Submitted URL: http://baodantri.com.vn/chung-khoan-nhan-qua
Effective URL: https://inves.nextevent.vn/dtk
Submission: On June 18 via api from BE

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 32 HTTP transactions. The main IP is 52.221.6.123, located in Singapore, Singapore and belongs to AMAZON-02, US. The main domain is inves.nextevent.vn.
TLS certificate: Issued by R3 on May 24th 2021. Valid for: 3 months.
This is the only time inves.nextevent.vn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 45.252.250.10 63760 (AZDIGI-AS...)
1 52.221.6.123 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
14 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 54.169.13.63 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 52.77.4.114 16509 (AMAZON-02)
1 13.251.251.159 16509 (AMAZON-02)
32 9
Domain Requested by
14 w.ladicdn.com inves.nextevent.vn
12 fonts.gstatic.com fonts.googleapis.com
2 a.ladipage.com w.ladicdn.com
2 static.ladipage.net 2 redirects
1 g.ladicdn.com w.ladicdn.com
1 img.youtube.com inves.nextevent.vn
1 fonts.googleapis.com inves.nextevent.vn
1 inves.nextevent.vn
1 baodantri.com.vn 1 redirects
32 9

This site contains links to these domains. Also see Links.

Domain
zoom.us
Subject Issuer Validity Valid
inves.nextevent.vn
R3
2021-05-24 -
2021-08-22
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2021-05-24 -
2021-08-16
3 months crt.sh
ladicdn.com
Cloudflare Inc ECC CA-3
2021-06-12 -
2022-06-11
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
*.google.com
GTS CA 1C3
2021-05-17 -
2021-08-09
3 months crt.sh
g.ladicdn.com
R3
2021-06-05 -
2021-09-03
3 months crt.sh
a.ladipage.com
Amazon
2020-07-31 -
2021-08-30
a year crt.sh

This page contains 1 frames:

Primary Page: https://inves.nextevent.vn/dtk
Frame ID: 3A82A6128F4D1D1EA928FFB7D0AE496D
Requests: 32 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://baodantri.com.vn/chung-khoan-nhan-qua HTTP 307
    https://inves.nextevent.vn/dtk Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

32
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

9
Subdomains

9
IPs

4
Countries

1050 kB
Transfer

1520 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://baodantri.com.vn/chung-khoan-nhan-qua HTTP 307
    https://inves.nextevent.vn/dtk Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://static.ladipage.net/source/notify.svg HTTP 301
  • https://w.ladicdn.com/source/notify.svg
Request Chain 29
  • https://static.ladipage.net/source/notify.svg HTTP 301
  • https://w.ladicdn.com/source/notify.svg

32 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request dtk
inves.nextevent.vn/
Redirect Chain
  • http://baodantri.com.vn/chung-khoan-nhan-qua
  • https://inves.nextevent.vn/dtk
240 KB
34 KB
Document
General
Full URL
https://inves.nextevent.vn/dtk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.6.123 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
084c00e315311e0f96382851a07e8b8c5b9cc2d14b39f763fce3f20b8f223c88

