPv6

9
Domains

12
Subdomains

13
IPs

4
Countries

6026 kB
Transfer

7175 kB
Size

6
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://roses.bio/phodendo1
Title: THAM GIA NGAY

Search URL Search Domain Scan URL

URL: https://roses.bio/appviet
Title: TẢI APP BOOK GÁI

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://static.ladipage.net/652e3b5439ceaa00128d71ee/pho-den-do-png-20240201105220-01_fl.png HTTP 301
https://w.ladicdn.com/652e3b5439ceaa00128d71ee/pho-den-do-png-20240201105220-01_fl.png

66 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
gai1.buomngon.net/ 135 KB
31 KB 616ms
297ms Document
text/html 37.59.29.134
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://gai1.buomngon.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.59.29.134 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31623955.ip-37-59-29.eu

Software

nginx /

Resource Hash

f6488082a80930c30f3b7cb4780ee1e10253bb47d65395f32bc773d3664ad8c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 27 Mar 2024 14:54:20 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 297 KB
100 KB 208ms
94ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QYVZQGYYF5

Requested by

Host: gai1.buomngon.net
URL: https://gai1.buomngon.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3b754bc0875166679eb7296c332b52d61eb0a0597481d66311c2abd60458c547

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gai1.buomngon.net/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 14:54:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101662
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 27 Mar 2024 14:54:21 GMT

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
1 KB 187ms
73ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Roboto+Slab:wght@400;700&family=Bahianita&display=swap

Requested by

Host: gai1.buomngon.net
URL: https://gai1.buomngon.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

861aa312a60f164de88163f47c184b6df0788b9880e783ecf38c5ea17c3553bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gai1.buomngon.net/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 27 Mar 2024 14:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 27 Mar 2024 14:54:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Mar 2024 14:54:21 GMT

GET
H2 200 ladipagev3.min.js Show response
w.ladicdn.com/v2/source/ 392 KB
93 KB 256ms
83ms Script
text/javascript 2600:9000:269f:4a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/v2/source/ladipagev3.min.js?v=1706761094034
Requested by: Host: gai1.buomngon.net
URL: https://gai1.buomngon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:269f:4a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: eb5d7f393011313b934b3b276aa97ea11b1c8e4c0b29320bd99348ff88aba927

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gai1.buomngon.net/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 09:47:13 GMT
content-encoding: gzip
via: 1.1 127983382a3a7d81ffa0cd46d6dbb2f0.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P1
age: 18427
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: Umda6rP5ZPDIzzv0iroufayvKGuScEaCoCZNZZZ_DxW69L74MilPsA==
expires: Thu, 27 Mar 2025 09:47:13 GMT

GET
H2 200 project_16168_40025_1705988006.js Show response
assets.salesmartly.com/js/ 670 B
1 KB 258ms
69ms Script
application/javascript 2600:9000:215f:fc00:1e:4a65:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.salesmartly.com/js/project_16168_40025_1705988006.js
Requested by: Host: gai1.buomngon.net
URL: https://gai1.buomngon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:fc00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AliyunOSS /
Resource Hash: e3758063ebd96b6bc0d6de3786738c6d174eaa9b8bb94441dc88fd457e639b2c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gai1.buomngon.net/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 04:10:24 GMT
via: 1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
x-oss-request-id: 6600ED6043F9F83034BFA1D5
content-md5: +aPCyC9O1xf/JMQbU8S7Ng==
x-amz-cf-pop: YUL62-C2
age: 41110
x-cache: Hit from cloudfront
content-length: 670
x-oss-object-type: Normal
last-modified: Tue, 23 Jan 2024 05:33:26 GMT
server: AliyunOSS
etag: "F9A3C2C82F4ED717FF24C41B53C4BB36"
vary: Accept-Encoding
content-type: application/javascript
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 5672097194865417508
x-amz-cf-id: bVxhcuaiws3oZ9S2eEJoZJnM4hmTTaY9aKV23CY6jS0ySWsi6ynNyA==
x-oss-server-time: 10

OPTIONS
H2 204 instatll
8.217.8.99/ Frame 0
0 1048ms
239ms Preflight 8.217.8.99
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://8.217.8.99/instatll?tag=Tdm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.217.8.99 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: cloudfront /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://gai1.buomngon.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET,OPTIONS,POST,PUT
access-control-allow-origin: *
date: Wed, 27 Mar 2024 14:54:21 GMT
server: cloudfront

OPTIONS
H2 204 instatll
8.217.8.99/ Frame 0
0 1041ms
241ms Preflight 8.217.8.99
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://8.217.8.99/instatll?tag=Tdm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.217.8.99 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: cloudfront /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://gai1.buomngon.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET,OPTIONS,POST,PUT
access-control-allow-origin: *
date: Wed, 27 Mar 2024 14:54:21 GMT
server: cloudfront

POST
H2 200 instatll Show response
8.217.8.99/ 11 B
177 B 251ms
248ms XHR
text/plain 8.217.8.99
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://8.217.8.99/instatll?tag=Tdm
Requested by: Host: gai1.buomngon.net
URL: https://gai1.buomngon.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.217.8.99 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: cloudfront /
Resource Hash: 3b7c46ab3a12e6161756f55f8e7d39a87d2b9718e6d0f8abe0b97a87994f4b49

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://gai1.buomngon.net/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 27 Mar 2024 14:54:22 GMT
server: cloudfront
access-control-allow-headers: *
access-control-allow-methods: GET,OPTIONS,POST,PUT
content-type: text/plain; charset=utf-8

POST
H2 200 instatll Show response
8.217.8.99/ 11 B
177 B 243ms
241ms XHR
text/plain 8.217.8.99
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://8.217.8.99/instatll?tag=Tdm
Requested by: Host: gai1.buomngon.net
URL: https://gai1.buomngon.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.217.8.99 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: cloudfront /
Resource Hash: 3b7c46ab3a12e6161756f55f8e7d39a87d2b9718e6d0f8abe0b97a87994f4b49

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://gai1.buomngon.net/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 27 Mar 2024 14:54:22 GMT
server: cloudfront
access-control-allow-headers: *
access-control-allow-methods: GET,OPTIONS,POST,PUT
content-type: text/plain; charset=utf-8

GET
DATA 200
OK truncated
/ 291 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 51a5088fa8f78123b49b71794f7c273d1151bdd66d4713899ece26eabb5bcab3

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 bgdongtrunghathao-20200813044642.png
w.ladicdn.com/s1440x563/5c7362c6c417ab07e5196b05/ 1 MB
1 MB 251ms
217ms Image
image/png 2600:9000:269f:4a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s1440x563/5c7362c6c417ab07e5196b05/bgdongtrunghathao-20200813044642.png
Requested by: Host: gai1.buomngon.net
URL: https://gai1.buomngon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:269f:4a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7be39ab700ff5e6d7e21ad126b8b09354f3022dc993af0de30768cc97ecbdf28

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gai1.buomngon.net/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 01 Mar 2024 07:33:52 GMT
content-encoding: gzip
via: 1.1 127983382a3a7d81ffa0cd46d6dbb2f0.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P1
age: 2272829
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: 40CSO3fzvi1j3dRphACYS-OtAQr3Wae6aQYWQNjHBO4RWnU5SWvMRw==
expires: Sat, 01 Mar 2025 07:33:51 GMT

GET
H2 200 asset-2-20200813042417.png
w.ladicdn.com/s850x350/5c7362c6c417ab07e5196b05/ 3 KB
3 KB 449ms
417ms Image
image/png 2600:9000:269f:4a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s850x350/5c7362c6c417ab07e5196b05/asset-2-20200813042417.png
Requested by: Host: gai1.buomngon.net
URL: https://gai1.buomngon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:269f:4a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1c0c7e48b0f3f0b8186227dac0053049b9d99438bafa752e7b815dd42168c309

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gai1.buomngon.net/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Jan 2024 12:37:57 GMT
content-encoding: gzip
via: 1.1 127983382a3a7d81ffa0cd46d6dbb2f0.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P1
age: 6833784
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: PrQJe0ZM_o6jSgFLMsqEACYw42wZsXYCkl9V44Er_R6W2-g4-OnqOA==
expires: Tue, 07 Jan 2025 12:37:57 GMT

