xbtongkho-uat.myharavan.com Open in urlscan Pro
103.154.102.1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://xb-order.com/
Effective URL:
https://xbtongkho-uat.myharavan.com/account/login
Submission: On August 25 via api (August 25th 2024, 6:09:50 am UTC) from US — Scanned from DE

Summary HTTP 48 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 48 HTTP transactions. The main IP is 103.154.102.1, located in Viet Nam and belongs to HARAVAN-AS-VN HARAVAN TECHNOLOGY CORPORATION, VN. The main domain is xbtongkho-uat.myharavan.com.
TLS certificate: Issued by E5 on July 12th 2024. Valid for: 3 months.

This is the only time xbtongkho-uat.myharavan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	103.154.102.51 103.154.102.51	140801 (HARAVAN-A...) (HARAVAN-AS-VN HARAVAN TECHNOLOGY CORPORATION)
5	103.154.102.1 103.154.102.1	140801 (HARAVAN-A...) (HARAVAN-AS-VN HARAVAN TECHNOLOGY CORPORATION)
20	2606:4700:10:... 2606:4700:10::6816:4ef6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	221.132.18.164 221.132.18.164	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
1 1	2606:4700:303... 2606:4700:3038::6815:ea26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
48	10

1 103.154.102.51 (Viet Nam) 1 redirects

ASN140801 (HARAVAN-AS-VN HARAVAN TECHNOLOGY CORPORATION, VN)

xb-order.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 103.154.102.1 (Viet Nam)

ASN140801 (HARAVAN-AS-VN HARAVAN TECHNOLOGY CORPORATION, VN)

xbtongkho-uat.myharavan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:10::6816:4ef6 (United States)

ASN13335 (CLOUDFLARENET, US)

theme.hstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stats.hstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 221.132.18.164 (Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: dc18.kdata.vn

xbses-uat-apps.hara.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ea26 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

assets.harafunnel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

app.harasocial.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.harasocial.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	hstatic.net theme.hstatic.net — Cisco Umbrella Rank: 112361 hstatic.net — Cisco Umbrella Rank: 83270 stats.hstatic.net — Cisco Umbrella Rank: 119808 Failed	309 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	300 KB
5	google.com www.google.com — Cisco Umbrella Rank: 10	990 B
5	myharavan.com xbtongkho-uat.myharavan.com	383 KB
3	harasocial.com app.harasocial.com — Cisco Umbrella Rank: 464419 static.harasocial.com — Cisco Umbrella Rank: 615062	9 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	5 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1 KB
1	harafunnel.com 1 redirects assets.harafunnel.com — Cisco Umbrella Rank: 587595	529 B
1	hara.vn xbses-uat-apps.hara.vn	481 B
1	xb-order.com 1 redirects xb-order.com	281 B
48	10

	Domain	Requested by
14	theme.hstatic.net	xbtongkho-uat.myharavan.com
7	fonts.gstatic.com	fonts.googleapis.com
5	www.google.com	xbtongkho-uat.myharavan.com www.gstatic.com
5	xbtongkho-uat.myharavan.com	xbtongkho-uat.myharavan.com theme.hstatic.net
4	hstatic.net	xbtongkho-uat.myharavan.com
2	static.harasocial.com	assets.harafunnel.com
2	cdnjs.cloudflare.com	theme.hstatic.net
2	www.gstatic.com	www.google.com
2	stats.hstatic.net	xbtongkho-uat.myharavan.com stats.hstatic.net
2	fonts.googleapis.com	xbtongkho-uat.myharavan.com
1	app.harasocial.com
1	assets.harafunnel.com	1 redirects
1	xbses-uat-apps.hara.vn	theme.hstatic.net
1	xb-order.com	1 redirects
48	14

This site contains links to these domains. Also see Links.

Domain
policies.google.com

Subject Issuer	Validity	Valid
*.myharavan.com E5	`2024-07-12` - `2024-10-10`	3 months	crt.sh
hstatic.net WE1	`2024-07-06` - `2024-10-04`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
*.hara.vn R10	`2024-08-13` - `2024-11-11`	3 months	crt.sh
harasocial.com WE1	`2024-07-26` - `2024-10-24`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://xbtongkho-uat.myharavan.com/account/login
Frame ID: B38768D46682DEF7E31EE84FCD528797
Requests: 45 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdD18MUAAAAAHqKl3Avv8W-tREL6LangePxQLM-&co=aHR0cHM6Ly94YnRvbmdraG8tdWF0Lm15aGFyYXZhbi5jb206NDQz&hl=de&v=i7X0JrnYWy9Y_5EYdoFM79kV&size=invisible&cb=ppwwd7d20gd9
Frame ID: 64389BA0266C4446776031E92A96362C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdD18MUAAAAAHqKl3Avv8W-tREL6LangePxQLM-&co=aHR0cHM6Ly94YnRvbmdraG8tdWF0Lm15aGFyYXZhbi5jb206NDQz&hl=de&v=i7X0JrnYWy9Y_5EYdoFM79kV&size=invisible&cb=hmlx1puoe7z0
Frame ID: B67AE757DDE6E27B15CEEB80B0CB5D47
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdD18MUAAAAAHqKl3Avv8W-tREL6LangePxQLM-&co=aHR0cHM6Ly94YnRvbmdraG8tdWF0Lm15aGFyYXZhbi5jb206NDQz&hl=de&v=i7X0JrnYWy9Y_5EYdoFM79kV&size=invisible&cb=gj1p8aupdkfd
Frame ID: A1123753B8DDE28F2D143FEC2DEBCBA1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tài khoản – xbtongkho uat

Page URL History Show full URLs

https://xb-order.com/ HTTP 301
https://xbtongkho-uat.myharavan.com/ Page URL
https://xbtongkho-uat.myharavan.com/account/login Page URL

Detected technologies

Haravan (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

haravan.*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

48
Requests

96 %
HTTPS

73 %
IPv6

10
Domains

14
Subdomains

10
IPs

3
Countries

1008 kB
Transfer

4715 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://xb-order.com/ HTTP 301
https://xbtongkho-uat.myharavan.com/ Page URL
https://xbtongkho-uat.myharavan.com/account/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://xb-order.com/ HTTP 301
https://xbtongkho-uat.myharavan.com/

Request Chain 44

https://assets.harafunnel.com/widget/108520260558644.js HTTP 301
https://app.harasocial.com/widget/108520260558644.js