Request headers

:method
GET
:authority
inves.nextevent.vn
:scheme
https
:path
/dtk
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
openresty
date
Fri, 18 Jun 2021 01:57:00 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
set-cookie
LADI_CLIENT_ID=d75fd8e2-a436-41fd-7298-67bd83dc537d; Expires=Mon, 16 Jun 2031 01:57:00 GMT LADI_PAGE_VIEW=0; Path=/dtk; Expires=Mon, 16 Jun 2031 01:57:00 GMT LADI_PAGE_VIEW_PATH=0; Path=/dtk; Expires=Mon, 16 Jun 2031 01:57:00 GMT LADI_FORM_SUBMIT=0; Path=/dtk; Expires=Mon, 16 Jun 2031 01:57:00 GMT LADI_FORM_SUBMIT_PATH=0; Path=/dtk; Expires=Mon, 16 Jun 2031 01:57:00 GMT LADI_PAGE_VIEW=1; Path=/dtk; Expires=Mon, 16 Jun 2031 01:57:00 GMT LADI_PAGE_VIEW_PATH=1; Path=/dtk; Expires=Mon, 16 Jun 2031 01:57:00 GMT LADI_CAMP_ID=; Path=/dtk; Max-Age=0 LADI_CAMP_NAME=; Path=/dtk; Max-Age=0 LADI_CAMP_TYPE=; Path=/dtk; Max-Age=0 LADI_CAMP_ORIGIN_URL=; Path=/dtk; Max-Age=0 LADI_CAMP_TARGET_URL=; Path=/dtk; Max-Age=0 LADI_CAMP_PAGE_VIEW=; Path=/dtk; Max-Age=0 LADI_CAMP_PAGE_VIEW_PATH=; Path=/dtk; Max-Age=0 LADI_CAMP_FORM_SUBMIT=; Path=/dtk; Max-Age=0 LADI_CAMP_FORM_SUBMIT_PATH=; Path=/dtk; Max-Age=0 LADI_CAMP_BEHAVIOR_PAGE_VIEW=; Path=/dtk; Max-Age=0 LADI_CAMP_BEHAVIOR_PAGE_VIEW_PATH=; Path=/dtk; Max-Age=0 LADI_CAMP_BEHAVIOR_FORMSUBMIT=; Path=/dtk; Max-Age=0 LADI_CAMP_BEHAVIOR_FORMSUBMIT_PATH=; Path=/dtk; Max-Age=0 LADI_CAMP_CONFIG=; Path=/dtk; Max-Age=0 LADI_CAMP_END_DATE=; Path=/dtk; Max-Age=0 LADI_FUNNEL_NEXT_URL=; Path=/dtk; Max-Age=0 LADI_FUNNEL_PREV_URL=; Path=/dtk; Max-Age=0
statuscode
200
content-encoding
gzip

Redirect headers

Connection
Keep-Alive
X-Powered-By
PHP/7.3.28
Set-Cookie
prli_click_2=chung-khoan-nhan-qua; expires=Sun, 18-Jul-2021 01:56:59 GMT; Max-Age=2592000; path=/ prli_visitor=60cbfd6b96c78; expires=Sat, 18-Jun-2022 01:56:59 GMT; Max-Age=31536000; path=/
X-Robots-Tag
noindex, nofollow
Cache-Control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Pragma
no-cache
Expires
Mon, 07 Jul 1777 07:07:07 GMT
X-Redirect-Powered-By
Pretty Link Pro 3.2.3 http://prettylink.com
X-Redirect-By
WordPress
Location
https://inves.nextevent.vn/dtk
Content-Type
text/html; charset=UTF-8
Content-Length
0
Date
Fri, 18 Jun 2021 01:56:59 GMT
Server
LiteSpeed
Strict-Transport-Security
max-age=15768000; includeSubDomains
css
fonts.googleapis.com/
9 KB
905 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular&display=swap
Requested by
Host: inves.nextevent.vn
URL: https://inves.nextevent.vn/dtk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1a7fbd542de5216d417cc58bd33f299ffe7706b3bf24e145e5109440da767750
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://inves.nextevent.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Jun 2021 00:45:38 GMT
server
ESF
date
Fri, 18 Jun 2021 01:57:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Jun 2021 01:57:00 GMT
ladipage.vi.min.js
w.ladicdn.com/v2/source/
249 KB
53 KB
Script
General
Full URL
https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1623298970246
Requested by
Host: inves.nextevent.vn
URL: https://inves.nextevent.vn/dtk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7c1dce2c0453c9665d283a6d034c8cdaaf3fc3ea77acbb31b4a421d380bc18f

