lixi.vietmoney.vn Open in urlscan Pro
18.138.206.213  Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response lixi.vietmoney.vn/	133 KB 23 KB	544ms 167ms	Document text/html	18.138.206.213 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://lixi.vietmoney.vn/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.138.206.213 , Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-138-206-213.ap-southeast-1.compute.amazonaws.com Software openresty / Resource Hash b3fcc71fcfe376f7f3e86193b8d9accdf6c94bc60675abcdb65141b0c5961072 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0 content-encoding gzip content-type text/html; charset=utf-8 date Wed, 04 Jan 2023 10:29:21 GMT server openresty statuscode 200 vary Accept-Encoding
GET H2	200	css fonts.googleapis.com/	6 KB 1 KB	114ms 45ms	Stylesheet text/css	2a00:1450:400d:807::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular&display=swap Requested by Host: lixi.vietmoney.vn URL: https://lixi.vietmoney.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 012deec03fbfd6c92c075b502ee777e094cd1a0cedb202a84cde1218b3b60fb4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://lixi.vietmoney.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 04 Jan 2023 10:29:22 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 04 Jan 2023 10:29:22 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 04 Jan 2023 10:29:22 GMT
GET H2	200	ladipage.vi.min.js Show response w.ladicdn.com/v2/source/	371 KB 90 KB	143ms 8ms	Script text/javascript	2400:52e0:1e00::1049:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1672808967521 Requested by Host: lixi.vietmoney.vn URL: https://lixi.vietmoney.vn/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1049:1 , Slovenia, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1049 / Resource Hash 9efd27f1e8bac281c859be82bd2551910335f104e7c9a33979371e7945b5f572 Request headers accept-language de-DE,de;q=0.9 Referer https://lixi.vietmoney.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 04 Jan 2023 10:29:22 GMT content-encoding br cdn-edgestorageid 864 perma-cache HIT cdn-storageserver NY-266 cdn-cachedat 01/04/2023 05:23:52 cdn-pullzone 575124 last-modified Wed, 04 Jan 2023 05:16:48 GMT server BunnyCDN-DE1-1049 cdn-fileserver 427 cdn-requestpullcode 200 cdn-proxyver 1.03 etag W/"63b50bc0-5cc1e" vary Accept-Encoding, Accept-Encoding content-type text/javascript cdn-cache HIT cdn-uid 595f2f5d-bafe-46b1-9efc-ee9b65944aba cache-control public, max-age=31919000 cdn-requestid ef12cb8c78e151fe35031b0b74a7e9e1 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	notify.svg w.ladicdn.com/source/	2 KB 1 KB	8ms 8ms	Image image/svg+xml	2400:52e0:1e00::1049:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/source/notify.svg Requested by Host: lixi.vietmoney.vn URL: https://lixi.vietmoney.vn/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1049:1 , Slovenia, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1049 / Resource Hash c950f9d8711acbcb718c05c7d12d9297acfd418b228382d45c92c36deab49b12 Request headers accept-language de-DE,de;q=0.9 Referer https://lixi.vietmoney.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 04 Jan 2023 10:29:22 GMT content-encoding br cdn-edgestorageid 864 perma-cache HIT cdn-storageserver NY-346 cdn-cachedat 11/18/2022 06:18:35 cdn-pullzone 575124 last-modified Sat, 15 Jan 2022 00:24:51 GMT server BunnyCDN-DE1-1049 cdn-fileserver 264 cdn-requestpullcode 200 cdn-proxyver 1.03 etag W/"61e21453-60b" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cdn-cache HIT cdn-uid 595f2f5d-bafe-46b1-9efc-ee9b65944aba access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid f79101d0abf3c2f063eb54c1f2c4c33a cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v34/	44 KB 44 KB	86ms 21ms	Font font/woff2	2a00:1450:400d:80c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://lixi.vietmoney.vn accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Mon, 02 Jan 2023 18:50:55 GMT x-content-type-options nosniff age 142707 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44856 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:20:18 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 02 Jan 2024 18:50:55 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 fonts.gstatic.com/s/opensans/v34/	31 KB 31 KB	110ms 49ms	Font font/woff2	2a00:1450:400d:80c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://lixi.vietmoney.vn accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Thu, 29 Dec 2022 22:03:03 GMT x-content-type-options nosniff age 476779 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31320 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:11:37 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 29 Dec 2023 22:03:03 GMT