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
xbtongkho-uat.myharavan.com/
Redirect Chain

https://xb-order.com/
https://xbtongkho-uat.myharavan.com/

693 KB
157 KB

1209ms
458ms

Document
text/html

103.154.102.1
HARAVAN-AS-VN HAR...

General

Check archive.org

Show headers Download Go to

Full URL

https://xbtongkho-uat.myharavan.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.154.102.1 , Viet Nam, ASN140801 (HARAVAN-AS-VN HARAVAN TECHNOLOGY CORPORATION, VN),

Reverse DNS

Software

openresty /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'self' https://.haravan.com https://.haravan.app; upgrade-insecure-requests
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: private
content-encoding: gzip
content-security-policy: block-all-mixed-content; frame-ancestors 'self' https://*.haravan.com https://*.haravan.app; upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Sun, 25 Aug 2024 06:09:43 GMT
etag: W/"5e252e1b30864e8abe363b1d613f130b"
p3p: CP="NOI DSP COR NID ADMa OPTa OUR NOR"
server: openresty
strict-transport-security: max-age=7889238
vary: Accept-Encoding
x-cache: miss
x-cache-ver: 793
x-content-type-options: nosniff
x-pindex: 8
x-requestid: 451b4b58ef6ab0d3e0f35d5fd49ae6a8
x-shopid: 200000910321
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
content-security-policy: block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests
date: Sun, 25 Aug 2024 06:09:41 GMT
location: https://xbtongkho-uat.myharavan.com/
p3p: CP="NOI DSP COR NID ADMa OPTa OUR NOR"
server: openresty
x-content-type-options: nosniff
x-requestid: 98fd973def48d5cc0930441fac592f95
x-xss-protection: 1; mode=block

GET
H3 200 img_home_banner_desktop_1.jpg
theme.hstatic.net/200000910321/1001270534/14/ 17 KB
17 KB 159ms
126ms Image
image/jpeg 2606:4700:10::6816:4ef6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.hstatic.net/200000910321/1001270534/14/img_home_banner_desktop_1.jpg?v=222
Requested by: Host: xbtongkho-uat.myharavan.com
URL: https://xbtongkho-uat.myharavan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:4ef6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 350892176ef558c38f37d06c724d5a893104553915513b4f576981d6b53e5006

Request headers

Referer: https://xbtongkho-uat.myharavan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:09:43 GMT
via: 1.1 google
cf-cache-status: HIT
x-requestid: 3f60e666c70009a59cffc4afb3c2760c
cf-polished: origSize=18019, status=webp_bigger
x-envoy-upstream-service-time: 55
alt-svc: h3=":443"; ma=86400
content-length: 17208
cf-bgj: imgq:85,h2pri
last-modified: Mon, 19 Aug 2024 04:42:24 GMT
server: cloudflare
etag: "6ef9939ac49963f36c7ae499d7802a0d"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b896a356ee96686-AMS
expires: Fri, 23 Aug 2024 12:18:27 GMT

GET
H3 200 img_home_banner_desktop_2.jpg
theme.hstatic.net/200000910321/1001270534/14/ 19 KB
20 KB 172ms
139ms Image
image/webp 2606:4700:10::6816:4ef6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.hstatic.net/200000910321/1001270534/14/img_home_banner_desktop_2.jpg?v=222
Requested by: Host: xbtongkho-uat.myharavan.com
URL: https://xbtongkho-uat.myharavan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:4ef6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6f643312d726a7763a59d85a30ac680858678a9882624b9eca0097cd0ec5903

Request headers

Referer: https://xbtongkho-uat.myharavan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:09:43 GMT
via: 1.1 google
cf-cache-status: HIT
x-requestid: 45455eef3c24c2963e8a549c4d53e7bb
cf-polished: qual=85, origFmt=jpeg, origSize=34622
x-envoy-upstream-service-time: 86
content-disposition: inline; filename="img_home_banner_desktop_2.webp"
alt-svc: h3=":443"; ma=86400
content-length: 19596
cf-bgj: imgq:85,h2pri
last-modified: Mon, 19 Aug 2024 04:42:16 GMT
server: cloudflare
etag: "8d702e29423517de42ce80d801285229"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b896a356ee86686-AMS
expires: Fri, 23 Aug 2024 12:18:27 GMT

GET
H3 200 slide_1_img.jpg
theme.hstatic.net/200000910321/1001270534/14/ 94 KB
94 KB 454ms
453ms Image
image/jpeg 2606:4700:10::6816:4ef6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.hstatic.net/200000910321/1001270534/14/slide_1_img.jpg?v=222
Requested by: Host: xbtongkho-uat.myharavan.com
URL: https://xbtongkho-uat.myharavan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:4ef6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://xbtongkho-uat.myharavan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:09:43 GMT
via: 1.1 google
cf-cache-status: HIT
x-requestid: 8650f1f590d0f8022398b99667579a28
cf-polished: origSize=100690, status=webp_bigger
x-envoy-upstream-service-time: 51
alt-svc: h3=":443"; ma=86400
content-length: 95871
cf-bgj: imgq:85,h2pri
last-modified: Mon, 19 Aug 2024 04:42:51 GMT
server: cloudflare
etag: "1de65a1a052dd46e31e94ecc30797298"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b896a365f876686-AMS
expires: Fri, 23 Aug 2024 12:18:29 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 42ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap

Requested by

Host: xbtongkho-uat.myharavan.com
URL: https://xbtongkho-uat.myharavan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f6c7e21a033ba788d3c4ab39fd8a313607ecc2e60118e127970e47d45a97228

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://xbtongkho-uat.myharavan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 25 Aug 2024 06:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 25 Aug 2024 04:44:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Aug 2024 06:09:43 GMT

GET
H3 200 style-themes.scss.css
theme.hstatic.net/200000910321/1001270534/14/ 514 KB
77 KB 290ms
288ms Stylesheet
text/css 2606:4700:10::6816:4ef6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theme.hstatic.net/200000910321/1001270534/14/style-themes.scss.css?v=222
Requested by: Host: xbtongkho-uat.myharavan.com
URL: https://xbtongkho-uat.myharavan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:4ef6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://xbtongkho-uat.myharavan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:09:43 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
x-requestid: 40094c70de13521beec8fc4a1c9d5aba
x-envoy-upstream-service-time: 56
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 23 Aug 2024 08:12:25 GMT
server: cloudflare
etag: W/"abfb6fb4c3516ea44f23e527e8d286d3"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b896a36bfbe6686-AMS
expires: Fri, 23 Aug 2024 12:18:27 GMT