Request headers

Referer
https://inves.nextevent.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 01:57:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
681568
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0abe6f07230000c30390972000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
6610e7850ff6c303-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Sat, 18 Jun 2022 01:57:00 GMT
notify.svg
w.ladicdn.com/source/
Redirect Chain
  • https://static.ladipage.net/source/notify.svg
  • https://w.ladicdn.com/source/notify.svg
2 KB
734 B
Image
General
Full URL
https://w.ladicdn.com/source/notify.svg
Requested by
Host: inves.nextevent.vn
URL: https://inves.nextevent.vn/dtk
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c950f9d8711acbcb718c05c7d12d9297acfd418b228382d45c92c36deab49b12

Request headers

Referer
https://inves.nextevent.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 01:57:01 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
5213130
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0abe6f09e800004ed9aab47000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
6610e7897d2d4ed9-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Sat, 18 Jun 2022 01:57:01 GMT

Redirect headers

location
https://w.ladicdn.com:443/source/notify.svg
date
Fri, 18 Jun 2021 01:57:00 GMT
server
awselb/2.0
content-length
134
content-type
text/html
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://inves.nextevent.vn
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 04:50:35 GMT
x-content-type-options
nosniff
age
507985
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 04:50:35 GMT
mem5YaGs126MiZpBA-UN7rgOXOhpOqc.woff2
fonts.gstatic.com/s/opensans/v20/
11 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOXOhpOqc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdd3f533cbb03aa426012b4b7b2a2a0b3e6d474733891f74e225bbd58538c145
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://inves.nextevent.vn
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 07:03:53 GMT
x-content-type-options
nosniff
age
499987
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11708
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 07:03:53 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://inves.nextevent.vn
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 09:26:30 GMT
x-content-type-options
nosniff
age
491430
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:50 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 09:26:30 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://inves.nextevent.vn
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 06:09:53 GMT
x-content-type-options
nosniff
age
503227
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:19 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 06:09:53 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://inves.nextevent.vn
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 07:18:32 GMT
x-content-type-options
nosniff
age
499108
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 07:18:32 GMT
KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://inves.nextevent.vn
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 07:40:44 GMT
x-content-type-options
nosniff
age
497776
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11836
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:52 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 07:40:44 GMT
mem8YaGs126MiZpBA-UFW50bbck.woff2
fonts.gstatic.com/s/opensans/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFW50bbck.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28e9420a6d03a70b837b51c9fbe1bb1f819a3d4aa71bffa07f7c3e79d7dcf878
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://inves.nextevent.vn
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 13:39:33 GMT
x-content-type-options
nosniff
age
476247
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11316
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:25 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 13:39:33 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v27/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://inves.nextevent.vn
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 13:40:26 GMT
x-content-type-options
nosniff
age
476194
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11860
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:33 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 13:40:26 GMT
ladipage.min.css
w.ladicdn.com/v2/source/
65 KB
6 KB
Stylesheet
General
Full URL
https://w.ladicdn.com/v2/source/ladipage.min.css?v=1623298970246
Requested by
Host: inves.nextevent.vn
URL: https://inves.nextevent.vn/dtk
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bba875302b129847c1b0c14a5abbd40840358939392ae25ee8acd66c1c74045

Request headers

Referer
https://inves.nextevent.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 01:57:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
681568
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0abe6f082500004ed965b61000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
6610e786a9504ed9-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Sat, 18 Jun 2022 01:57:00 GMT
dataset.min.js
w.ladicdn.com/v2/source/
5 KB
2 KB
Script
General
Full URL
https://w.ladicdn.com/v2/source/dataset.min.js?v=1623298970246
Requested by
Host: inves.nextevent.vn
URL: https://inves.nextevent.vn/dtk
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
545575f8cb53bb14294acc7a2cafa73c992cf6228cd714b5260801fa2ad771ad

Request headers

Referer
https://inves.nextevent.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 01:57:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
681420
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0abe6f082500004ed9ad909000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
6610e786a9514ed9-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Sat, 18 Jun 2022 01:57:00 GMT
brickwall.png
w.ladicdn.com/s700x1100/57b167c9ca57d39c18a1c57c/
3 KB
4 KB
Image
General
Full URL
https://w.ladicdn.com/s700x1100/57b167c9ca57d39c18a1c57c/brickwall.png
Requested by
Host: inves.nextevent.vn
URL: https://inves.nextevent.vn/dtk
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c1627cf86991d66fec3986ebb44266761652bc797b1c354bbe16804eccee49b