GET H2	200	zalo.svg w.ladicdn.com/ladiui/icons/social/	6 KB 3 KB	8ms 8ms	Image image/svg+xml	2400:52e0:1e00::1049:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/ladiui/icons/social/zalo.svg Requested by Host: lixi.vietmoney.vn URL: https://lixi.vietmoney.vn/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1049:1 , Slovenia, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1049 / Resource Hash d522c0f1739c2d599f6eb70da117798fd659653f47fc5873d939ebb907591112 Request headers accept-language de-DE,de;q=0.9 Referer https://lixi.vietmoney.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 04 Jan 2023 10:29:22 GMT content-encoding br cdn-edgestorageid 1054 perma-cache HIT cdn-storageserver NY-430 cdn-cachedat 11/15/2022 10:41:06 cdn-pullzone 575124 last-modified Thu, 04 Aug 2022 07:22:12 GMT server BunnyCDN-DE1-1049 cdn-fileserver 266 cdn-requestpullcode 200 cdn-proxyver 1.03 etag W/"62eb73a4-180d" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cdn-cache HIT cdn-uid 595f2f5d-bafe-46b1-9efc-ee9b65944aba access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid 9c249c7e1cdbfd38d1c19d85ebab0fd8 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	facebook.svg w.ladicdn.com/ladiui/icons/social/	672 B 1 KB	9ms 8ms	Image image/svg+xml	2400:52e0:1e00::1049:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/ladiui/icons/social/facebook.svg Requested by Host: lixi.vietmoney.vn URL: https://lixi.vietmoney.vn/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1049:1 , Slovenia, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1049 / Resource Hash fc2816b915038ffed01a1c8df11f759a79bc5f4f480e369e1ab5b3583856075b Request headers accept-language de-DE,de;q=0.9 Referer https://lixi.vietmoney.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 04 Jan 2023 10:29:22 GMT content-encoding br cdn-edgestorageid 1054 perma-cache HIT cdn-storageserver NY-430 cdn-cachedat 11/15/2022 10:39:33 cdn-pullzone 575124 last-modified Thu, 04 Aug 2022 07:22:14 GMT server BunnyCDN-DE1-1049 cdn-fileserver 341 cdn-requestpullcode 200 cdn-proxyver 1.03 etag W/"62eb73a6-2a0" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cdn-cache HIT cdn-uid 595f2f5d-bafe-46b1-9efc-ee9b65944aba access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid 39510849cebea28294defdb00b304eed cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	logo-with-slogan-main-logo-22-20220720083637.png w.ladicdn.com/s550x400/628f5a3dfd2364002d03bd11/	69 KB 70 KB	27ms 26ms	Image image/png	2400:52e0:1e00::1049:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s550x400/628f5a3dfd2364002d03bd11/logo-with-slogan-main-logo-22-20220720083637.png Requested by Host: lixi.vietmoney.vn URL: https://lixi.vietmoney.vn/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1049:1 , Slovenia, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1049 / Resource Hash 5581db577a49594a8daa0eb3805cfc87d04e53525f5d309a07c6bec89fd5304b Request headers accept-language de-DE,de;q=0.9 Referer https://lixi.vietmoney.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 04 Jan 2023 10:29:22 GMT cdn-edgestorageid 1049 perma-cache HIT cdn-storageserver NY-266 cdn-cachedat 01/04/2023 06:59:22 cdn-pullzone 575124 content-length 70913 last-modified Wed, 17 Aug 2022 11:02:07 GMT server BunnyCDN-DE1-1049 cdn-fileserver 354 cdn-requestpullcode 200 cdn-proxyver 1.03 etag "62fccaaf-11501" content-type image/png access-control-allow-origin * cdn-cache HIT cdn-uid 595f2f5d-bafe-46b1-9efc-ee9b65944aba access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid 49f8f602a69b3db1e08365d0d276caf8 accept-ranges bytes cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	tien-20221229090905-v7art.png w.ladicdn.com/s450x450/628f5a3dfd2364002d03bd11/	198 KB 199 KB	23ms 22ms	Image image/png	2400:52e0:1e00::1049:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s450x450/628f5a3dfd2364002d03bd11/tien-20221229090905-v7art.png Requested by Host: lixi.vietmoney.vn URL: https://lixi.vietmoney.vn/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1049:1 , Slovenia, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1049 / Resource Hash fad988f0d7254a0f9516c938fe9d37da24ab87898bbcbb8672656a189d9b8c3d Request headers accept-language de-DE,de;q=0.9 Referer https://lixi.vietmoney.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 04 Jan 2023 10:29:22 GMT cdn-edgestorageid 1047 perma-cache HIT cdn-storageserver NY-266 cdn-cachedat 01/04/2023 06:59:22 cdn-pullzone 575124 content-length 203168 last-modified Fri, 30 Dec 2022 03:21:54 GMT server BunnyCDN-DE1-1049 cdn-fileserver 427 cdn-requestpullcode 200 cdn-proxyver 1.03 etag "63ae5952-319a0" content-type image/png access-control-allow-origin * cdn-cache HIT cdn-uid 595f2f5d-bafe-46b1-9efc-ee9b65944aba access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid 246563c655ad21b909add42c2ce1579b accept-ranges bytes cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	microsoftteams-image-117-20221230042235-i2u_b.png w.ladicdn.com/s800x900/628f5a3dfd2364002d03bd11/	887 KB 889 KB	130ms 129ms	Image image/png	2400:52e0:1e00::1049:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s800x900/628f5a3dfd2364002d03bd11/microsoftteams-image-117-20221230042235-i2u_b.png Requested by Host: lixi.vietmoney.vn URL: https://lixi.vietmoney.vn/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1049:1 , Slovenia, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1049 / Resource Hash c16bdfcd2d5b73f569e3107d0bb29feb90a3507007031fef3d245dee4d94fa79 Request headers accept-language de-DE,de;q=0.9 Referer https://lixi.vietmoney.