GET
H2 200 group-17-20240131141751-fvzfe.png
w.ladicdn.com/s550x550/652e3b5439ceaa00128d71ee/ 188 KB
189 KB 407ms
375ms Image
image/png 2600:9000:269f:4a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s550x550/652e3b5439ceaa00128d71ee/group-17-20240131141751-fvzfe.png
Requested by: Host: gai1.buomngon.net
URL: https://gai1.buomngon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:269f:4a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: fc6b6e8661af24078ad314b0fda625c73cb874e4a62540ef665e9578a1d1c152

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gai1.buomngon.net/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 01 Feb 2024 16:15:17 GMT
content-encoding: gzip
via: 1.1 127983382a3a7d81ffa0cd46d6dbb2f0.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P1
age: 4747144
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: PupYg83vXX9HpwuunE9agtBWaQV4AGoVy1ShLyN1oFluxwgcCyAnAg==
expires: Fri, 31 Jan 2025 16:15:17 GMT

GET
H2 200 pho-den-do-20240131141824--j_ot.png
w.ladicdn.com/s750x400/652e3b5439ceaa00128d71ee/ 52 KB
52 KB 320ms
288ms Image
image/png 2600:9000:269f:4a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s750x400/652e3b5439ceaa00128d71ee/pho-den-do-20240131141824--j_ot.png
Requested by: Host: gai1.buomngon.net
URL: https://gai1.buomngon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:269f:4a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7aefd401bf58d87630ec0b6f555fa046776d852a58dc1fc278c962d05fae845e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gai1.buomngon.net/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 01 Feb 2024 16:15:18 GMT
content-encoding: gzip
via: 1.1 127983382a3a7d81ffa0cd46d6dbb2f0.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P1
age: 4747142
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: MXGbMS0Y23Oz7c-Llkg4r74Y0yx2cbfH5eZifVli-yhb8HasFOeMkg==
expires: Fri, 31 Jan 2025 16:15:18 GMT

GET
H2 200 1212-20240201075358-0k01e.png
w.ladicdn.com/s600x450/652e3b5439ceaa00128d71ee/ 105 KB
99 KB 450ms
419ms Image
image/png 2600:9000:269f:4a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s600x450/652e3b5439ceaa00128d71ee/1212-20240201075358-0k01e.png
Requested by: Host: gai1.buomngon.net
URL: https://gai1.buomngon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:269f:4a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2d80bb67fd4154d2ce672bf90c007d9f916da57d919b09ca437121044820fee2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gai1.buomngon.net/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 01 Mar 2024 07:33:52 GMT
content-encoding: gzip
via: 1.1 127983382a3a7d81ffa0cd46d6dbb2f0.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P1
age: 2272829
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: 6fAEMHgE0d0Weu3dtv6inP6sy-m6bKWPKSiXzoBxK7LKtGDvOrNuEA==
expires: Sat, 01 Mar 2025 07:33:52 GMT

GET
H2 200 untitled-1-20200814084236.png
w.ladicdn.com/s1440x904/5c7362c6c417ab07e5196b05/ 3 MB
3 MB 431ms
430ms Image
image/png 2600:9000:269f:4a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s1440x904/5c7362c6c417ab07e5196b05/untitled-1-20200814084236.png
Requested by: Host: gai1.buomngon.net
URL: https://gai1.buomngon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:269f:4a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 75f15724e4dbd33aafe3b8469a9375299bc0e01f2bc69e35ffb9832ff735f6b8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gai1.buomngon.net/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Mar 2024 20:38:18 GMT
content-encoding: gzip
via: 1.1 127983382a3a7d81ffa0cd46d6dbb2f0.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P1
age: 1188962
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: f5TO1HisEJzrfguL7YoIYPW5AoyvZ-YJPC4Wj017eN0aVenS09RCUg==
expires: Thu, 13 Mar 2025 20:38:18 GMT

GET
H2 200 cloud2-20200813093713.png
w.ladicdn.com/s650x500/5c7362c6c417ab07e5196b05/ 48 KB
47 KB 431ms
429ms Image
image/png 2600:9000:269f:4a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s650x500/5c7362c6c417ab07e5196b05/cloud2-20200813093713.png
Requested by: Host: gai1.buomngon.net
URL: https://gai1.buomngon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:269f:4a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ff59645483458da6802d99d0410b57227d78a58ce752a56e360c1b7680a10977

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gai1.buomngon.net/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 01 Feb 2024 16:15:18 GMT
content-encoding: gzip
via: 1.1 127983382a3a7d81ffa0cd46d6dbb2f0.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P1
age: 4747143
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: AbMnH5X4nyNvwy5rnG4qH9d5P8_YXm3POvCQgnxGBYGt0gXcZC0dXg==
expires: Fri, 31 Jan 2025 16:15:18 GMT

GET
H2 200 cloud2-20200813093713.png
w.ladicdn.com/s850x650/5c7362c6c417ab07e5196b05/ 48 KB
47 KB 431ms
430ms Image
image/png 2600:9000:269f:4a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s850x650/5c7362c6c417ab07e5196b05/cloud2-20200813093713.png
Requested by: Host: gai1.buomngon.net
URL: https://gai1.buomngon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:269f:4a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ff59645483458da6802d99d0410b57227d78a58ce752a56e360c1b7680a10977

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gai1.buomngon.net/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 01 Feb 2024 16:15:18 GMT
content-encoding: gzip
via: 1.1 127983382a3a7d81ffa0cd46d6dbb2f0.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P1
age: 4747143
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: dHNh9rT9pTLerR6huTB7bCzr9JQkj3cQlKmW1ritvQ2lzQA66PCfvw==
expires: Fri, 31 Jan 2025 16:15:18 GMT

GET
H2 200 asset-3-20200813095053.svg
w.ladicdn.com/5c7362c6c417ab07e5196b05/ 488 B
790 B 432ms
431ms Image
image/svg+xml 2600:9000:269f:4a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/5c7362c6c417ab07e5196b05/asset-3-20200813095053.svg
Requested by: Host: gai1.buomngon.net
URL: https://gai1.buomngon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:269f:4a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f266259c1214f89a3353dd1e13048eada1f7ce0a187e86b270d0aecb559d3d9c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gai1.buomngon.net/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 16 Oct 2023 01:50:07 GMT
content-encoding: gzip
via: 1.1 127983382a3a7d81ffa0cd46d6dbb2f0.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P1
age: 14130253
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: oBojJSZTmxuraaqtO882tI7PAJjvUu0euR-p60flMOmVZSwO8Elp8A==
expires: Tue, 15 Oct 2024 01:50:07 GMT

GET
H2 200 photo_2023-12-25_15-15-58-20231225081607-t9wxh.jpg
w.ladicdn.com/s550x650/652e3b5439ceaa00128d71ee/ 50 KB
51 KB 432ms
431ms Image
image/jpeg 2600:9000:269f:4a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s550x650/652e3b5439ceaa00128d71ee/photo_2023-12-25_15-15-58-20231225081607-t9wxh.jpg
Requested by: Host: gai1.buomngon.net
URL: https://gai1.buomngon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:269f:4a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 98c47fe999beca02ffcbc0fb76858e8136bc2b5f9ab73ca0bd94759b5b1eeb65

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gai1.buomngon.net/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 21 Feb 2024 06:53:31 GMT
content-encoding: gzip
via: 1.1 127983382a3a7d81ffa0cd46d6dbb2f0.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P1
age: 3052849
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: red7c-JnsySYi5SdxhYyPhjRYh4ooiWp6XcsfyDFh13MNj4MVRLAMA==
expires: Thu, 20 Feb 2025 06:53:31 GMT

GET
H2 200 photo_1_2023-09-11_16-27-23-20240201070733-nomxf.jpg
w.ladicdn.com/s650x750/652e3b5439ceaa00128d71ee/ 71 KB
72 KB 432ms
432ms Image
image/jpeg 2600:9000:269f:4a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s650x750/652e3b5439ceaa00128d71ee/photo_1_2023-09-11_16-27-23-20240201070733-nomxf.jpg
Requested by: Host: gai1.buomngon.net
URL: https://gai1.buomngon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:269f:4a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 82645173066592521bc79142ddec7bddae62553ac5a0e4d42ebf36dbb9c20c75

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gai1.buomngon.net/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 01 Feb 2024 16:15:17 GMT
content-encoding: gzip
via: 1.1 127983382a3a7d81ffa0cd46d6dbb2f0.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P1
age: 4747144
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: HGMPOwpoUc457mX2oiXxPRRCMOlvw2sVLx08pWfJS6enQNGDc2uZCA==
expires: Fri, 31 Jan 2025 16:15:17 GMT