GET
H3 200 api.jquery.js Show response
hstatic.net/0/0/global/ 13 KB
4 KB 37ms
25ms Script
application/javascript 2606:4700:10::6816:4ef6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hstatic.net/0/0/global/api.jquery.js
Requested by: Host: xbtongkho-uat.myharavan.com
URL: https://xbtongkho-uat.myharavan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:4ef6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f3e2ca21a3e030e50abd661916c10060a26b250d36334f5b31e95d5db57ea35

Request headers

Referer: https://xbtongkho-uat.myharavan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:09:43 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
x-requestid: 3c326e45b99d1a03842184f569a342c1
age: 14217935
x-envoy-upstream-service-time: 23
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 20 Apr 2019 03:53:30 GMT
server: cloudflare
etag: W/"d16a832add6c22628b6d020849c2caae"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b896a36cfcf6686-AMS
expires: Mon, 20 Nov 2023 02:59:34 GMT

GET
H3 200 scripts.js Show response
theme.hstatic.net/200000910321/1001270534/14/ 201 KB
40 KB 132ms
131ms Script
application/javascript 2606:4700:10::6816:4ef6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theme.hstatic.net/200000910321/1001270534/14/scripts.js?v=222
Requested by: Host: xbtongkho-uat.myharavan.com
URL: https://xbtongkho-uat.myharavan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:4ef6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02e8f8b5898ec23b308660c5cf78f07302a6dae013809724c3546a0570466065

Request headers

Referer: https://xbtongkho-uat.myharavan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:09:43 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
x-requestid: 2acfbd8539909be2c3fc20bbd5eafd6c
x-envoy-upstream-service-time: 64
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 23 Aug 2024 11:04:24 GMT
server: cloudflare
etag: W/"079eb4dd18aa77f31a7842862cedc2d6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b896a36bfbf6686-AMS
expires: Fri, 23 Aug 2024 12:18:27 GMT

GET
H3 200 jquery-3.5.1.min.js Show response
theme.hstatic.net/200000910321/1001270534/14/ 87 KB
31 KB 226ms
225ms Script
application/javascript 2606:4700:10::6816:4ef6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theme.hstatic.net/200000910321/1001270534/14/jquery-3.5.1.min.js?v=222
Requested by: Host: xbtongkho-uat.myharavan.com
URL: https://xbtongkho-uat.myharavan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:4ef6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://xbtongkho-uat.myharavan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:09:43 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
x-requestid: b16a731a6297080d54aec0c6557381b8
x-envoy-upstream-service-time: 24
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 19 Aug 2024 04:42:39 GMT
server: cloudflare
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b896a36bfc06686-AMS
expires: Fri, 23 Aug 2024 12:18:27 GMT

GET
H3 200 app-buyxgety.js Show response
theme.hstatic.net/200000910321/1001270534/14/ 33 KB
7 KB 149ms
149ms Script
application/javascript 2606:4700:10::6816:4ef6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theme.hstatic.net/200000910321/1001270534/14/app-buyxgety.js?v=222
Requested by: Host: xbtongkho-uat.myharavan.com
URL: https://xbtongkho-uat.myharavan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:4ef6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 537ea101607dc9e740200402bededf8994a36186466471462c46d94af9a85973

Request headers

Referer: https://xbtongkho-uat.myharavan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:09:43 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
x-requestid: 8da2253a53d46857bdadf8ab41b4101a
x-envoy-upstream-service-time: 80
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 20 Aug 2024 09:11:08 GMT
server: cloudflare
etag: W/"7c9194c082156f7b942a97967566001f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b896a36bfc26686-AMS
expires: Fri, 23 Aug 2024 12:18:27 GMT

GET beacon.min.js
stats.hstatic.net/ 0
0

GET
H2 200 Primary Request login Show response
xbtongkho-uat.myharavan.com/account/ 933 KB
225 KB 368ms
368ms Document
text/html 103.154.102.1
HARAVAN-AS-VN HAR...

General

Check archive.org

Show headers Download Go to

Full URL

https://xbtongkho-uat.myharavan.com/account/login

Requested by

Host: xbtongkho-uat.myharavan.com
URL: https://xbtongkho-uat.myharavan.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.154.102.1 , Viet Nam, ASN140801 (HARAVAN-AS-VN HARAVAN TECHNOLOGY CORPORATION, VN),

Reverse DNS

Software

openresty /

Resource Hash

ed5421eb5d6906c943d096f82ad28d59403a18d1501cfa0bfbdf4c0525f2f78a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'self' https://.haravan.com https://.haravan.app; upgrade-insecure-requests
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xbtongkho-uat.myharavan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: private
content-encoding: gzip
content-security-policy: block-all-mixed-content; frame-ancestors 'self' https://*.haravan.com https://*.haravan.app; upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Sun, 25 Aug 2024 06:09:43 GMT
p3p: CP="NOI DSP COR NID ADMa OPTa OUR NOR"
server: openresty
strict-transport-security: max-age=7889238
vary: Accept-Encoding
x-content-type-options: nosniff
x-pindex: 8
x-requestid: 4b92778406975e0f037d04a575479a50
x-shopid: 200000910321
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 9 KB
0 3ms
3ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap

Requested by

Host: xbtongkho-uat.myharavan.com
URL: https://xbtongkho-uat.myharavan.com/account/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f6c7e21a033ba788d3c4ab39fd8a313607ecc2e60118e127970e47d45a97228

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://xbtongkho-uat.myharavan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 25 Aug 2024 04:44:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Aug 2024 06:09:43 GMT

GET
H3 200 style-themes.scss.css
theme.hstatic.net/200000910321/1001270534/14/ 514 KB
0 5ms
5ms Stylesheet
text/css 2606:4700:10::6816:4ef6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theme.hstatic.net/200000910321/1001270534/14/style-themes.scss.css?v=222
Requested by: Host: xbtongkho-uat.myharavan.com
URL: https://xbtongkho-uat.myharavan.com/account/login
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:4ef6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32c0051c3617d1cb5d1d338e90b99945e51c83889d9ab51ea6ea5d5dde03878e