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 04 Jan 2023 10:29:22 GMT cdn-edgestorageid 863 perma-cache HIT cdn-storageserver NY-266 cdn-cachedat 01/04/2023 10:29:22 cdn-pullzone 575124 content-length 908436 last-modified Wed, 04 Jan 2023 10:29:18 GMT server BunnyCDN-DE1-1049 cdn-fileserver 427 cdn-requestpullcode 200 cdn-proxyver 1.03 etag "63b554fe-ddc94" content-type image/png access-control-allow-origin * cdn-cache MISS cdn-uid 595f2f5d-bafe-46b1-9efc-ee9b65944aba access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid c40c4f953539b89f86bb30aad020641c accept-ranges bytes cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	microsoftteams-image-128-20221230091405-4qymv.png w.ladicdn.com/s550x550/628f5a3dfd2364002d03bd11/	173 KB 174 KB	109ms 108ms	Image image/png	2400:52e0:1e00::1049:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s550x550/628f5a3dfd2364002d03bd11/microsoftteams-image-128-20221230091405-4qymv.png Requested by Host: lixi.vietmoney.vn URL: https://lixi.vietmoney.vn/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1049:1 , Slovenia, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1049 / Resource Hash 91f5d00a24644fc4205574cd16e21200f3049b0c511c7a33692215b245370073 Request headers accept-language de-DE,de;q=0.9 Referer https://lixi.vietmoney.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 04 Jan 2023 10:29:22 GMT cdn-edgestorageid 756 perma-cache HIT cdn-storageserver NY-346 cdn-cachedat 01/04/2023 10:29:22 cdn-pullzone 575124 content-length 177410 last-modified Wed, 04 Jan 2023 10:29:17 GMT server BunnyCDN-DE1-1049 cdn-fileserver 266 cdn-requestpullcode 200 cdn-proxyver 1.03 etag "63b554fd-2b502" content-type image/png access-control-allow-origin * cdn-cache MISS cdn-uid 595f2f5d-bafe-46b1-9efc-ee9b65944aba access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid 17dedff5dd579065362dd9182781cd04 accept-ranges bytes cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	microsoftteams-image-119-20221230071601-c68rt.png w.ladicdn.com/s750x450/628f5a3dfd2364002d03bd11/	133 KB 134 KB	1884ms 1883ms	Image image/png	2400:52e0:1e00::1049:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s750x450/628f5a3dfd2364002d03bd11/microsoftteams-image-119-20221230071601-c68rt.png Requested by Host: lixi.vietmoney.vn URL: https://lixi.vietmoney.vn/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1049:1 , Slovenia, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1049 / Resource Hash abd711d60be78da977b5f635e4574fdc8bd9a5fc1208d08b05c6c0c8ca39ff1b Request headers accept-language de-DE,de;q=0.9 Referer https://lixi.vietmoney.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 04 Jan 2023 10:29:24 GMT cdn-edgestorageid 864 perma-cache HIT cdn-storageserver NY-267 cdn-cachedat 01/04/2023 10:29:23 cdn-pullzone 575124 content-length 135975 last-modified Wed, 04 Jan 2023 10:29:19 GMT server BunnyCDN-DE1-1049 cdn-fileserver 426 cdn-requestpullcode 200 cdn-proxyver 1.03 etag "63b554ff-21327" content-type image/png access-control-allow-origin * cdn-cache MISS cdn-uid 595f2f5d-bafe-46b1-9efc-ee9b65944aba access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid 25f50bfe46a80486db39cd52c4be5829 accept-ranges bytes cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	hoa-dao-roi-20221229090832-0qzd-.png w.ladicdn.com/s400x350/628f5a3dfd2364002d03bd11/	181 KB 182 KB	108ms 108ms	Image image/png	2400:52e0:1e00::1049:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s400x350/628f5a3dfd2364002d03bd11/hoa-dao-roi-20221229090832-0qzd-.png Requested by Host: lixi.vietmoney.vn URL: https://lixi.vietmoney.vn/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1049:1 , Slovenia, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1049 / Resource Hash 34317680356282d1e95750fb797e06fb140e68329184331e672b7d2e0163ea18 Request headers accept-language de-DE,de;q=0.9 Referer https://lixi.vietmoney.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 04 Jan 2023 10:29:22 GMT cdn-edgestorageid 1075 perma-cache HIT cdn-storageserver NY-266 cdn-cachedat 01/04/2023 10:29:22 cdn-pullzone 575124 content-length 185435 last-modified Wed, 04 Jan 2023 10:29:18 GMT server BunnyCDN-DE1-1049 cdn-fileserver 426 cdn-requestpullcode 200 cdn-proxyver 1.03 etag "63b554fe-2d45b" content-type image/png access-control-allow-origin * cdn-cache MISS cdn-uid 595f2f5d-bafe-46b1-9efc-ee9b65944aba access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid cd4929e0765a8a46bf3f606db4db9918 accept-ranges bytes cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	ladipage.min.css w.ladicdn.com/v2/source/	66 KB 9 KB	26ms 25ms	Stylesheet text/css	2400:52e0:1e00::1049:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://w.ladicdn.com/v2/source/ladipage.min.css?v=1672808967521 Requested by Host: lixi.vietmoney.vn URL: https://lixi.vietmoney.vn/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1049:1 , Slovenia, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1049 / Resource Hash cdf280f70a1b4ee57e3451e5aecb0d56269e5feec54513bed76598df05acabdf Request headers accept-language de-DE,de;q=0.9 Referer https://lixi.vietmoney.