GET
H2 200 70d05313-611d-47ec-af06-b466d4191608-20240201044800-feghz.jpg
w.ladicdn.com/s600x650/652e3b5439ceaa00128d71ee/ 73 KB
73 KB 433ms
432ms Image
image/jpeg 2600:9000:269f:4a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s600x650/652e3b5439ceaa00128d71ee/70d05313-611d-47ec-af06-b466d4191608-20240201044800-feghz.jpg
Requested by: Host: gai1.buomngon.net
URL: https://gai1.buomngon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:269f:4a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7e38067199aa2e285d60f9f847f05f753853b518915aa86ca9f8fc976ac6d9a1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gai1.buomngon.net/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 21 Feb 2024 14:57:55 GMT
content-encoding: gzip
via: 1.1 127983382a3a7d81ffa0cd46d6dbb2f0.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P1
age: 3023786
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: 8A7bt_eW6z6WivXkKJS85n5UcSF1chtrsDWHDk1if6N6wxud5JtwIQ==
expires: Thu, 20 Feb 2025 14:57:55 GMT

GET
H2 200 photo_1_2023-09-11_16-27-49-20240201070736-6iz_h.jpg
w.ladicdn.com/s600x850/652e3b5439ceaa00128d71ee/ 75 KB
76 KB 433ms
432ms Image
image/jpeg 2600:9000:269f:4a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s600x850/652e3b5439ceaa00128d71ee/photo_1_2023-09-11_16-27-49-20240201070736-6iz_h.jpg
Requested by: Host: gai1.buomngon.net
URL: https://gai1.buomngon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:269f:4a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: cebe4bb5fe7fb3faa21715693c5a80d7e1a97c1cc6f413c4f9363e73fe783abb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gai1.buomngon.net/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 24 Feb 2024 07:24:48 GMT
content-encoding: gzip
via: 1.1 127983382a3a7d81ffa0cd46d6dbb2f0.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P1
age: 2791773
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: J4YfkydhmONY-PYnoq4TR4mpAzHSZIRJvqfGdjQCzlIeNH5aqRyjPw==
expires: Sun, 23 Feb 2025 07:24:48 GMT

GET
H2 200 264127346_4581012028685428_4456778745546572181_n-20240201071047-deupp.jpg
w.ladicdn.com/s600x700/652e3b5439ceaa00128d71ee/ 68 KB
69 KB 433ms
433ms Image
image/jpeg 2600:9000:269f:4a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s600x700/652e3b5439ceaa00128d71ee/264127346_4581012028685428_4456778745546572181_n-20240201071047-deupp.jpg
Requested by: Host: gai1.buomngon.net
URL: https://gai1.buomngon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:269f:4a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 0499ad780f6cfadffdd2ace04dc0a0a23ca278f34f09127108278464ae19f1c5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gai1.buomngon.net/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 01 Feb 2024 16:15:47 GMT
content-encoding: gzip
via: 1.1 127983382a3a7d81ffa0cd46d6dbb2f0.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P1
age: 4747113
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: iYSKl_oyitsH2e05RK6jyxMcLiLX-wwcssV_pc-IC8S6hW8G0wXZKw==
expires: Fri, 31 Jan 2025 16:15:47 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 261ms
113ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Roboto+Slab:wght@400;700&family=Bahianita&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://gai1.buomngon.net
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 06:53:24 GMT
x-content-type-options: nosniff
age: 28857
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Mar 2025 06:53:24 GMT

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v34/ 34 KB
34 KB 198ms
50ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Roboto+Slab:wght@400;700&family=Bahianita&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://gai1.buomngon.net
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 07:51:53 GMT
x-content-type-options: nosniff
age: 25348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34328
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 01:54:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Mar 2025 07:51:53 GMT

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufD5qW54A.woff2
fonts.gstatic.com/s/robotoslab/v34/ 20 KB
20 KB 286ms
141ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufD5qW54A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Roboto+Slab:wght@400;700&family=Bahianita&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5c268299cdaa725aa32d248338b0e9beadc9808da1124720204bac9b215d018

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://gai1.buomngon.net
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 07:56:37 GMT
x-content-type-options: nosniff
age: 25064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20760
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 01:45:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Mar 2025 07:56:37 GMT

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufC5qW54A.woff2
fonts.gstatic.com/s/robotoslab/v34/ 10 KB
10 KB 277ms
132ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufC5qW54A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Roboto+Slab:wght@400;700&family=Bahianita&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c2a824cab9799116baa8f7a85c7ca062fd67d1ee7b9bc6338ef3bcdae31fc16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://gai1.buomngon.net
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 21 Mar 2024 18:35:21 GMT
x-content-type-options: nosniff
age: 505140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9872
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 02:24:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Mar 2025 18:35:21 GMT

GET
H2 200 yYLr0hTb3vuqqsBUgxWdwjHU.woff2
fonts.gstatic.com/s/bahianita/v21/ 24 KB
24 KB 303ms
165ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bahianita/v21/yYLr0hTb3vuqqsBUgxWdwjHU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Roboto+Slab:wght@400;700&family=Bahianita&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3dada0a3538ae11481b1b99af34aa0363075a707b29fe46343e6c33e4ef9dd21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://gai1.buomngon.net
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 21 Mar 2024 09:32:12 GMT
x-content-type-options: nosniff
age: 537729
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24352
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 17:22:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Mar 2025 09:32:12 GMT

GET
H2 200 yYLr0hTb3vuqqsBUgxWdzDHU6NI.woff2
fonts.gstatic.com/s/bahianita/v21/ 26 KB
26 KB 320ms
182ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bahianita/v21/yYLr0hTb3vuqqsBUgxWdzDHU6NI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Roboto+Slab:wght@400;700&family=Bahianita&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a3ff17640392df16f49b78253fe56426e815512477f3b6dd23b202630fcc27b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://gai1.buomngon.net
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 24 Mar 2024 04:05:04 GMT
x-content-type-options: nosniff
age: 298157
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26996
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 17:22:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 24 Mar 2025 04:05:04 GMT

GET
H2 200 yYLr0hTb3vuqqsBUgxWdzTHU6NI.woff2
fonts.gstatic.com/s/bahianita/v21/ 10 KB
11 KB 356ms
219ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bahianita/v21/yYLr0hTb3vuqqsBUgxWdzTHU6NI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Roboto+Slab:wght@400;700&family=Bahianita&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57925ffc4ac4d80312e0363831593fbb066873b9e1590c14d466deb1db245637

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://gai1.buomngon.net
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 23 Mar 2024 16:24:37 GMT
x-content-type-options: nosniff
age: 340184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10664
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 17:22:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Mar 2025 16:24:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 347ms
214ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Roboto+Slab:wght@400;700&family=Bahianita&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://gai1.buomngon.net
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 06:52:14 GMT
x-content-type-options: nosniff
age: 28927
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Mar 2025 06:52:14 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 5 KB
6 KB 353ms
222ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Roboto+Slab:wght@400;700&family=Bahianita&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://gai1.buomngon.net
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 23 Mar 2024 20:03:24 GMT
x-content-type-options: nosniff
age: 327057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5548
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Mar 2025 20:03:24 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 336ms
206ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Roboto+Slab:wght@400;700&family=Bahianita&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://gai1.buomngon.net
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 08:58:04 GMT
x-content-type-options: nosniff
age: 21377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11824
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Mar 2025 08:58:04 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 326ms
218ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Roboto+Slab:wght@400;700&family=Bahianita&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://gai1.buomngon.net
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 22 Mar 2024 22:16:42 GMT
x-content-type-options: nosniff
age: 405459
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Mar 2025 22:16:42 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 5 KB
6 KB 305ms
204ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Roboto+Slab:wght@400;700&family=Bahianita&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://gai1.buomngon.net
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 24 Mar 2024 20:17:45 GMT
x-content-type-options: nosniff
age: 239796
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5560
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 24 Mar 2025 20:17:45 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
246 B 225ms
67ms Ping
text/plain 2607:f8b0:4004:c1d::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-QYVZQGYYF5&gtm=45je43p0v9176090144za200&_p=1711551260911&gcd=13l3l3l3l1&npa=0&dma=0&cid=1870860288.1711551261&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1711551261&sct=1&seg=0&dl=https%3A%2F%2Fgai1.buomngon.net%2F&dt=Ph%E1%BB%91%20%C4%90%C3%A8n%20%C4%90%E1%BB%8F%20-%20N%C6%A1i%20T%E1%BA%ADn%20H%C6%B0%E1%BB%9Fng%20Th%C4%83ng%20Hoa%20-%20T%E1%BA%A3i%20%E1%BB%A8ng%20D%E1%BB%A5ng%20Ph%E1%BB%91%20%C4%90%C3%A8n%20%C4%90%E1%BB%8F&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1187
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QYVZQGYYF5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gai1.buomngon.net/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 27 Mar 2024 14:54:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gai1.buomngon.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 event
a.ladipage.com/ Frame 0
0 869ms
276ms Preflight
application/json 3.1.181.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a.ladipage.com/event