Request headers

Referer: https://xbtongkho-uat.myharavan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:09:43 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
x-requestid: 40094c70de13521beec8fc4a1c9d5aba
x-envoy-upstream-service-time: 56
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 23 Aug 2024 08:12:25 GMT
server: cloudflare
etag: W/"abfb6fb4c3516ea44f23e527e8d286d3"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b896a36bfbe6686-AMS
expires: Fri, 23 Aug 2024 12:18:27 GMT

GET
H3 200 style-customer.css
theme.hstatic.net/200000910321/1001270534/14/ 11 KB
3 KB 124ms
121ms Stylesheet
text/css 2606:4700:10::6816:4ef6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theme.hstatic.net/200000910321/1001270534/14/style-customer.css?v=222
Requested by: Host: xbtongkho-uat.myharavan.com
URL: https://xbtongkho-uat.myharavan.com/account/login
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:4ef6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02923663fda67fb5fb519d1ff12665c32195bff09606ebc093b96e48e446974a

Request headers

Referer: https://xbtongkho-uat.myharavan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:09:44 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
x-requestid: 1993dc0f6aad90ada7843fbeed5ca16c
x-envoy-upstream-service-time: 115
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 20 Aug 2024 09:11:07 GMT
server: cloudflare
etag: W/"933b337877918dd33bb1e4e72d11af1a"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b896a3b1aae6686-AMS
expires: Fri, 23 Aug 2024 12:18:29 GMT

GET
H3 200 api.jquery.js Show response
hstatic.net/0/0/global/ 13 KB
0 6ms
6ms Script
application/javascript 2606:4700:10::6816:4ef6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hstatic.net/0/0/global/api.jquery.js
Requested by: Host: xbtongkho-uat.myharavan.com
URL: https://xbtongkho-uat.myharavan.com/account/login
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:4ef6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f3e2ca21a3e030e50abd661916c10060a26b250d36334f5b31e95d5db57ea35

Request headers

Referer: https://xbtongkho-uat.myharavan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:09:43 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
x-requestid: 3c326e45b99d1a03842184f569a342c1
age: 14217935
x-envoy-upstream-service-time: 23
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 20 Apr 2019 03:53:30 GMT
server: cloudflare
etag: W/"d16a832add6c22628b6d020849c2caae"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b896a36cfcf6686-AMS
expires: Mon, 20 Nov 2023 02:59:34 GMT

GET
H3 200 scripts.js Show response
theme.hstatic.net/200000910321/1001270534/14/ 201 KB
0 8ms
8ms Script
application/javascript 2606:4700:10::6816:4ef6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theme.hstatic.net/200000910321/1001270534/14/scripts.js?v=222
Requested by: Host: xbtongkho-uat.myharavan.com
URL: https://xbtongkho-uat.myharavan.com/account/login
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:4ef6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02e8f8b5898ec23b308660c5cf78f07302a6dae013809724c3546a0570466065

Request headers

Referer: https://xbtongkho-uat.myharavan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:09:43 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
x-requestid: 2acfbd8539909be2c3fc20bbd5eafd6c
x-envoy-upstream-service-time: 64
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 23 Aug 2024 11:04:24 GMT
server: cloudflare
etag: W/"079eb4dd18aa77f31a7842862cedc2d6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b896a36bfbf6686-AMS
expires: Fri, 23 Aug 2024 12:18:27 GMT

GET
H3 200 jquery-3.5.1.min.js Show response
theme.hstatic.net/200000910321/1001270534/14/ 87 KB
0 11ms
11ms Script
application/javascript 2606:4700:10::6816:4ef6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theme.hstatic.net/200000910321/1001270534/14/jquery-3.5.1.min.js?v=222
Requested by: Host: xbtongkho-uat.myharavan.com
URL: https://xbtongkho-uat.myharavan.com/account/login
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:4ef6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://xbtongkho-uat.myharavan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:09:43 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
x-requestid: b16a731a6297080d54aec0c6557381b8
x-envoy-upstream-service-time: 24
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 19 Aug 2024 04:42:39 GMT
server: cloudflare
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b896a36bfc06686-AMS
expires: Fri, 23 Aug 2024 12:18:27 GMT

GET
H3 200 app-buyxgety.js Show response
theme.hstatic.net/200000910321/1001270534/14/ 33 KB
0 13ms
13ms Script
application/javascript 2606:4700:10::6816:4ef6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theme.hstatic.net/200000910321/1001270534/14/app-buyxgety.js?v=222
Requested by: Host: xbtongkho-uat.myharavan.com
URL: https://xbtongkho-uat.myharavan.com/account/login
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:4ef6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 537ea101607dc9e740200402bededf8994a36186466471462c46d94af9a85973

Request headers

Referer: https://xbtongkho-uat.myharavan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:09:43 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
x-requestid: 8da2253a53d46857bdadf8ab41b4101a
x-envoy-upstream-service-time: 80
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 20 Aug 2024 09:11:08 GMT
server: cloudflare
etag: W/"7c9194c082156f7b942a97967566001f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b896a36bfc26686-AMS
expires: Fri, 23 Aug 2024 12:18:27 GMT

GET
H3 200 beacon.min.js Show response
stats.hstatic.net/ 31 KB
11 KB 22ms
21ms Script
text/javascript 2606:4700:10::6816:4ef6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.hstatic.net/beacon.min.js

Requested by

Host: xbtongkho-uat.myharavan.com
URL: https://xbtongkho-uat.myharavan.com/account/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4ef6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe8b7aaeeb919136b7d255c99c969bbce959450820fae5332021f4921c96e11f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://xbtongkho-uat.myharavan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:09:44 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 06 Aug 2024 09:32:19 GMT
server: cloudflare
x-requestid: 6a14f524bf7a56b40080bff73bc12e80
age: 4796
etag: W/"1dae7e3883aa9fc"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31536000
cf-ray: 8b896a3b7aee6686-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
990 B 50ms
21ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LdD18MUAAAAAHqKl3Avv8W-tREL6LangePxQLM-

Requested by

Host: xbtongkho-uat.myharavan.com
URL: https://xbtongkho-uat.myharavan.com/account/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e910a87aaa222f288d5b8b8d9ce904022173b9c7f3dd94d4cecfc8065a1141cc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xbtongkho-uat.myharavan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:09:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 25 Aug 2024 06:09:44 GMT