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 04 Jan 2023 10:29:22 GMT content-encoding br cdn-edgestorageid 1077 perma-cache HIT cdn-storageserver NY-430 cdn-cachedat 01/04/2023 09:20:09 cdn-pullzone 575124 last-modified Wed, 04 Jan 2023 05:16:47 GMT server BunnyCDN-DE1-1049 cdn-fileserver 266 cdn-requestpullcode 200 cdn-proxyver 1.03 etag W/"63b50bbf-1071b" vary Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 595f2f5d-bafe-46b1-9efc-ee9b65944aba access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid e5f3bf8b812de9823f81224877c8e388 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	sdk.js Show response w.ladicdn.com/ladichat/	763 B 943 B	81ms 81ms	Script text/javascript	2400:52e0:1e00::1049:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://w.ladicdn.com/ladichat/sdk.js Requested by Host: lixi.vietmoney.vn URL: https://lixi.vietmoney.vn/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1049:1 , Slovenia, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1049 / Resource Hash b64036116bf5824ee8150b1da696a6c8dfd4854d07901ceced4de34b9e48c4c7 Request headers accept-language de-DE,de;q=0.9 Referer https://lixi.vietmoney.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 04 Jan 2023 10:29:22 GMT content-encoding br cdn-edgestorageid 863 perma-cache HIT cdn-storageserver NY-266 cdn-cachedat 11/23/2022 09:39:30 cdn-pullzone 575124 last-modified Wed, 23 Nov 2022 09:38:40 GMT server BunnyCDN-DE1-1049 cdn-fileserver 354 cdn-requestpullcode 200 cdn-proxyver 1.03 etag W/"637dea20-2fb" vary Accept-Encoding, Accept-Encoding content-type text/javascript cdn-cache HIT cdn-uid 595f2f5d-bafe-46b1-9efc-ee9b65944aba cache-control public, max-age=31919000 cdn-requestid 726a43fa65cd4b502536b2c54f48eb6d cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
OPTIONS H2	200	event a.ladipage.com/	0 0	641ms 166ms	Preflight application/json	13.215.210.217 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://a.ladipage.com/event Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.215.210.217 , Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-215-210-217.ap-southeast-1.compute.amazonaws.com Software / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,ladi_camp_form_submit,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_page_view Access-Control-Request-Method POST Origin https://lixi.vietmoney.vn Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily access-control-allow-methods POST, OPTIONS access-control-allow-origin * access-control-max-age 2592000 content-encoding gzip content-type application/json; charset=utf-8 date Wed, 04 Jan 2023 10:29:22 GMT vary Accept-Encoding x-content-type-options nosniff x-download-options noopen x-frame-options SAMEORIGIN x-xss-protection 0
GET H2	200	tq Show response docs.google.com/spreadsheets/d/1qp2hMsiLLyZAIV-DbSH5Si6p-v9-UQlSF_UMg3IELfY/gviz/	3 KB 2 KB	434ms 358ms	XHR application/javascript	2a00:1450:400d:80d::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://docs.google.com/spreadsheets/d/1qp2hMsiLLyZAIV-DbSH5Si6p-v9-UQlSF_UMg3IELfY/gviz/tq?tqx=out:json Requested by Host: w.ladicdn.com URL: https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1672808967521 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash ba71bf506c5594413c0368b8ce929711b13a3bede1acc4f91e1173236727a074 Security Headers Name Value Content-Security-Policy base-uri 'self';object-src 'self';report-uri https://docs.google.com/spreadsheets/cspreport;script-src 'report-sample' 'nonce-bs3YBh9UYTtHjY8mG0tLkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob: X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://lixi.vietmoney.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 04 Jan 2023 10:29:22 GMT content-encoding gzip x-content-type-options nosniff content-security-policy base-uri 'self';object-src 'self';report-uri https://docs.google.com/spreadsheets/cspreport;script-src 'report-sample' 'nonce-bs3YBh9UYTtHjY8mG0tLkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob: p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." content-disposition attachment; filename="json.txt"; filename*=UTF-8''json.txt alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 1; mode=block pragma no-cache server GSE content-type application/javascript; charset=utf-8 access-control-allow-origin https://lixi.vietmoney.vn access-control-expose-headers Cache-Control,Content-Disposition,Content-Encoding,Content-Length,Content-Type,Date,Expires,Pragma,Server,Transfer-Encoding cache-control no-cache, no-store, max-age=0, must-revalidate x-robots-tag noindex, nofollow, nosnippet expires Mon, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated /	385 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0d43791134e2e13160c0f0ad2a1b60831798f279d51728750ab7a5e3adce156a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/svg+xml
POST H2	200	event Show response a.ladipage.com/	106 B 632 B	168ms 168ms	XHR text/plain	13.215.210.217 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://a.ladipage.com/event Requested by Host: w.ladicdn.com URL: https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1672808967521 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.215.210.217 , Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-215-210-217.ap-southeast-1.compute.amazonaws.com Software / Resource Hash 4fa02c92c32cd79f96f6032cd26baa89f69748297451280bde4851c486b4c843 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers LADI_CLIENT_ID 7231b93c-8ee9-49b1-583f-a2cd88525a58 LADI_CAMP_ORIGIN_URL LADI_FORM_SUBMIT 0 LADI_CAMP_ID LADI_CAMP_FORM_SUBMIT 0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 LADI_CAMP_NAME Content-Type application/json accept-language de-DE,de;q=0.9 LADI_CAMP_TARGET_URL LADI_CAMP_PAGE_VIEW 0 Referer https://lixi.vietmoney.vn/ LADI_PAGE_VIEW 1 LADI_CAMP_TYPE Response headers date Wed, 04 Jan 2023 10:29:23 GMT x-content-type-options nosniff x-download-options noopen x-frame-options SAMEORIGIN access-control-allow-methods POST, OPTIONS content-type text/plain; charset=utf-8 access-control-allow-origin * access-control-max-age 2592000 access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily x-xss-protection 0