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.1.181.19 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-1-181-19.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,ladi_camp_form_submit,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_page_view
Access-Control-Request-Method: POST
Origin: https://gai1.buomngon.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 2592000
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 27 Mar 2024 14:54:22 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 ladipage.formdata.min.js Show response
w.ladicdn.com/v2/source/ 55 KB
15 KB 180ms
178ms Script
text/javascript 2600:9000:269f:4a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/v2/source/ladipage.formdata.min.js?v=1706761094034
Requested by: Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipagev3.min.js?v=1706761094034
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:269f:4a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ab77dbab9f51522acc5b96de0786caed339456626323bd1231f377781198b2c8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gai1.buomngon.net/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 09:47:15 GMT
content-encoding: gzip
via: 1.1 127983382a3a7d81ffa0cd46d6dbb2f0.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P1
age: 18425
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: IKDd2fNDtc_43zGSm73GviKFiPcz1Ph5AxMGSd1vx8NwoeZdT1d5XQ==
expires: Thu, 27 Mar 2025 09:47:15 GMT

GET
DATA 200
OK truncated
/ 385 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d43791134e2e13160c0f0ad2a1b60831798f279d51728750ab7a5e3adce156a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 event Show response
a.ladipage.com/ 125 B
651 B 292ms
292ms XHR
text/plain 3.1.181.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a.ladipage.com/event

Requested by

Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipagev3.min.js?v=1706761094034

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.1.181.19 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-1-181-19.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

e063566e797cac66b08f1781227f5ed7f4f3ecb2553f3b497c2a60ea1677ad17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
LADI_CLIENT_ID
LADI_CAMP_ORIGIN_URL
LADI_FORM_SUBMIT: 0
LADI_CAMP_ID
LADI_CAMP_FORM_SUBMIT: 0
accept-language: en-US,en;q=0.9
LADI_CAMP_TYPE
sec-ch-ua-platform: "Win32"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
LADI_CAMP_NAME
Content-Type: application/json
Referer: https://gai1.buomngon.net/
LADI_CAMP_TARGET_URL
LADI_CAMP_PAGE_VIEW: 0
LADI_PAGE_VIEW: 0

Response headers

date: Wed, 27 Mar 2024 14:54:22 GMT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
x-xss-protection: 0

GET
H2 200 install.js Show response
assets.salesmartly.com/chat/widget/code/ 18 KB
7 KB 76ms
75ms Script
application/javascript 2600:9000:215f:fc00:1e:4a65:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.salesmartly.com/chat/widget/code/install.js
Requested by: Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/js/project_16168_40025_1705988006.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:fc00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 4420149cf12d2176ce6c7f6a8c914a835e69445225d1831eca87485f44f2e304

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gai1.buomngon.net/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 14:48:12 GMT
content-encoding: gzip
via: 1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
x-oss-request-id: 66042CFC43F9F83136844120
content-md5: sLe80iFGBElB818KtVju8w==
x-amz-cf-pop: YUL62-C2
age: 369
x-cache: Hit from cloudfront
x-oss-object-type: Normal
last-modified: Wed, 27 Mar 2024 08:38:21 GMT
server: AliyunOSS
etag: "B0B7BCD22146044941F35F0AB558EEF3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=600
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 14170088604665390195
x-amz-cf-id: lMXrD1AhTzUzPxvcLmsfG68AS58TdR9UV3YFK3tTkR7RTppT6kFg5w==
x-oss-server-time: 5

GET
H2 200 chunk-common.4a8deadd.css
assets.salesmartly.com/chat/widget/code/css/ Frame 8DC2 3 KB
2 KB 79ms
73ms Stylesheet
text/css 2600:9000:215f:fc00:1e:4a65:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.salesmartly.com/chat/widget/code/css/chunk-common.4a8deadd.css
Requested by: Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/install.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:fc00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 287d0fff479c78312e352fb87181ad387ffd1e9854db9df31c1c1dd79644bc81

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 03:08:12 GMT
content-encoding: gzip
via: 1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
x-oss-request-id: 6600EA9CE702E23136BDE830
content-md5: bgqyeofbfIR/iuO40kb6Mw==
x-amz-cf-pop: YUL62-C2
age: 215169
x-cache: Hit from cloudfront
x-oss-object-type: Normal
last-modified: Mon, 18 Mar 2024 09:25:50 GMT
server: AliyunOSS
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=15552000
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 7907146063831177720
x-amz-cf-id: SWhJTfYyuAyIM53ylHiASFfDcieC0maZZmkIzk_OvKzZOO5pyfR2Ug==
x-oss-server-time: 46

GET
H2 200 plugin.3fc0e99c.css
assets.salesmartly.com/chat/widget/code/css/ Frame 8DC2 59 KB
12 KB 119ms
113ms Stylesheet
text/css 2600:9000:215f:fc00:1e:4a65:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.salesmartly.com/chat/widget/code/css/plugin.3fc0e99c.css
Requested by: Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/install.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:fc00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 12b37847362d8c35c07b0c3a135dff60e3507e866a4ee90e49922c1aa20c879c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 03:08:12 GMT
content-encoding: gzip
via: 1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
x-oss-request-id: 6600EA9C7859E432337B7832
content-md5: kUee8qqKG9181QPSCwCgIg==
x-amz-cf-pop: YUL62-C2
age: 215169
x-cache: Hit from cloudfront
x-oss-object-type: Normal
last-modified: Mon, 18 Mar 2024 09:25:50 GMT
server: AliyunOSS
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=15552000
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 2454226662703837493
x-amz-cf-id: 6TSJ2ES1HPQe12kl0hNlqtRljXnSl5NdkOZi0HfXkX4Xr5Etd9BxVw==
x-oss-server-time: 143

GET
H2 200 chunk-common.1269776e.js Show response
assets.salesmartly.com/chat/widget/code/js/ Frame 8DC2 18 KB
6 KB 178ms
172ms Script
application/javascript 2600:9000:215f:fc00:1e:4a65:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.salesmartly.com/chat/widget/code/js/chunk-common.1269776e.js
Requested by: Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/install.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:fc00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AliyunOSS /
Resource Hash: f44c21e8f5bf1ce4d09f55b47c9b0d3f3cff5453f21a08855f1b6651c10251f2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 08:48:12 GMT
content-encoding: gzip
via: 1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
x-oss-request-id: 6603DD4C81BDAB363097A8E2
content-md5: 2mJchFhz28LmuokZt6+TYA==
x-amz-cf-pop: YUL62-C2
age: 21969
x-cache: Hit from cloudfront
x-oss-object-type: Normal
last-modified: Wed, 27 Mar 2024 08:38:21 GMT
server: AliyunOSS
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=15552000
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 1916746420755109636
x-amz-cf-id: RhvcAkoctPOuOkiWmOneOli46vIv-9ONzfmmV1YepPbs68UJ7e8nBA==
x-oss-server-time: 30

GET
H2 200 chunk-vendors.0877c208.js Show response
assets.salesmartly.com/chat/widget/code/js/ Frame 8DC2 179 KB
62 KB 178ms
173ms Script
application/javascript 2600:9000:215f:fc00:1e:4a65:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.salesmartly.com/chat/widget/code/js/chunk-vendors.0877c208.js
Requested by: Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/install.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:fc00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AliyunOSS /
Resource Hash: de5f4949d34c123186b26e7b16ac7a76408e677e00380b2366b3f6553061594e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 03:08:12 GMT
content-encoding: gzip
via: 1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
x-oss-request-id: 6600EA9C7859E43330747832
content-md5: ST8+i9YFm7sXjYsqRD8X5g==
x-amz-cf-pop: YUL62-C2
age: 215169
x-cache: Hit from cloudfront
x-oss-object-type: Normal
last-modified: Mon, 18 Mar 2024 09:25:50 GMT
server: AliyunOSS
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=15552000
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 687972137012933462
x-amz-cf-id: Kezh08dK9zzbzHEKcXHTvuVK79ajoSx6ZKGohO0S89Q5JqMGqZVn9A==
x-oss-server-time: 77