GET
H3 200 haravan_common.js Show response
hstatic.net/0/0/global/ 4 KB
1 KB 29ms
25ms Script
application/javascript 2606:4700:10::6816:4ef6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hstatic.net/0/0/global/haravan_common.js
Requested by: Host: xbtongkho-uat.myharavan.com
URL: https://xbtongkho-uat.myharavan.com/account/login
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:4ef6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 294a09f301391b9eb881c0c227996e093812d8d6e4176a41e514daa170725dd5

Request headers

Referer: https://xbtongkho-uat.myharavan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:09:44 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
x-requestid: 7a81560bc16bae1bf1af06a73ce238b5
age: 14217313
x-envoy-upstream-service-time: 107
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 05 May 2019 14:47:01 GMT
server: cloudflare
etag: W/"258ef55638312a63c19873b417bfa496"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b896a3b2ab76686-AMS
expires: Mon, 11 Dec 2023 19:52:32 GMT

GET
H3 200 customer_area.js Show response
hstatic.net/0/0/global/ 878 B
633 B 35ms
32ms Script
application/javascript 2606:4700:10::6816:4ef6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hstatic.net/0/0/global/customer_area.js
Requested by: Host: xbtongkho-uat.myharavan.com
URL: https://xbtongkho-uat.myharavan.com/account/login
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:4ef6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 224ffaf44b74d558d362395ced0acd8beba6bb72ea3e372bddedf39523ed5203

Request headers

Referer: https://xbtongkho-uat.myharavan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:09:44 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
x-requestid: 56c5c51ace160e5b84de404b263f64ce
age: 14217313
x-envoy-upstream-service-time: 95
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 05 May 2019 14:47:07 GMT
server: cloudflare
etag: W/"19a4857d1ff8f6ab827e87e7373dc6b8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b896a3b2abb6686-AMS
expires: Sat, 02 Dec 2023 18:09:27 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/ 539 KB
215 KB 33ms
9ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdD18MUAAAAAHqKl3Avv8W-tREL6LangePxQLM-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13e3852d2c9f4f4bd3125764fa931927e2b6901960c971c3e28ba3911262a78f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xbtongkho-uat.myharavan.com/
Origin: https://xbtongkho-uat.myharavan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 12:45:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 149025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 219509
x-xss-protection: 0
last-modified: Mon, 19 Aug 2024 04:00:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Aug 2025 12:45:59 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v32/ 12 KB
12 KB 57ms
24ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9462ffde1e6cc0db617644b0919fb03459672da53254f0d869ae6d40c6c178fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xbtongkho-uat.myharavan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:26:58 GMT
x-content-type-options: nosniff
age: 402166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12304
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:26:58 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
19 KB 40ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xbtongkho-uat.myharavan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:03:06 GMT
x-content-type-options: nosniff
age: 403598
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18588
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:03:06 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 46ms
15ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xbtongkho-uat.myharavan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:08:32 GMT
x-content-type-options: nosniff
age: 403272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18536
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:08:32 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 42ms
10ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xbtongkho-uat.myharavan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:09:26 GMT
x-content-type-options: nosniff
age: 403218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18596
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:09:26 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v32/ 6 KB
6 KB 54ms
23ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da86283c34030c89397605c7e7e43c3e9a649287087b5afed839332c87be3761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xbtongkho-uat.myharavan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:08:10 GMT
x-content-type-options: nosniff
age: 403294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5708
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:08:10 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v32/ 6 KB
6 KB 53ms
22ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b2da7c38d34ace18801291959a5fc03c369f5bd2aea33cb488da61d9f39ff2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xbtongkho-uat.myharavan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:03:22 GMT
x-content-type-options: nosniff
age: 403582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5864
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:03:22 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v32/ 6 KB
6 KB 49ms
18ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7WxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

666d5c2b0e7ef0cc2c46675b88b5867ccb5cc6ec89a52b8da94caa68a6bf8d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xbtongkho-uat.myharavan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:15:37 GMT
x-content-type-options: nosniff
age: 402847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5796
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:15:37 GMT

GET
H3 200 jquery.angle.js Show response
theme.hstatic.net/200000910321/1001270534/14/ 9 KB
3 KB 121ms
121ms Script
application/javascript 2606:4700:10::6816:4ef6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theme.hstatic.net/200000910321/1001270534/14/jquery.angle.js?v=222
Requested by: Host: xbtongkho-uat.myharavan.com
URL: https://xbtongkho-uat.myharavan.com/account/login
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:4ef6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9939ef4c0baea81d2aeb58eb30aca56f558bbfa4b7d22a39853334b92f5cd30

Request headers

Referer: https://xbtongkho-uat.myharavan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:09:44 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
x-requestid: 60bf9947d573718be7dded34f5a009d7
x-envoy-upstream-service-time: 46
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 19 Aug 2024 04:42:37 GMT
server: cloudflare
etag: W/"673d2b8d6441d00e97b72b9af9c88754"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b896a3cbbe36686-AMS
expires: Fri, 23 Aug 2024 12:18:28 GMT

POST
H3 200 analytics
stats.hstatic.net/ 0
137 B 603ms
601ms Ping
text/plain 2606:4700:10::6816:4ef6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.hstatic.net/analytics

Requested by

Host: stats.hstatic.net
URL: https://stats.hstatic.net/beacon.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4ef6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://xbtongkho-uat.myharavan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 25 Aug 2024 06:09:45 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
server: cloudflare
x-requestid: 61004f5b47782621c9060462fafb6b44
access-control-allow-origin: *
cf-ray: 8b896a3d7c5e6686-AMS
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 6438 0
0 56ms
43ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdD18MUAAAAAHqKl3Avv8W-tREL6LangePxQLM-&co=aHR0cHM6Ly94YnRvbmdraG8tdWF0Lm15aGFyYXZhbi5jb206NDQz&hl=de&v=i7X0JrnYWy9Y_5EYdoFM79kV&size=invisible&cb=ppwwd7d20gd9

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Uf4nOnjTkEDKCG_QL20lGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xbtongkho-uat.myharavan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Uf4nOnjTkEDKCG_QL20lGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 25 Aug 2024 06:09:44 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame B67A 0
0 41ms
29ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4g5bBTERzInnPIp7DJe2Ww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xbtongkho-uat.myharavan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-4g5bBTERzInnPIp7DJe2Ww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 25 Aug 2024 06:09:44 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 json2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/json2/20160511/ 3 KB
2 KB 42ms
24ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/json2/20160511/json2.min.js