GET H2	200	xfbml.customerchat.js Show response connect.facebook.net/vi_VN/sdk/	315 KB 90 KB	28ms 10ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/vi_VN/sdk/xfbml.customerchat.js Requested by Host: lixi.vietmoney.vn URL: https://lixi.vietmoney.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 2abc1fb0ec049e66b90e1c4a9e0ffe036226d65432196a6c5c96b6f8b26859c2 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://lixi.vietmoney.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Wed, 04 Jan 2023 10:29:22 GMT content-md5 Q13FUBDKVULqBW3dEhYOPA== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 91180 x-fb-rlafr 0 x-fb-debug PmjKrOJhz2iN5DWbS+f5BJiZuUAoVjyCw8ir4ongvg5VjlYo3drBPCfjaD+ekmu1hPhgsM1oX2BbtWuEqjGU6A== x-fb-trip-id 917726464 x-fb-content-md5 fefbfdcddb481abeb0ef459995752da0 cross-origin-opener-policy same-origin-allow-popups etag "a9c4e1e453fe6ba78c63412372799789" vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 timing-allow-origin * expires Wed, 04 Jan 2023 10:40:27 GMT
GET H2	200	ladichat.min.js Show response w.ladicdn.com/ladichat/	321 KB 87 KB	2400ms 2400ms	Script text/javascript	2400:52e0:1e00::1049:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://w.ladicdn.com/ladichat/ladichat.min.js?ver=1672828162370 Requested by Host: w.ladicdn.com URL: https://w.ladicdn.com/ladichat/sdk.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1049:1 , Slovenia, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1049 / Resource Hash 6ba5ff4348cb22159aff1a61937863ae4c76b850950f38d0581e93d251cb7a86 Request headers accept-language de-DE,de;q=0.9 Referer https://lixi.vietmoney.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers cdn-storagebalancer NY-346 date Wed, 04 Jan 2023 10:29:24 GMT content-encoding br cdn-edgestorageid 1077 perma-cache MISS cdn-cachedat 01/04/2023 10:29:24 cdn-pullzone 575124 server BunnyCDN-DE1-1049 cdn-proxyver 1.03 cdn-requestpullcode 200 vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET content-type text/javascript access-control-allow-origin * cdn-cache MISS cdn-uid 595f2f5d-bafe-46b1-9efc-ee9b65944aba access-control-max-age 2592000 access-control-allow-credentials true cache-control public, max-age=31919000 cdn-requestid cab6e7f81cd7c1ce3c902a7a5c120f6a cdn-requestcountrycode DE access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials cdn-status 200 cdn-requestpullsuccess True
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 fonts.gstatic.com/s/opensans/v34/	14 KB 14 KB	22ms 21ms	Font font/woff2	2a00:1450:400d:80c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 84197a92671b7b7c8715220cea35354699c6221113c0ff531ff087ab8a8aa9e6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://lixi.vietmoney.vn accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Mon, 02 Jan 2023 20:19:03 GMT x-content-type-options nosniff age 137419 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14040 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:14:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 02 Jan 2024 20:19:03 GMT
GET H2	200	62de65c2e890d8001236d2a3-637edb8cf1e5bd0020b225b1.json Show response g.ladicdn.com/ladichat-sdk/	5 KB 2 KB	536ms 161ms	XHR text/plain	18.138.206.213 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://g.ladicdn.com/ladichat-sdk/62de65c2e890d8001236d2a3-637edb8cf1e5bd0020b225b1.json?v=1672828166047 Requested by Host: w.ladicdn.com URL: https://w.ladicdn.com/ladichat/ladichat.min.js?ver=1672828162370 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.138.206.213 , Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-138-206-213.ap-southeast-1.compute.amazonaws.com Software openresty / Resource Hash 0c4d98529b25d522468f6019401490ea62599177f00eb360b3badc3d697bb64c Request headers accept-language de-DE,de;q=0.9 Referer https://lixi.vietmoney.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 04 Jan 2023 10:29:26 GMT content-encoding gzip last-modified Thu, 24 Nov 2022 04:54:05 GMT server openresty vary Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin * statuscode 200
GET H2	200	/ Show response socialplugin.facebook.net/new_domain_gating/	40 B 879 B	212ms 108ms	XHR application/json	2a03:2880:f02d:e:face:b00c:0:2 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://socialplugin.facebook.net/new_domain_gating/?endpoint=customerchat&page_id=1563152970659291&suppress_http_code=1 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/vi_VN/sdk/xfbml.customerchat.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash cdaab024c0121953419a4a1094ffe2ee9a902df55ee79d792e411bac835b9134 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://lixi.vietmoney.vn/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding br x-content-type-options nosniff date Wed, 04 Jan 2023 10:29:26 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-fb-rlafr 0 x-xss-protection 0 pragma no-cache x-fb-debug owpNzyWtEEHGof8gDxihpN41Yn6EuHoeLaSdAhOmzmucmIpkRLUvttTkj+BhG09ctiS8iRCJv9zP21z8WsXsVg== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/json; charset=utf-8 access-control-allow-origin https://lixi.vietmoney.vn cache-control private, no-cache, no-store, must-revalidate priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ Show response www.facebook.com/plugins/customer_chat/SDK/	0 3 KB	160ms 144ms	XHR text/html	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df397ff765781b3%26domain%3Dlixi.vietmoney.