GET
H2 200 vendor1_fd8e7641.js Show response
assets.salesmartly.com/chat/widget/code/js/ Frame 8DC2 220 KB
77 KB 271ms
266ms Script
application/javascript 2600:9000:215f:fc00:1e:4a65:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.salesmartly.com/chat/widget/code/js/vendor1_fd8e7641.js
Requested by: Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/install.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:fc00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AliyunOSS /
Resource Hash: d13fa59865cd9ce916e46cae3593eeb17c011b5dd2880ca6a65846c2d4e5a9e2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 03:08:12 GMT
content-encoding: gzip
via: 1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
x-oss-request-id: 6600EA9C400584323329DEE3
content-md5: YOHCRGf6GIUU2shKUsykFw==
x-amz-cf-pop: YUL62-C2
age: 215169
x-cache: Hit from cloudfront
x-oss-object-type: Normal
last-modified: Mon, 18 Mar 2024 09:25:50 GMT
server: AliyunOSS
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=15552000
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 9671956606219813729
x-amz-cf-id: 2O5oh-BG27Z9PN6PigzvpbfePHRCEhWvTgsP40OU_dzPqT845ce1XQ==
x-oss-server-time: 67

GET
H2 206 ling.mp3
assets.salesmartly.com/sounds/ 46 KB
47 KB 309ms
308ms Media
audio/mpeg 2600:9000:215f:fc00:1e:4a65:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.salesmartly.com/sounds/ling.mp3
Requested by: Host: gai1.buomngon.net
URL: https://gai1.buomngon.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:fc00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 35fbb2ad61551e3a396591657a66b563222454418238c46005b89418556f9983

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://gai1.buomngon.net/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 03:08:12 GMT
via: 1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
x-oss-request-id: 6600EA9C99AE8232319E4468
content-md5: EGX+l2/56Y1pdy/g8Ne4CA==
x-amz-cf-pop: YUL62-C2
age: 215169
x-cache: Hit from cloudfront
Content-Range: bytes 0-47222/47223
Content-Length: 47223
x-oss-object-type: Normal
last-modified: Thu, 11 Jan 2024 09:22:49 GMT
server: AliyunOSS
etag: "1065FE976FF9E98D69772FE0F0D7B808"
content-type: audio/mpeg
cache-control: public, max-age=15552000
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 11462808412005883106
x-amz-cf-id: DH3PcoDliaJRUGJ1zX-IkwHEYKFsHybKT3YBPFwZIcHyODtOlTqyEA==
x-oss-server-time: 35

GET
H2 200 plugin.5df3562e.js Show response
assets.salesmartly.com/chat/widget/code/js/ Frame 8DC2 234 KB
69 KB 89ms
69ms Script
application/javascript 2600:9000:215f:fc00:1e:4a65:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.salesmartly.com/chat/widget/code/js/plugin.5df3562e.js
Requested by: Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/install.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:fc00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AliyunOSS /
Resource Hash: cd73853761675c6f0edb57fb193b8fd43c4d958b246cc04b636ccfe16155cfa1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 03:08:12 GMT
content-encoding: gzip
via: 1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
x-oss-request-id: 6600EA9CE9CC4C34395AB5F9
content-md5: 1XwpvjN3VKe9dxsvqX1bEA==
x-amz-cf-pop: YUL62-C2
age: 215169
x-cache: Hit from cloudfront
x-oss-object-type: Normal
last-modified: Mon, 18 Mar 2024 09:25:50 GMT
server: AliyunOSS
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=15552000
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 9381179092442138069
x-amz-cf-id: QlCTZxxFuAbCkKooUHP7SykvIiMDXAvDPooVnpJ8cXIAYK2vbBGwfg==
x-oss-server-time: 60

GET
H2

200

pho-den-do-png-20240201105220-01_fl.png
w.ladicdn.com/652e3b5439ceaa00128d71ee/
Redirect Chain

https://static.ladipage.net/652e3b5439ceaa00128d71ee/pho-den-do-png-20240201105220-01_fl.png
https://w.ladicdn.com/652e3b5439ceaa00128d71ee/pho-den-do-png-20240201105220-01_fl.png

374 KB
375 KB

83ms
81ms

Other
image/png

2600:9000:269f:4a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/652e3b5439ceaa00128d71ee/pho-den-do-png-20240201105220-01_fl.png
Protocol: H2
Server: 2600:9000:269f:4a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5125b87d4cb33f42b3af7d2c11e16317fe15cf9cf6733350bd3c00e61e4be895

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gai1.buomngon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 14:58:00 GMT
content-encoding: gzip
via: 1.1 127983382a3a7d81ffa0cd46d6dbb2f0.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P1
age: 3023781
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: nom-gGWnBv8g9gNAuFck9DIwOq_3-rxuBIpC4h2RXmVoOhM2GRhbdg==
expires: Thu, 20 Feb 2025 14:58:00 GMT

Redirect headers

location: https://w.ladicdn.com:443/652e3b5439ceaa00128d71ee/pho-den-do-png-20240201105220-01_fl.png
date: Wed, 27 Mar 2024 14:54:22 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 get-plugin-info Show response
api.salesmartly.com/sys/company/plugin/ Frame 8DC2 3 KB
4 KB 520ms
313ms XHR
application/json 2600:9000:20aa:e000:f:6577:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.salesmartly.com/sys/company/plugin/get-plugin-info?plugin_sign=055a62d809afd0a991c1fa1a43cde7ba&plugin_id=fwvy25&over_time=&env=chat&_=1711551262085&_lt=&_u=
Requested by: Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/js/vendor1_fd8e7641.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:e000:f:6577:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / PHP/7.2.34
Resource Hash: 4998621338284156d0374a80dcf8dc6fc00b7584bcd85139304fcaa3ab0622cc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 14:54:22 GMT
via: 1.1 bc60bbe1d8a8b7017a4f9b63ff273dec.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
x-powered-by: PHP/7.2.34
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://gai1.buomngon.net
x-cache: Miss from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type
x-amz-cf-id: eGfVeBY305cO1BFx7KtgYuesmkULPhnKmyWXsKgjGpcEx4aK6JZidg==

POST
H2 200 log Show response
srz.salesmartly.com/client/log/ Frame 8DC2 47 B
519 B 1022ms
575ms XHR
application/json 2600:9000:269f:7c00:16:41f9:b9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://srz.salesmartly.com/client/log/log?plugin_sign=b86c50cea7284f1cf6fe28c299401671&plugin_id=fwvy25&over_time=&env=chat&_=1711551262095&_lt=&_u=
Requested by: Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/js/vendor1_fd8e7641.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:269f:7c00:16:41f9:b9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / PHP/7.2.34
Resource Hash: 052a4866127cab399192f6179141e92ce42742a7c09ccf7a0ffba2f0583869b5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: application/json, text/plain, */*
Referer
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 14:54:22 GMT
via: 1.1 1444171bfa6dc77903048694929271f2.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P1
x-powered-by: PHP/7.2.34
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://gai1.buomngon.net
x-cache: Miss from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type
x-amz-cf-id: TjKf7XnoOIq0C3ohgNH7XcYDA-OJ-XLJgQJvm3ASDS4iDcisbBPIBw==

GET
H2 200 import-lang-vn.325281f3.js Show response
assets.salesmartly.com/chat/widget/code/js/ Frame 8DC2 3 KB
2 KB 69ms
69ms Script
application/javascript 2600:9000:215f:fc00:1e:4a65:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.salesmartly.com/chat/widget/code/js/import-lang-vn.325281f3.js
Requested by: Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/js/plugin.5df3562e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:fc00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 4c38f703b7d024155b2b74a328c7de521d3af32490a9fd9c6b0109ff95d8518c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 03:08:13 GMT
content-encoding: gzip
via: 1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
x-oss-request-id: 6600EA9DEE88453337A44721
content-md5: mAwEF08xycPUOG44S8Jo4g==
x-amz-cf-pop: YUL62-C2
age: 215169
x-cache: Hit from cloudfront
x-oss-object-type: Normal
last-modified: Mon, 18 Mar 2024 09:25:50 GMT
server: AliyunOSS
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=15552000
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 14166297160475978239
x-amz-cf-id: UKikVOlucX5FOCdKONjN-7gVoO5cJJzlBhb0NK6A75v2OpQJ5U1TwA==
x-oss-server-time: 52