Requested by

Host: theme.hstatic.net
URL: https://theme.hstatic.net/200000910321/1001270534/14/app-buyxgety.js?v=222

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16cc395fd6549e525bdf4da2ae41bca4a091c1eac67f1480ac0c36dae1bf4244

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://xbtongkho-uat.myharavan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:09:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 207152
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1235
last-modified: Mon, 04 May 2020 16:11:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec8-c63"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V3K2ZY160E6QQ2A1VRAjdNMSUb4Cat2LniyuBnLtI0JV%2F1lce7wMu9WJSD2gFzy1bI%2Bxv7M8Y6%2Bb0g3JoeB90esBhhxRRBh4LkXwZoNz%2FHQg8dRoXn8%2F4Q3n3VsbAHsnXUfLSK5rKrThmHbqc23OMG7u"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b896a3dba090c69-AMS
expires: Fri, 15 Aug 2025 06:09:44 GMT

GET
H3 200 jstorage.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jStorage/0.4.12/ 8 KB
3 KB 43ms
25ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jStorage/0.4.12/jstorage.min.js

Requested by

Host: theme.hstatic.net
URL: https://theme.hstatic.net/200000910321/1001270534/14/app-buyxgety.js?v=222

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2695782169edff0e1140a90841dd0d391b2bab2ee69f2750143d2242328473f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://xbtongkho-uat.myharavan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:09:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 213299
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2503
last-modified: Mon, 04 May 2020 16:11:42 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ebe-1e97"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DYYJpO%2BEKXJlePSWaSL6lRAaZSNMCjVyh2r40d5lijH0twrZ1mHpEH%2BWNFHqSmXyiwrp5cIpF46%2BYA%2FLG9QCZP7zc03LN7WVyciSCOaTS5TP6vaaz1ZO9UmCEbEmud%2FS%2BsTpveLplKeVwFe0I5muAm93"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b896a3daa060c69-AMS
expires: Fri, 15 Aug 2025 06:09:44 GMT

GET
H2 200 cart.js Show response
xbtongkho-uat.myharavan.com/ 165 B
550 B 252ms
251ms XHR
application/json 103.154.102.1
HARAVAN-AS-VN HAR...

General

Check archive.org

Show headers Download Go to

Full URL

https://xbtongkho-uat.myharavan.com/cart.js

Requested by

Host: theme.hstatic.net
URL: https://theme.hstatic.net/200000910321/1001270534/14/jquery-3.5.1.min.js?v=222

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.154.102.1 , Viet Nam, ASN140801 (HARAVAN-AS-VN HARAVAN TECHNOLOGY CORPORATION, VN),

Reverse DNS

Software

openresty /

Resource Hash

1d004c34d4d336590062a24ddf11b592132d9b878c9980c356ef2e12726cf783

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'self' https://.haravan.com https://.haravan.app; upgrade-insecure-requests
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://xbtongkho-uat.myharavan.com/account/login
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 06:09:44 GMT
strict-transport-security: max-age=7889238
x-content-type-options: nosniff
content-security-policy: block-all-mixed-content; frame-ancestors 'self' https://*.haravan.com https://*.haravan.app; upgrade-insecure-requests
content-encoding: gzip
server: openresty
x-requestid: f65ba48f1e8ced2a87f6d62d44121605
x-shopid: 200000910321
vary: Accept-Encoding
content-type: application/json; charset=utf-8
p3p: CP="NOI DSP COR NID ADMa OPTa OUR NOR"
cache-control: no-store,no-cache
x-xss-protection: 1; mode=block

GET
H2 200 account.js Show response
xbtongkho-uat.myharavan.com/ 81 B
486 B 253ms
253ms XHR
application/json 103.154.102.1
HARAVAN-AS-VN HAR...

General

Check archive.org

Show headers Download Go to

Full URL

https://xbtongkho-uat.myharavan.com/account.js

Requested by

Host: theme.hstatic.net
URL: https://theme.hstatic.net/200000910321/1001270534/14/jquery-3.5.1.min.js?v=222

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.154.102.1 , Viet Nam, ASN140801 (HARAVAN-AS-VN HARAVAN TECHNOLOGY CORPORATION, VN),

Reverse DNS

Software

openresty /

Resource Hash

dda337793cfa22be6cbf34f25cc0cd18684015acfe2dbb03074821b694e4be5a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'self' https://.haravan.com https://.haravan.app; upgrade-insecure-requests
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://xbtongkho-uat.myharavan.com/account/login
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 06:09:44 GMT
strict-transport-security: max-age=7889238
x-content-type-options: nosniff
content-security-policy: block-all-mixed-content; frame-ancestors 'self' https://*.haravan.com https://*.haravan.app; upgrade-insecure-requests
content-encoding: gzip
server: openresty
x-requestid: 8453a9d538dfb269a55251b73e4bad53
x-shopid: 200000910321
vary: Accept-Encoding
content-type: application/json; charset=utf-8
p3p: CP="NOI DSP COR NID ADMa OPTa OUR NOR"
cache-control: no-store,no-cache
x-xss-protection: 1; mode=block

GET
H2 200 cart.js Show response
xbtongkho-uat.myharavan.com/ 165 B
550 B 270ms
270ms XHR
application/json 103.154.102.1
HARAVAN-AS-VN HAR...