Request headers

Referer
https://inves.nextevent.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 01:57:00 GMT
vary
Accept
cf-cache-status
HIT
age
697912
cf-polished
origFmt=png, origSize=6230
content-disposition
inline; filename="brickwall.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0abe6f082500004ed99092f000000001
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
6610e786a94e4ed9-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Sat, 18 Jun 2022 01:57:00 GMT
bg-footer.png
w.ladicdn.com/s700x2050/57b167c9ca57d39c18a1c57c/
62 KB
63 KB
Image
General
Full URL
https://w.ladicdn.com/s700x2050/57b167c9ca57d39c18a1c57c/bg-footer.png
Requested by
Host: inves.nextevent.vn
URL: https://inves.nextevent.vn/dtk
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5d1f530e36b38a088074c3b5e12391ed9a1504513c6372ad8de3be42bc14afa

Request headers

Referer
https://inves.nextevent.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 01:57:00 GMT
vary
Accept
cf-cache-status
HIT
age
146406
cf-polished
origFmt=png, origSize=144701
content-disposition
inline; filename="bg-footer.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0abe6f082600004ed979a10000000001
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
6610e786a9554ed9-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Sat, 18 Jun 2022 01:57:00 GMT
footer-star-2.png
w.ladicdn.com/s700x1100/57b167c9ca57d39c18a1c57c/
12 KB
13 KB
Image
General
Full URL
https://w.ladicdn.com/s700x1100/57b167c9ca57d39c18a1c57c/footer-star-2.png
Requested by
Host: inves.nextevent.vn
URL: https://inves.nextevent.vn/dtk
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
848ff4a51d79abd54228aaad2497aa60652bdd605edd9fe2f7ed3d02921f8ca2

Request headers

Referer
https://inves.nextevent.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 01:57:00 GMT
vary
Accept
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=59043
content-disposition
inline; filename="footer-star-2.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0abe6f082500004ed96e3fb000000001
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
6610e786a9524ed9-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Sat, 18 Jun 2022 01:57:00 GMT
KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/
5 KB
5 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ac62ad133b177d67c52cfd6b1fa821b3566637b15c3637335036aae03cf972a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://inves.nextevent.vn
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 06:17:51 GMT
x-content-type-options
nosniff
age
502749
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5524
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:44 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 06:17:51 GMT
mem5YaGs126MiZpBA-UN7rgOXehpOqc.woff2
fonts.gstatic.com/s/opensans/v20/
6 KB
6 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOXehpOqc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3602bf738566f334e1cebb6e5846cbe12a8293db756cd23644a06256dd261239
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://inves.nextevent.vn
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 05:27:58 GMT
x-content-type-options
nosniff
age
505742
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6364
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:43 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 05:27:58 GMT
mem8YaGs126MiZpBA-UFWp0bbck.woff2
fonts.gstatic.com/s/opensans/v20/
6 KB
6 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFWp0bbck.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9616881bf47c6526f8f1552b31d1b399fb5a95922a3b8914cc6972cf6aacaa72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://inves.nextevent.vn
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 08:00:39 GMT
x-content-type-options
nosniff
age
496581
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6168
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:30 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 08:00:39 GMT
KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v27/
5 KB
5 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto:bold,regular&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb56f0e08adb026eb4e4b28c2fc33b35ce3ddf30a075f9906ec14caff095fa3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://inves.nextevent.vn
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 05:40:34 GMT
x-content-type-options
nosniff
age
504986
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5540
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 05:40:34 GMT
bg-footer.png
w.ladicdn.com/s1440x678/57b167c9ca57d39c18a1c57c/
63 KB
63 KB
Image
General
Full URL
https://w.ladicdn.com/s1440x678/57b167c9ca57d39c18a1c57c/bg-footer.png
Requested by
Host: inves.nextevent.vn
URL: https://inves.nextevent.vn/dtk
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40ecdef7db238ecc5958abed6e7151fa5d7ed9df79a0afffdf588a152004863d