GET
H2 200 21%20(4).jpg
assets.salesmartly.com/pro/setting/avatar/24841/20240304/1709559506202/ Frame 8DC2 43 KB
44 KB 73ms
72ms Image
image/jpeg 2600:9000:215f:fc00:1e:4a65:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.salesmartly.com/pro/setting/avatar/24841/20240304/1709559506202/21%20(4).jpg?x-oss-process=image/resize,m_fill,h_120,w_120
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:fc00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 1831b3e7e1ed4b51e9b4c270ae358129172638b0c82fe23133b24ef906c4c1fe

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 12:10:19 GMT
via: 1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
x-oss-request-id: 66010F6B43F9F83138CEB2CB
content-md5: jRxxdbnTRHf4JUdzS5edzg==
x-amz-cf-pop: YUL62-C2
age: 32763
x-cache: Hit from cloudfront
content-length: 44051
x-oss-object-type: Normal
last-modified: Mon, 04 Mar 2024 13:38:27 GMT
server: AliyunOSS
etag: "8D1C7175B9D34477F82547734B979DCE"
vary: Accept-Encoding
content-type: image/jpeg
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 6628085230062599568
x-amz-cf-id: 7XFMYRggwR8_Og5jS0AzcK6z27RRKnxCXpyLm5MSDe668o2shojeBA==
x-oss-server-time: 20

GET
H2 200 img_kf_kf01.png
assets.salesmartly.com/pro/setting/chat/icon/24841/20240123/1705988303497/ Frame 8DC2 10 KB
10 KB 73ms
72ms Image
image/png 2600:9000:215f:fc00:1e:4a65:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.salesmartly.com/pro/setting/chat/icon/24841/20240123/1705988303497/img_kf_kf01.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:fc00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AliyunOSS /
Resource Hash: b6a7614ed3a0ef47750db210635d0f4cdff551a046be76d7d2c76f985d6915d2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 12:10:19 GMT
via: 1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
x-oss-request-id: 66010AEABEB4E1393220FDAC
content-md5: Sz5ZlmzX4HNQ/1wCsMTV3w==
x-amz-cf-pop: YUL62-C2
age: 34093
x-cache: Hit from cloudfront
content-length: 9942
x-oss-object-type: Normal
last-modified: Tue, 23 Jan 2024 05:38:24 GMT
server: AliyunOSS
etag: "4B3E59966CD7E07350FF5C02B0C4D5DF"
vary: Accept-Encoding
content-type: image/png
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 592385651881949145
x-amz-cf-id: GX_wVGmbZ45U3IjkpaVVSPKa21D-zXvg2Qeax1EzEWGseOXi-8LTxw==
x-oss-server-time: 69

GET
H2 200 img_kf_kf01.png
assets.salesmartly.com/pro/setting/chat/icon/24841/20240123/1705988306496/ Frame 8DC2 10 KB
10 KB 73ms
73ms Image
image/png 2600:9000:215f:fc00:1e:4a65:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.salesmartly.com/pro/setting/chat/icon/24841/20240123/1705988306496/img_kf_kf01.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:fc00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AliyunOSS /
Resource Hash: b6a7614ed3a0ef47750db210635d0f4cdff551a046be76d7d2c76f985d6915d2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 12:10:19 GMT
via: 1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
x-oss-request-id: 66010AEACB36F93839164245
content-md5: Sz5ZlmzX4HNQ/1wCsMTV3w==
x-amz-cf-pop: YUL62-C2
age: 34075
x-cache: Hit from cloudfront
content-length: 9942
x-oss-object-type: Normal
last-modified: Tue, 23 Jan 2024 05:38:26 GMT
server: AliyunOSS
etag: "4B3E59966CD7E07350FF5C02B0C4D5DF"
vary: Accept-Encoding
content-type: image/png
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 592385651881949145
x-amz-cf-id: o7X3Dd2wuusCEbEHjhO7GY7j2I0JJQPGmji1Y1Q8wXxwgXjcgdZssw==
x-oss-server-time: 36

POST
H2 200 create-user Show response
api.salesmartly.com/chat/msg-user/ Frame 8DC2 157 B
627 B 588ms
588ms XHR
application/json 2600:9000:20aa:e000:f:6577:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.salesmartly.com/chat/msg-user/create-user?plugin_sign=50972f741222ec37c87561dcf048f4b2&plugin_id=fwvy25&over_time=&env=chat&_=1711551262664&_lt=&_u=
Requested by: Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/js/vendor1_fd8e7641.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:e000:f:6577:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / PHP/7.2.34
Resource Hash: 72750d7b2f9e5872129cdca50c9204c42d0c4d6e301a911fdd269f1bad9609a5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: application/json, text/plain, */*
Referer
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 14:54:23 GMT
via: 1.1 bc60bbe1d8a8b7017a4f9b63ff273dec.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
x-powered-by: PHP/7.2.34
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://gai1.buomngon.net
x-cache: Miss from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type
x-amz-cf-id: NgbbAaR7A8MZjp9MTujpVq96mhLirwLiMmJCOXsO97ASMolwAE4qgw==

GET iconfont.faf88971.woff2
assets.salesmartly.com/chat/widget/code/fonts/ Frame 8DC2 0
0

GET iconfont.8353756c.woff
assets.salesmartly.com/chat/widget/code/fonts/ Frame 8DC2 0
0

GET
H2 200 iconfont.6db852ff.ttf
assets.salesmartly.com/chat/widget/code/fonts/ Frame 8DC2 13 KB
9 KB 79ms
79ms Font
font/ttf 2600:9000:215f:fc00:1e:4a65:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.salesmartly.com/chat/widget/code/fonts/iconfont.6db852ff.ttf
Requested by: Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/css/chunk-common.4a8deadd.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:fc00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 9bf7d4c00582988655ee3f4416493375f183d1c192ceae6100beaf8c0ded031f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://assets.salesmartly.com/chat/widget/code/css/chunk-common.4a8deadd.css
Origin: https://gai1.buomngon.net
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 03:08:21 GMT
content-encoding: br
via: 1.1 b6989f0f2e150081d90f4c11e6692d3e.cloudfront.net (CloudFront)
x-oss-request-id: 6600EAA52319383138E192D2
content-md5: bbhS/170Mut1Lqp58zrz6Q==
x-amz-cf-pop: YUL62-C2
age: 215161
x-cache: Hit from cloudfront
x-oss-object-type: Normal
last-modified: Mon, 18 Mar 2024 09:25:50 GMT
server: AliyunOSS
etag: W/"6DB852FF5EF432EB752EAA79F33AF3E9"
access-control-max-age: 600
access-control-allow-methods: GET, PUT, POST
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=15552000
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 12903521378667320147
vary: Accept-Encoding
x-amz-cf-id: AvL3Xyhk5pRPIOoar_XmBprdAtEq7Y1fOjynoiGxnmfH0S5S0g4edw==
x-oss-server-time: 2

POST
H2 200 log Show response
api.salesmartly.com/client/station/ Frame 8DC2 87 B
687 B 305ms
305ms XHR
application/json 2600:9000:20aa:e000:f:6577:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.salesmartly.com/client/station/log?plugin_sign=d35750beee91256915b731cd51cffe3b&plugin_id=fwvy25&over_time=&env=chat&_=1711551263756&_lt=a56e179e0386a933d24a5012fb14eb04&_u=
Requested by: Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/js/vendor1_fd8e7641.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:e000:f:6577:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / PHP/7.2.34
Resource Hash: 071b9bc9bb56795241af50c90bda8fb31b4074923bce7e2d3ab5f3c36133bd5e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: application/json, text/plain, */*
Referer
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 14:54:23 GMT
via: 1.1 bc60bbe1d8a8b7017a4f9b63ff273dec.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
x-powered-by: PHP/7.2.34
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://gai1.buomngon.net
x-cache: Miss from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type
x-amz-cf-id: wCorFR8XOoqPQe3X4Q_B8QGMO3UPE8deTZxaJZM59AD612-IXJCRQg==