General

Check archive.org

Show headers Download Go to

Full URL

https://xbtongkho-uat.myharavan.com/cart.js

Requested by

Host: theme.hstatic.net
URL: https://theme.hstatic.net/200000910321/1001270534/14/jquery-3.5.1.min.js?v=222

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.154.102.1 , Viet Nam, ASN140801 (HARAVAN-AS-VN HARAVAN TECHNOLOGY CORPORATION, VN),

Reverse DNS

Software

openresty /

Resource Hash

1d004c34d4d336590062a24ddf11b592132d9b878c9980c356ef2e12726cf783

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'self' https://.haravan.com https://.haravan.app; upgrade-insecure-requests
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://xbtongkho-uat.myharavan.com/account/login
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 06:09:44 GMT
strict-transport-security: max-age=7889238
x-content-type-options: nosniff
content-security-policy: block-all-mixed-content; frame-ancestors 'self' https://*.haravan.com https://*.haravan.app; upgrade-insecure-requests
content-encoding: gzip
server: openresty
x-requestid: 3245a20c6571509218fcb0d1199b17b3
x-shopid: 200000910321
vary: Accept-Encoding
content-type: application/json; charset=utf-8
p3p: CP="NOI DSP COR NID ADMa OPTa OUR NOR"
cache-control: no-store,no-cache
x-xss-protection: 1; mode=block

GET
H3 200 favicon.png
theme.hstatic.net/200000910321/1001270534/14/ 430 B
784 B 119ms
118ms Other
image/webp 2606:4700:10::6816:4ef6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theme.hstatic.net/200000910321/1001270534/14/favicon.png?v=222
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:4ef6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3932e6ac9eb6b60198e2021561e557128a9a1c8ab87244933287de08d69c783

Request headers

Referer: https://xbtongkho-uat.myharavan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:09:44 GMT
via: 1.1 google
cf-cache-status: HIT
x-requestid: fc7d03581bbd4972151690931b9a60c0
cf-polished: origFmt=png, origSize=696
x-envoy-upstream-service-time: 51
content-disposition: inline; filename="favicon.webp"
alt-svc: h3=":443"; ma=86400
content-length: 430
cf-bgj: imgq:85,h2pri
last-modified: Mon, 19 Aug 2024 04:42:45 GMT
server: cloudflare
etag: "5c6ab38ea6d6dd098cbce0c958d9f602"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b896a3f8dd66686-AMS
expires: Fri, 23 Aug 2024 12:18:31 GMT

POST
H2 200 search Show response
xbses-uat-apps.hara.vn/xbses/frontend/auth/api/customer/0/purchase-request/ 87 B
481 B 803ms
314ms XHR
application/json 221.132.18.164
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to

Full URL

https://xbses-uat-apps.hara.vn/xbses/frontend/auth/api/customer/0/purchase-request/search?shopid=200000910321&shop=xbtongkho-uat.myharavan.com&customerid=0&signature=dd741489514a755ed2ac31f7e8880f66

Requested by

Host: theme.hstatic.net
URL: https://theme.hstatic.net/200000910321/1001270534/14/jquery-3.5.1.min.js?v=222

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

221.132.18.164 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),

Reverse DNS

dc18.kdata.vn

Software

BigIP /

Resource Hash

42ca549ea57c494c4fab2f86efdad1bc06f358028e98e7e162009deef9270b53

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	ALLOW-FROM

Request headers

Accept: */*
Referer: https://xbtongkho-uat.myharavan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 25 Aug 2024 06:09:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
content-security-policy
server: BigIP
etag: W/"57-/FmE3UA+jc4LLGDbYWGuLd63Chs"
x-download-options: noopen
vary: Origin, X-HTTP-Method-Override, Accept-Encoding
x-frame-options: ALLOW-FROM
content-type: application/json; charset=utf-8
access-control-allow-origin: *
p3p: ABCDEF
x-robots-tag: noindex, noindex
appversion: 1.0.1309049

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
0 0ms
0ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LdD18MUAAAAAHqKl3Avv8W-tREL6LangePxQLM-

Requested by

Host: xbtongkho-uat.myharavan.com
URL: https://xbtongkho-uat.myharavan.com/account/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e910a87aaa222f288d5b8b8d9ce904022173b9c7f3dd94d4cecfc8065a1141cc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xbtongkho-uat.myharavan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:09:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 25 Aug 2024 06:09:44 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/ 539 KB
0 0ms
0ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdD18MUAAAAAHqKl3Avv8W-tREL6LangePxQLM-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13e3852d2c9f4f4bd3125764fa931927e2b6901960c971c3e28ba3911262a78f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xbtongkho-uat.myharavan.com/
Origin: https://xbtongkho-uat.myharavan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 12:45:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 149025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 219509
x-xss-protection: 0
last-modified: Mon, 19 Aug 2024 04:00:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Aug 2025 12:45:59 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame A112 0
0 28ms
27ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-f0yZn6BOYqlr3b2lXaWZsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xbtongkho-uat.myharavan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-f0yZn6BOYqlr3b2lXaWZsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 25 Aug 2024 06:09:49 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3

200

108520260558644.js Show response
app.harasocial.com/widget/
Redirect Chain

https://assets.harafunnel.com/widget/108520260558644.js
https://app.harasocial.com/widget/108520260558644.js

3 KB
2 KB

63ms
28ms

Script
application/javascript

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.harasocial.com/widget/108520260558644.js

Protocol

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c0b295fa3cc5fa13ff2962f87b4f38e9d922800a1527dcbf7e349a54f82a28d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xbtongkho-uat.myharavan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:09:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: block-all-mixed-content; upgrade-insecure-requests
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-requestid: 8c3b5a441a3040d7bdaf7d5cdabd6050
age: 1497725
cf-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Aug 2024 21:40:42 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BqTg2gPc1kZeDCFVbdKgP%2FudD4lbtDo815ALYzy3IrfqMAKmW9tB3bHloUzZki5pMFgW39KenN0ZS63%2Fyefd0LO4OTs1XdanB6ZyL3V7v%2FDfP%2FdLUQtLHXU3xvyUF7aVcp3qbaUigV%2BJAjmKV0szLvE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 8b896a5dcbb866fc-AMS

Redirect headers

date: Sun, 25 Aug 2024 06:09:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b6mk7dpu2rVNANtcm%2BLpAYH6HTaDX6PJTXnoGu%2Fbe72HSoKTPr5vxSXknLBwd%2FJxjQaSluheA7Xue%2ByBFZB1VZbro40HT2jXzREONTYT1859adj8GoVChVyX6UzQ0OhzFMRXkgM9pSFGBu%2BLOJOle2Mqju4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://app.harasocial.com/widget/108520260558644.js
cache-control: max-age=3600
cf-ray: 8b896a5d6e1e668b-AMS
alt-svc: h3=":443"; ma=86400
content-length: 167
expires: Sun, 25 Aug 2024 07:09:49 GMT

GET
H3 200 widget.js Show response
static.harasocial.com/funnel/ 10 KB
4 KB 38ms
27ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.harasocial.com/funnel/widget.js?v=1.3