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flixi.vietmoney.vn%252Ff35fc24d1920ef%26relation%3Dparent.parent&current_url=https%3A%2F%2Flixi.vietmoney.vn%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=vi_VN&log_id=3e99a1de-dc43-40e9-a50f-3e302ee73f7f&page_id=1563152970659291&request_time=1672828166276&sdk=joey&should_use_new_domain=false&suppress_http_code=1 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/vi_VN/sdk/xfbml.customerchat.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://lixi.vietmoney.vn/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; strict-transport-security max-age=15552000; preload x-content-type-options nosniff date Wed, 04 Jan 2023 10:29:26 GMT document-policy force-load-at-top content-security-policy-report-only default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; alt-svc h3=":443"; ma=86400 content-length 0 x-fb-rlafr 0 x-xss-protection 0 pragma no-cache x-fb-debug cEV2FWeZl6YdmSAhCuT7xrACqVnAAa9tfs0jPZasbWr6GBgTJYrs0RxR8Pp+oaKFfypLAUNzL8EvBMTm6+f3EA== cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY report-to {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} content-type text/html; charset="utf-8" access-control-allow-origin https://lixi.vietmoney.vn cache-control private, no-cache, no-store, must-revalidate expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ Show response www.facebook.com/plugins/customer_chat/facade/	1 KB 923 B	388ms 373ms	XHR application/json	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/plugins/customer_chat/facade/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df397ff765781b3%26domain%3Dlixi.vietmoney.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flixi.vietmoney.vn%252Ff35fc24d1920ef%26relation%3Dparent.parent&current_url=https%3A%2F%2Flixi.vietmoney.vn%2F&is_loaded_by_facade=true&locale=vi_VN&log_id=3e99a1de-dc43-40e9-a50f-3e302ee73f7f&page_id=1563152970659291&request_time=1672828166276&sdk=joey&should_use_new_domain=false&suppress_http_code=1 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/vi_VN/sdk/xfbml.customerchat.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e4d1c023f59d599e8987a6572987efe4bb9c4057daa02282bbf0060854273a88 Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://lixi.vietmoney.vn/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; content-encoding br x-content-type-options nosniff strict-transport-security max-age=15552000; preload date Wed, 04 Jan 2023 10:29:26 GMT document-policy force-load-at-top content-security-policy-report-only default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; alt-svc h3=":443"; ma=86400 x-fb-rlafr 0 x-xss-protection 0 pragma no-cache x-fb-debug UoGBavHVlitl8SArjXYKNdnIk2z73Y1C0rV3TEjbFf3Dg5FV1fJdtT4f4qZks7IyUcQqdPML0M0212IHVcjy4Q== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} content-type application/json; charset=utf-8 access-control-allow-origin https://lixi.vietmoney.vn cache-control private, no-cache, no-store, must-revalidate x-frame-options DENY priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	/ Show response www.facebook.com/plugins/customer_chat/SDK/	0 31 B	127ms 117ms	XHR text/html	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df397ff765781b3%26domain%3Dlixi.vietmoney.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flixi.vietmoney.vn%252Ff35fc24d1920ef%26relation%3Dparent.parent&current_url=https%3A%2F%2Flixi.vietmoney.vn%2F&event_name=chat_plugin_sdk_facade_load&is_loaded_by_facade=true&loading_time=392&locale=vi_VN&log_id=3e99a1de-dc43-40e9-a50f-3e302ee73f7f&page_id=1563152970659291&request_time=1672828166668&sdk=joey&should_use_new_domain=false&suppress_http_code=1 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/vi_VN/sdk/xfbml.customerchat.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://lixi.vietmoney.vn/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; strict-transport-security max-age=15552000; preload x-content-type-options nosniff date Wed, 04 Jan 2023 10:29:26 GMT document-policy force-load-at-top content-security-policy-report-only default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; alt-svc h3=":443"; ma=86400 content-length 0 x-fb-rlafr 0 x-xss-protection 0 pragma no-cache x-fb-debug MiflYJt8cYVftu8g8GR8qO5wNWkYiOwcI/18BZ7Wpf5gLPU1/lPAROLEkcUraPMOXIrlj4E+uJEqDEb37yGTKQ== cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY report-to {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} content-type text/html; charset="utf-8" access-control-allow-origin https://lixi.vietmoney.vn cache-control private, no-cache, no-store, must-revalidate priority u=1 expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	200	new-session Show response api.ladichat.com/1.0/auth/	680 B 2 KB	195ms 194ms	XHR application/json	3.1.75.19