GET
H2 200 ladipage.svg
w.ladicdn.com/source/v3/by/ 12 KB
5 KB 72ms
71ms Image
image/svg+xml 2600:9000:269f:4a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/source/v3/by/ladipage.svg?v=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:269f:4a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 628302bae3cba02607d2fefa6eaf3d0549c0c8ab9f41bd171d74f3757826b6bf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gai1.buomngon.net/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 16 Oct 2023 01:25:35 GMT
content-encoding: gzip
via: 1.1 127983382a3a7d81ffa0cd46d6dbb2f0.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P1
age: 14131730
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: falYe2mVEOw6dmdF6ozlPFiWNyJPYMz1JHIZwQ_ULrh6pBCO66e5JQ==
expires: Tue, 15 Oct 2024 01:25:35 GMT

POST
H2 200 trigger Show response
msg.salesmartly.com/chat/chat-auto/user/ Frame 8DC2 2 KB
1 KB 1413ms
1225ms XHR
application/json 2600:9000:215f:3c00:16:9386:7d40:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://msg.salesmartly.com/chat/chat-auto/user/trigger?login_token=a56e179e0386a933d24a5012fb14eb04&chat_user_id=0f744548e2ba1038c28f578d125fea7b&plugin_sign=6a09294cfad91aadb48bdfcbed47b1f4&plugin_id=fwvy25&over_time=&env=chat&_=1711551266255&_lt=a56e179e0386a933d24a5012fb14eb04&_u=53cd0de029de794d9f4df9bc65ae552e
Requested by: Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/js/vendor1_fd8e7641.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:3c00:16:9386:7d40:93a1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ccd41b70e7ef22c14c4221a0279c4d928dc2a1084dc74d03a988f64c0fa0bbb1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: application/json, text/plain, */*
Referer
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 14:54:27 GMT
content-encoding: gzip
via: 1.1 43334f58904cd7106ee523ee0361b402.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://gai1.buomngon.net
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,Cache-Control,Content-Type,Authorization,Origin,Cpl,Client-Type,X-Requested-With,Accept
content-length: 924
x-amz-cf-id: khMLzO_BhRDYWzS3w04HTAbOHmaCeMvgjHWRxY0Khy6ZgO5Lly9S5w==

GET
H2 200 unread-msg-list Show response
msg.salesmartly.com/chat/chat-msg/ Frame 8DC2 66 B
501 B 880ms
693ms XHR
application/json 2600:9000:215f:3c00:16:9386:7d40:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://msg.salesmartly.com/chat/chat-msg/unread-msg-list?login_token=a56e179e0386a933d24a5012fb14eb04&chat_user_id=0f744548e2ba1038c28f578d125fea7b&plugin_id=fwvy25&over_time=&env=chat&_=1711551266256&_lt=a56e179e0386a933d24a5012fb14eb04&_u=53cd0de029de794d9f4df9bc65ae552e
Requested by: Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/js/vendor1_fd8e7641.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:3c00:16:9386:7d40:93a1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e59b9f826a2a9b503fb05fd33448a0583d30552aed790dfea6cb19e74bb409c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 14:54:26 GMT
content-encoding: gzip
via: 1.1 43334f58904cd7106ee523ee0361b402.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://gai1.buomngon.net
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,Cache-Control,Content-Type,Authorization,Origin,Cpl,Client-Type,X-Requested-With,Accept
content-length: 82
x-amz-cf-id: XyeLwG3hebJGhRVc9FrYLIaPGcqIWd-p-SpdtK0H0pSjDYAHeSJUOA==

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 61ms
60ms Ping
text/plain 2607:f8b0:4004:c1d::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-QYVZQGYYF5&gtm=45je43p0v9176090144za200&_p=1711551260911&gcd=13l3l3l3l1&npa=0&dma=0&cid=1870860288.1711551261&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=2&sid=1711551261&sct=1&seg=0&dl=https%3A%2F%2Fgai1.buomngon.net%2F&dt=Ph%E1%BB%91%20%C4%90%C3%A8n%20%C4%90%E1%BB%8F%20-%20N%C6%A1i%20T%E1%BA%ADn%20H%C6%B0%E1%BB%9Fng%20Th%C4%83ng%20Hoa%20-%20T%E1%BA%A3i%20%E1%BB%A8ng%20D%E1%BB%A5ng%20Ph%E1%BB%91%20%C4%90%C3%A8n%20%C4%90%E1%BB%8F&en=ScrollDepth_100_percent&_ee=1&ep.event_category=LadiPageScrollDepth&ep.event_label=gai1.buomngon.net%2F&ep.non_interaction=true&_et=51&tfd=6258
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QYVZQGYYF5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gai1.buomngon.net/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 27 Mar 2024 14:54:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gai1.buomngon.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 21%20(4).jpg
assets.salesmartly.com/pro/setting/avatar/24841/20240304/1709559512500/ Frame 8DC2 43 KB
44 KB 74ms
74ms Image
image/jpeg 2600:9000:215f:fc00:1e:4a65:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.salesmartly.com/pro/setting/avatar/24841/20240304/1709559512500/21%20(4).jpg?x-oss-process=image/resize,m_fill,h_80,w_80
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:fc00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 1831b3e7e1ed4b51e9b4c270ae358129172638b0c82fe23133b24ef906c4c1fe

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 12:10:24 GMT
via: 1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
x-oss-request-id: 66010ADD7859E433324A941B
content-md5: jRxxdbnTRHf4JUdzS5edzg==
x-amz-cf-pop: YUL62-C2
age: 30042
x-cache: Hit from cloudfront
content-length: 44051
x-oss-object-type: Normal
last-modified: Mon, 04 Mar 2024 13:38:32 GMT
server: AliyunOSS
etag: "8D1C7175B9D34477F82547734B979DCE"
vary: Accept-Encoding
content-type: image/jpeg
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 6628085230062599568
x-amz-cf-id: r_l_QiOCWYGioo0pSoiabe2QrPvFKiWRe3DsPFEEnqFDGDcXEMfivQ==
x-oss-server-time: 57

GET
H2 200 351279192_23854414285890026_5710850352092192107_n.jpg
assets.salesmartly.com/pro/flow/24841/20240123/1705997811385/ Frame 8DC2 58 KB
59 KB 73ms
73ms Image
image/jpeg 2600:9000:215f:fc00:1e:4a65:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.salesmartly.com/pro/flow/24841/20240123/1705997811385/351279192_23854414285890026_5710850352092192107_n.jpg?x-oss-process=image/resize,w_100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:fc00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 485971989fb2e6cdc1c1314d4e0e68d10fccccfe2f230ab3ec1ee6a90ca5ee0b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 12:10:24 GMT
via: 1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
x-oss-request-id: 66010B45048FEF32344473F2
content-md5: 0AEGpxW5HTvk/CJnS5ZpFQ==
x-amz-cf-pop: YUL62-C2
age: 33935
x-cache: Hit from cloudfront
content-length: 59405
x-oss-object-type: Normal
last-modified: Tue, 23 Jan 2024 08:16:51 GMT
server: AliyunOSS
etag: "D00106A715B91D3BE4FC22674B966915"
vary: Accept-Encoding
content-type: image/jpeg
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 5467322379694234862
x-amz-cf-id: 5P07U-214k8PxEoaokaJMmwatiRqp0KHuqWOJtmnt-lO1uZhqv1sAA==
x-oss-server-time: 193

GET
H2 200 351279192_23854414285890026_5710850352092192107_n.jpg
assets.salesmartly.com/pro/flow/24841/20240123/1705997811385/ Frame 8DC2 58 KB
59 KB 100ms
100ms Image
image/jpeg 2600:9000:215f:fc00:1e:4a65:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.salesmartly.com/pro/flow/24841/20240123/1705997811385/351279192_23854414285890026_5710850352092192107_n.jpg?x-oss-process=image/resize,h_100,w_100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:fc00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 485971989fb2e6cdc1c1314d4e0e68d10fccccfe2f230ab3ec1ee6a90ca5ee0b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 12:10:24 GMT
via: 1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
x-oss-request-id: 66010B45048FEF32344473F2
content-md5: 0AEGpxW5HTvk/CJnS5ZpFQ==
x-amz-cf-pop: YUL62-C2
age: 33935
x-cache: Hit from cloudfront
content-length: 59405
x-oss-object-type: Normal
last-modified: Tue, 23 Jan 2024 08:16:51 GMT
server: AliyunOSS
etag: "D00106A715B91D3BE4FC22674B966915"
vary: Accept-Encoding
content-type: image/jpeg
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 5467322379694234862
x-amz-cf-id: 4Yy9Tz6gfV2dHqlIvOVAknmuleltyQ3SmAM5BxkkoH9jweYQOB3wdg==
x-oss-server-time: 193