Requested by

Host: assets.harafunnel.com
URL: https://assets.harafunnel.com/widget/108520260558644.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b066fe8e122a405c581d2f827eeac8bd9218fdd64060ed27deeda9523ac83e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://xbtongkho-uat.myharavan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:09:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6983
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"d02d1e19b5089a75d4026f3de9914819"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xs6QwSOMT1zNgoqTzXw9UrA%2BcW4oWmkkP2vhGUU7xvss4C9S%2BvDVupB6DmmE7GmthSD5nytmzQwnGi72jV2e3qelHjfKd3uhNgeFEs2roKx1YVn9i01tDksgaUKcqDUMf5F9Pr3ZYbU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, must-revalidate
cf-ray: 8b896a5e0be266fc-AMS

GET
H3 200 ic_messenger_logo.png
static.harasocial.com/svg-funnel/ 3 KB
4 KB 24ms
24ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.harasocial.com/svg-funnel/ic_messenger_logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4059c9d5da0d933b4432d40cf8c2835ba2709f43068004ed2c83913155e716b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://xbtongkho-uat.myharavan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:09:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3909
alt-svc: h3=":443"; ma=86400
content-length: 3444
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "16fb47f373c752658ba936fdfe0acfe1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=knj3xwD2gdu97cFtC%2BQH3SZczWA%2BBzFuyyTn0i4qnYlKP0Mf9b3vchMHp3PoploDpDy2UZntJYLXl3sRIHehC6I77CgrdlVifAwCbtUFSP4LITNZprrZxJiZenOB8cJgMGr8AfWqITQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 8b896a62eef666fc-AMS

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: stats.hstatic.net
URL: https://stats.hstatic.net/beacon.min.js

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-21 03:21:58	Name: _GRECAPTCHA Value: 09AJEC9jvaT08g_ne4Hg8lcfCspmHZqtAJ5CWnVMkpR68UCCsMxkvnRSgF2rwOsdTXsZ5cP_XEIa7pLdVQrgEKW40
xbtongkho-uat.myharavan.com/	1970-01-20 23:45:58	Name: _landing_page Value: %252F
xbtongkho-uat.myharavan.com/	1970-01-20 23:45:58	Name: _orig_referer Value:
xbtongkho-uat.myharavan.com/	1970-01-20 23:45:58	Name: shop_ref Value:

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://xbtongkho-uat.myharavan.com/account/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'self' https://.haravan.com https://.haravan.app; upgrade-insecure-requests
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.harasocial.com
assets.harafunnel.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
hstatic.net
static.harasocial.com
stats.hstatic.net
theme.hstatic.net
www.google.com
www.gstatic.com
xb-order.com
xbses-uat-apps.hara.vn
xbtongkho-uat.myharavan.com
stats.hstatic.net
103.154.102.1
103.154.102.51
221.132.18.164
2606:4700:10::6816:4ef6
2606:4700:3038::6815:ea26
2606:4700::6811:190e
2a00:1450:4001:813::200a
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2003
2a06:98c1:3120::3
02923663fda67fb5fb519d1ff12665c32195bff09606ebc093b96e48e446974a
02e8f8b5898ec23b308660c5cf78f07302a6dae013809724c3546a0570466065
13e3852d2c9f4f4bd3125764fa931927e2b6901960c971c3e28ba3911262a78f
16cc395fd6549e525bdf4da2ae41bca4a091c1eac67f1480ac0c36dae1bf4244
1d004c34d4d336590062a24ddf11b592132d9b878c9980c356ef2e12726cf783
224ffaf44b74d558d362395ced0acd8beba6bb72ea3e372bddedf39523ed5203
2695782169edff0e1140a90841dd0d391b2bab2ee69f2750143d2242328473f6
294a09f301391b9eb881c0c227996e093812d8d6e4176a41e514daa170725dd5
32c0051c3617d1cb5d1d338e90b99945e51c83889d9ab51ea6ea5d5dde03878e
350892176ef558c38f37d06c724d5a893104553915513b4f576981d6b53e5006
3b066fe8e122a405c581d2f827eeac8bd9218fdd64060ed27deeda9523ac83e5
4059c9d5da0d933b4432d40cf8c2835ba2709f43068004ed2c83913155e716b7
42ca549ea57c494c4fab2f86efdad1bc06f358028e98e7e162009deef9270b53
4f3e2ca21a3e030e50abd661916c10060a26b250d36334f5b31e95d5db57ea35
537ea101607dc9e740200402bededf8994a36186466471462c46d94af9a85973
666d5c2b0e7ef0cc2c46675b88b5867ccb5cc6ec89a52b8da94caa68a6bf8d13
6f6c7e21a033ba788d3c4ab39fd8a313607ecc2e60118e127970e47d45a97228
7c0b295fa3cc5fa13ff2962f87b4f38e9d922800a1527dcbf7e349a54f82a28d
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
9462ffde1e6cc0db617644b0919fb03459672da53254f0d869ae6d40c6c178fa
9b2da7c38d34ace18801291959a5fc03c369f5bd2aea33cb488da61d9f39ff2f
a3932e6ac9eb6b60198e2021561e557128a9a1c8ab87244933287de08d69c783
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
d6f643312d726a7763a59d85a30ac680858678a9882624b9eca0097cd0ec5903
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
da86283c34030c89397605c7e7e43c3e9a649287087b5afed839332c87be3761
dda337793cfa22be6cbf34f25cc0cd18684015acfe2dbb03074821b694e4be5a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e910a87aaa222f288d5b8b8d9ce904022173b9c7f3dd94d4cecfc8065a1141cc
ed5421eb5d6906c943d096f82ad28d59403a18d1501cfa0bfbdf4c0525f2f78a
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9939ef4c0baea81d2aeb58eb30aca56f558bbfa4b7d22a39853334b92f5cd30
fe8b7aaeeb919136b7d255c99c969bbce959450820fae5332021f4921c96e11f

xbtongkho-uat.myharavan.com Open in urlscan Pro 103.154.102.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

48 Requests

96 %HTTPS

73 %IPv6

10 Domains

14 Subdomains

10 IPs

3 Countries

1008 kBTransfer

4715 kBSize

4 Cookies

2 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

xbtongkho-uat.myharavan.com Open in urlscan Pro
103.154.102.1 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

96 %
HTTPS

73 %
IPv6

10
Domains

14
Subdomains

10
IPs

3
Countries

1008 kB
Transfer

4715 kB
Size

4
Cookies

48 HTTP transactions
0 data transactions