General Check archive.org Show headers Download Go to Full URL https://api.ladichat.com/1.0/auth/new-session Requested by Host: w.ladicdn.com URL: https://w.ladicdn.com/ladichat/ladichat.min.js?ver=1672828162370 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.1.75.19 -, , ASN (), Reverse DNS Software / Resource Hash bfcff388b085c6115a106b223877514780c86089232baf762524eb7822146141 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://lixi.vietmoney.vn/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type application/json Response headers date Wed, 04 Jan 2023 10:29:27 GMT x-content-type-options nosniff x-download-options noopen x-frame-options SAMEORIGIN access-control-allow-methods PUT, GET, POST, DELETE, OPTIONS content-type application/json access-control-allow-origin * access-control-max-age 2592000 access-control-allow-credentials true x-ratelimit-reset 1672828168 x-ratelimit-limit 10 access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials, store-id, session-key x-ratelimit-remaining 9 x-xss-protection 1; mode=block
OPTIONS H2	200	new-session api.ladichat.com/1.0/auth/	0 0	704ms 165ms	Preflight application/json	3.1.75.19
General Check archive.org Show headers Download Go to Full URL https://api.ladichat.com/1.0/auth/new-session Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.1.75.19 -, , ASN (), Reverse DNS Software / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://lixi.vietmoney.vn Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials, store-id, session-key access-control-allow-methods PUT, GET, POST, DELETE, OPTIONS access-control-allow-origin * access-control-max-age 2592000 content-encoding gzip content-type application/json; charset=utf-8 date Wed, 04 Jan 2023 10:29:27 GMT vary Accept-Encoding x-content-type-options nosniff x-download-options noopen x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
POST H2	200	my-info Show response api.ladichat.com/1.0/auth/	708 B 2 KB	178ms 177ms	XHR application/json	3.1.75.19
General Check archive.org Show headers Download Go to Full URL https://api.ladichat.com/1.0/auth/my-info Requested by Host: w.ladicdn.com URL: https://w.ladicdn.com/ladichat/ladichat.min.js?ver=1672828162370 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.1.75.19 -, , ASN (), Reverse DNS Software / Resource Hash 0527e7768ffee8fc93e0e50fc438c7ef63804be84c473e812fe54e224047f840 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://lixi.vietmoney.vn/ session-key a485f0259d2031155632e402f35745f92c38688333760c7263aecd7d0e30cb588e5c3d660f2e3636ffade9f53420c9b915128b28776b510f031c631f663cdb1b2d22e12e24c9d9a8fcfefaf98d0ccf2518846f68f53b6b850a9d7b669acda6d848897da90a3f007a68edcbde9732646b29382418ecb155069ddc5b33d237fc0f230f1d6f8aa45714f4cd5ca9cda14ff79a860cc9c8f47720dbf274f44fa2d2e763a87d8fa8953917ed4299d9bbcc0c58c39c85691fe828108916ae4a2304b7353f626590d26781aa12c1f1dbd8458d0b05f82cc958032600773f4fea697f9b66528d2208d423159bd06d089460bcb5b292f77910d61332f360e930979c124c059ac1710159f87ec9246038b54ceed92e234440a84e5f6beba0718e94ed236c60a6b460356fb5e76e0315d8599b0ed345 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type application/json Response headers date Wed, 04 Jan 2023 10:29:27 GMT x-content-type-options nosniff x-download-options noopen x-frame-options SAMEORIGIN access-control-allow-methods PUT, GET, POST, DELETE, OPTIONS content-type application/json access-control-allow-origin * access-control-max-age 2592000 access-control-allow-credentials true x-ratelimit-reset 1672828168 x-ratelimit-limit 10 access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials, store-id, session-key x-ratelimit-remaining 9 x-xss-protection 1; mode=block
OPTIONS H2	200	my-info api.ladichat.com/1.0/auth/	0 0	166ms 165ms	Preflight application/json	3.1.75.19
General Check archive.org Show headers Download Go to Full URL https://api.ladichat.com/1.0/auth/my-info Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.1.75.19 -, , ASN (), Reverse DNS Software / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers content-type,session-key Access-Control-Request-Method POST Origin https://lixi.vietmoney.vn Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials, store-id, session-key access-control-allow-methods PUT, GET, POST, DELETE, OPTIONS access-control-allow-origin * access-control-max-age 2592000 content-encoding gzip content-type application/json; charset=utf-8 date Wed, 04 Jan 2023 10:29:27 GMT vary Accept-Encoding x-content-type-options nosniff x-download-options noopen x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
GET H2	200	li-xi-20221230094132-jhi9p.png w.ladicdn.com/s250x250/628f5a3dfd2364002d03bd11/	59 KB 60 KB	125ms 125ms	Image image/png	2400:52e0:1e00::1049:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s250x250/628f5a3dfd2364002d03bd11/li-xi-20221230094132-jhi9p.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1049:1 , Slovenia, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1049 / Resource Hash c51ea5d19d76614f31bcf7a2b16e495e304090b76ddc42f5459b6c5177c945a5 Request headers accept-language de-DE,de;q=0.9 Referer https://lixi.vietmoney.