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/fonts/iconfont.faf88971.woff2

Domain: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/fonts/iconfont.8353756c.woff

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.buomngon.net/	1970-01-21 05:01:51	Name: _ga Value: GA1.1.1870860288.1711551261
gai1.buomngon.net/	1970-01-20 19:27:17	Name: _timenow Value: 1711551261301
gai1.buomngon.net/	1970-01-21 04:11:27	Name: LADI_UNIQUE_ID Value: a6692a57-e55b-4c3a-b655-bb53afb9a43a
.buomngon.net/	1970-01-21 05:01:51	Name: _ga_QYVZQGYYF5 Value: GS1.1.1711551261.1.0.1711551261.0.0.0
.salesmartly.com/	1970-01-21 04:11:27	Name: ss_uid Value: 53cd0de029de794d9f4df9bc65ae552e
gai1.buomngon.net/	1970-01-21 04:11:27	Name: _ss_s_uid Value: 53cd0de029de794d9f4df9bc65ae552e

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: about:blank Message: Access to font at 'https://assets.salesmartly.com/chat/widget/code/fonts/iconfont.faf88971.woff2' from origin 'https://gai1.buomngon.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://assets.salesmartly.com/chat/widget/code/fonts/iconfont.faf88971.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: about:blank Message: Access to font at 'https://assets.salesmartly.com/chat/widget/code/fonts/iconfont.8353756c.woff' from origin 'https://gai1.buomngon.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://assets.salesmartly.com/chat/widget/code/fonts/iconfont.8353756c.woff Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://gai1.buomngon.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gai1.buomngon.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gai1.buomngon.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gai1.buomngon.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gai1.buomngon.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gai1.buomngon.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ladipage.com
api.salesmartly.com
assets.salesmartly.com
fonts.googleapis.com
fonts.gstatic.com
gai1.buomngon.net
msg.salesmartly.com
srz.salesmartly.com
static.ladipage.net
w.ladicdn.com
www.google-analytics.com
www.googletagmanager.com
assets.salesmartly.com
2600:9000:20aa:e000:f:6577:d340:93a1
2600:9000:215f:3c00:16:9386:7d40:93a1
2600:9000:215f:fc00:1e:4a65:6f00:93a1
2600:9000:269f:4a00:11:52e1:b680:93a1
2600:9000:269f:7c00:16:41f9:b9c0:93a1
2607:f8b0:4004:c08::61
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c1d::5e
2607:f8b0:4004:c1d::64
3.1.181.19
37.59.29.134
52.77.175.241
8.217.8.99
0499ad780f6cfadffdd2ace04dc0a0a23ca278f34f09127108278464ae19f1c5
052a4866127cab399192f6179141e92ce42742a7c09ccf7a0ffba2f0583869b5
071b9bc9bb56795241af50c90bda8fb31b4074923bce7e2d3ab5f3c36133bd5e
0d43791134e2e13160c0f0ad2a1b60831798f279d51728750ab7a5e3adce156a
12b37847362d8c35c07b0c3a135dff60e3507e866a4ee90e49922c1aa20c879c
1831b3e7e1ed4b51e9b4c270ae358129172638b0c82fe23133b24ef906c4c1fe
1a3ff17640392df16f49b78253fe56426e815512477f3b6dd23b202630fcc27b
1c0c7e48b0f3f0b8186227dac0053049b9d99438bafa752e7b815dd42168c309
287d0fff479c78312e352fb87181ad387ffd1e9854db9df31c1c1dd79644bc81
2d80bb67fd4154d2ce672bf90c007d9f916da57d919b09ca437121044820fee2
35fbb2ad61551e3a396591657a66b563222454418238c46005b89418556f9983
3b754bc0875166679eb7296c332b52d61eb0a0597481d66311c2abd60458c547
3b7c46ab3a12e6161756f55f8e7d39a87d2b9718e6d0f8abe0b97a87994f4b49
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
3dada0a3538ae11481b1b99af34aa0363075a707b29fe46343e6c33e4ef9dd21
4420149cf12d2176ce6c7f6a8c914a835e69445225d1831eca87485f44f2e304
485971989fb2e6cdc1c1314d4e0e68d10fccccfe2f230ab3ec1ee6a90ca5ee0b
4998621338284156d0374a80dcf8dc6fc00b7584bcd85139304fcaa3ab0622cc
4c2a824cab9799116baa8f7a85c7ca062fd67d1ee7b9bc6338ef3bcdae31fc16
4c38f703b7d024155b2b74a328c7de521d3af32490a9fd9c6b0109ff95d8518c
4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9
5125b87d4cb33f42b3af7d2c11e16317fe15cf9cf6733350bd3c00e61e4be895
51a5088fa8f78123b49b71794f7c273d1151bdd66d4713899ece26eabb5bcab3
57925ffc4ac4d80312e0363831593fbb066873b9e1590c14d466deb1db245637
628302bae3cba02607d2fefa6eaf3d0549c0c8ab9f41bd171d74f3757826b6bf
6e59b9f826a2a9b503fb05fd33448a0583d30552aed790dfea6cb19e74bb409c
72750d7b2f9e5872129cdca50c9204c42d0c4d6e301a911fdd269f1bad9609a5
75f15724e4dbd33aafe3b8469a9375299bc0e01f2bc69e35ffb9832ff735f6b8
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
7aefd401bf58d87630ec0b6f555fa046776d852a58dc1fc278c962d05fae845e
7be39ab700ff5e6d7e21ad126b8b09354f3022dc993af0de30768cc97ecbdf28
7e38067199aa2e285d60f9f847f05f753853b518915aa86ca9f8fc976ac6d9a1
82645173066592521bc79142ddec7bddae62553ac5a0e4d42ebf36dbb9c20c75
861aa312a60f164de88163f47c184b6df0788b9880e783ecf38c5ea17c3553bd
98c47fe999beca02ffcbc0fb76858e8136bc2b5f9ab73ca0bd94759b5b1eeb65
9bf7d4c00582988655ee3f4416493375f183d1c192ceae6100beaf8c0ded031f
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293
ab77dbab9f51522acc5b96de0786caed339456626323bd1231f377781198b2c8
b6a7614ed3a0ef47750db210635d0f4cdff551a046be76d7d2c76f985d6915d2
c5c268299cdaa725aa32d248338b0e9beadc9808da1124720204bac9b215d018
ccd41b70e7ef22c14c4221a0279c4d928dc2a1084dc74d03a988f64c0fa0bbb1
cd73853761675c6f0edb57fb193b8fd43c4d958b246cc04b636ccfe16155cfa1
cebe4bb5fe7fb3faa21715693c5a80d7e1a97c1cc6f413c4f9363e73fe783abb
d13fa59865cd9ce916e46cae3593eeb17c011b5dd2880ca6a65846c2d4e5a9e2
de5f4949d34c123186b26e7b16ac7a76408e677e00380b2366b3f6553061594e
e063566e797cac66b08f1781227f5ed7f4f3ecb2553f3b497c2a60ea1677ad17
e3758063ebd96b6bc0d6de3786738c6d174eaa9b8bb94441dc88fd457e639b2c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb5d7f393011313b934b3b276aa97ea11b1c8e4c0b29320bd99348ff88aba927
f266259c1214f89a3353dd1e13048eada1f7ce0a187e86b270d0aecb559d3d9c
f44c21e8f5bf1ce4d09f55b47c9b0d3f3cff5453f21a08855f1b6651c10251f2
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6488082a80930c30f3b7cb4780ee1e10253bb47d65395f32bc773d3664ad8c8
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
fc6b6e8661af24078ad314b0fda625c73cb874e4a62540ef665e9578a1d1c152
ff59645483458da6802d99d0410b57227d78a58ce752a56e360c1b7680a10977

gai1.buomngon.net Open in urlscan Pro 37.59.29.134 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

66 Requests

95 %HTTPS

69 %IPv6

9 Domains

12 Subdomains

13 IPs

4 Countries

6026 kBTransfer

7175 kBSize

6 Cookies

2 Outgoing links

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gai1.buomngon.net Open in urlscan Pro
37.59.29.134 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

95 %
HTTPS

69 %
IPv6

9
Domains

12
Subdomains

13
IPs

4
Countries

6026 kB
Transfer

7175 kB
Size

6
Cookies

66 HTTP transactions
2 data transactions