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 04 Jan 2023 10:29:27 GMT cdn-edgestorageid 1053 perma-cache HIT cdn-storageserver NY-266 cdn-cachedat 01/04/2023 10:29:27 cdn-pullzone 575124 content-length 60571 last-modified Wed, 04 Jan 2023 10:29:23 GMT server BunnyCDN-DE1-1049 cdn-fileserver 427 cdn-requestpullcode 200 cdn-proxyver 1.03 etag "63b55503-ec9b" content-type image/png access-control-allow-origin * cdn-cache MISS cdn-uid 595f2f5d-bafe-46b1-9efc-ee9b65944aba access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid 3ff1c1620b9af9c9480b7f0081946d1f accept-ranges bytes cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	62de65c2e890d8001236d2a3-637edb8cf1e5bd0020b225b1.json Show response g.ladicdn.com/ladichat-sdk/	5 KB 2 KB	161ms 161ms	XHR text/plain	18.138.206.213 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://g.ladicdn.com/ladichat-sdk/62de65c2e890d8001236d2a3-637edb8cf1e5bd0020b225b1.json?v=1672828167995 Requested by Host: w.ladicdn.com URL: https://w.ladicdn.com/ladichat/ladichat.min.js?ver=1672828162370 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.138.206.213 , Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-138-206-213.ap-southeast-1.compute.amazonaws.com Software openresty / Resource Hash 0c4d98529b25d522468f6019401490ea62599177f00eb360b3badc3d697bb64c Request headers accept-language de-DE,de;q=0.9 Referer https://lixi.vietmoney.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 04 Jan 2023 10:29:28 GMT content-encoding gzip last-modified Thu, 24 Nov 2022 04:54:05 GMT server openresty vary Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin * statuscode 200
POST		get-config api.ladichat.com/1.0/store/	0 0
OPTIONS		get-config api.ladichat.com/1.0/store/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

api.ladichat.com

URL

https://api.ladichat.com/1.0/store/get-config

Domain

api.ladichat.com

URL

https://api.ladichat.com/1.0/store/get-config

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| ladi_viewport boolean| ladi_is_desktop function| ladi_fbq function| LadiPageScriptV2 object| Base64 object| LadiPageScript object| LadiFormApi object| LadiPageCommand function| equalsLadiPage function| isObjectLadiPage function| isArrayLadiPage function| isFunctionLadiPage function| isBooleanLadiPage function| isStringLadiPage function| isEmptyLadiPage function| isNullLadiPage function| parseFloatLadiPage function| decodeURIComponentLadiPage function| lightbox_run function| lightbox_iframe function| lightbox_image function| lightbox_video function| LadiPageLibraryV2 function| LadiPageAppV2 function| ladi object| LadiPageApp object| chatbox function| fbAsyncInit string| SDK_URL object| FB function| StaticConfig object| linkify function| linkifyElement function| io object| LadiChat object| LadiChat_Helper object| LadiChat_Config object| LadiChat_Static_Config

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			lixi.vietmoney.vn/	1970-01-20 18:16:28	Name: LADI_DNS_CHECK Value: "2023-01-04 10:29:21.996466181 +0000 UTC m=+598200.693191528"
			lixi.vietmoney.vn/	1970-01-20 18:16:28	Name: LADI_CLIENT_ID Value: 7231b93c-8ee9-49b1-583f-a2cd88525a58
			lixi.vietmoney.vn/	1970-01-20 18:16:28	Name: LADI_FORM_SUBMIT Value: 0
			lixi.vietmoney.vn/	1970-01-20 18:16:28	Name: LADI_PAGE_VIEW Value: 1
			lixi.vietmoney.vn/	1970-01-20 08:41:54	Name: _timenow Value: 1672828162328

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ladipage.com
api.ladichat.com
connect.facebook.net
docs.google.com
fonts.googleapis.com
fonts.gstatic.com
g.ladicdn.com
lixi.vietmoney.vn
socialplugin.facebook.net
w.ladicdn.com
www.facebook.com
api.ladichat.com
13.215.210.217
18.138.206.213
2400:52e0:1e00::1049:1
2a00:1450:400d:807::200a
2a00:1450:400d:80c::2003
2a00:1450:400d:80d::200e
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:e:face:b00c:0:2
2a03:2880:f12d:83:face:b00c:0:25de
3.1.75.19
012deec03fbfd6c92c075b502ee777e094cd1a0cedb202a84cde1218b3b60fb4
0527e7768ffee8fc93e0e50fc438c7ef63804be84c473e812fe54e224047f840
0c4d98529b25d522468f6019401490ea62599177f00eb360b3badc3d697bb64c
0d43791134e2e13160c0f0ad2a1b60831798f279d51728750ab7a5e3adce156a
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95
2abc1fb0ec049e66b90e1c4a9e0ffe036226d65432196a6c5c96b6f8b26859c2
34317680356282d1e95750fb797e06fb140e68329184331e672b7d2e0163ea18
4fa02c92c32cd79f96f6032cd26baa89f69748297451280bde4851c486b4c843
5581db577a49594a8daa0eb3805cfc87d04e53525f5d309a07c6bec89fd5304b
6ba5ff4348cb22159aff1a61937863ae4c76b850950f38d0581e93d251cb7a86
84197a92671b7b7c8715220cea35354699c6221113c0ff531ff087ab8a8aa9e6
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
91f5d00a24644fc4205574cd16e21200f3049b0c511c7a33692215b245370073
9efd27f1e8bac281c859be82bd2551910335f104e7c9a33979371e7945b5f572
abd711d60be78da977b5f635e4574fdc8bd9a5fc1208d08b05c6c0c8ca39ff1b
b3fcc71fcfe376f7f3e86193b8d9accdf6c94bc60675abcdb65141b0c5961072
b64036116bf5824ee8150b1da696a6c8dfd4854d07901ceced4de34b9e48c4c7
ba71bf506c5594413c0368b8ce929711b13a3bede1acc4f91e1173236727a074
bfcff388b085c6115a106b223877514780c86089232baf762524eb7822146141
c16bdfcd2d5b73f569e3107d0bb29feb90a3507007031fef3d245dee4d94fa79
c51ea5d19d76614f31bcf7a2b16e495e304090b76ddc42f5459b6c5177c945a5
c950f9d8711acbcb718c05c7d12d9297acfd418b228382d45c92c36deab49b12
cdaab024c0121953419a4a1094ffe2ee9a902df55ee79d792e411bac835b9134
cdf280f70a1b4ee57e3451e5aecb0d56269e5feec54513bed76598df05acabdf
d522c0f1739c2d599f6eb70da117798fd659653f47fc5873d939ebb907591112
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d1c023f59d599e8987a6572987efe4bb9c4057daa02282bbf0060854273a88
fad988f0d7254a0f9516c938fe9d37da24ab87898bbcbb8672656a189d9b8c3d
fc2816b915038ffed01a1c8df11f759a79bc5f4f480e369e1ab5b3583856075b