Request headers

Referer
https://inves.nextevent.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 01:57:00 GMT
vary
Accept
cf-cache-status
HIT
age
697912
cf-polished
origFmt=png, origSize=80171
content-disposition
inline; filename="bg-footer.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0abe6f084900004ed946961000000001
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
6610e786d99b4ed9-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Sat, 18 Jun 2022 01:57:00 GMT
dang-trong-khang-20210524032324.png
w.ladicdn.com/s900x950/5a16229bb0bd5e4ff08408e5/
242 KB
243 KB
Image
General
Full URL
https://w.ladicdn.com/s900x950/5a16229bb0bd5e4ff08408e5/dang-trong-khang-20210524032324.png
Requested by
Host: inves.nextevent.vn
URL: https://inves.nextevent.vn/dtk
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a120e638ae040f1c7f8b86fa1fa55a4886f502e07576677f31303f178407e610

Request headers

Referer
https://inves.nextevent.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 01:57:00 GMT
vary
Accept
cf-cache-status
HIT
age
146405
cf-polished
origFmt=png, origSize=385994
content-disposition
inline; filename="dang-trong-khang-20210524032324.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0abe6f084b00004ed95ea5e000000001
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
6610e786d9a04ed9-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Sat, 18 Jun 2022 01:57:00 GMT
truncated
/
476 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
013bd7c3b15bac87b667a3a37401d9d67dce80f08945133363761c612a8ecfaf

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
business-rev-logo-20210524032501.png
w.ladicdn.com/s850x550/5a16229bb0bd5e4ff08408e5/
44 KB
45 KB
Image
General
Full URL
https://w.ladicdn.com/s850x550/5a16229bb0bd5e4ff08408e5/business-rev-logo-20210524032501.png
Requested by
Host: inves.nextevent.vn
URL: https://inves.nextevent.vn/dtk
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5b952a4baaa3e445e887dd3c5f8a409c04e7da91e46d9f5ac444d08dcea2f7f

Request headers

Referer
https://inves.nextevent.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 01:57:00 GMT
vary
Accept
cf-cache-status
HIT
age
50374
cf-polished
origFmt=png, origSize=74574
content-disposition
inline; filename="business-rev-logo-20210524032501.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0abe6f084b00004ed9b0187000000001
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
6610e786d9a14ed9-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Sat, 18 Jun 2022 01:57:00 GMT
icon-live-20210529000737.png
w.ladicdn.com/s550x450/5a16229bb0bd5e4ff08408e5/
130 KB
131 KB
Image
General
Full URL
https://w.ladicdn.com/s550x450/5a16229bb0bd5e4ff08408e5/icon-live-20210529000737.png
Requested by
Host: inves.nextevent.vn
URL: https://inves.nextevent.vn/dtk
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8000e1971e761677b4c491fe6724f0872ff9d0bb5fa0da1e6d3d21a4a7a5ed2

Request headers

Referer
https://inves.nextevent.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 01:57:00 GMT
vary
Accept
cf-cache-status
HIT
age
50374
cf-polished
origFmt=png, origSize=177676
content-disposition
inline; filename="icon-live-20210529000737.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0abe6f084c00004ed96d2bb000000001
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
6610e786e9a34ed9-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Sat, 18 Jun 2022 01:57:00 GMT
hqdefault.jpg
img.youtube.com/vi/mdLo0BpVmDU/
12 KB
13 KB
Image
General
Full URL
https://img.youtube.com/vi/mdLo0BpVmDU/hqdefault.jpg
Requested by
Host: inves.nextevent.vn
URL: https://inves.nextevent.vn/dtk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e53c43eef88d03f1495dab1a256bf797b9305437f1bc6146425c699f72da983
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://inves.nextevent.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 01:57:00 GMT
x-content-type-options
nosniff
server
sffe
age
0
etag
"0"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12757
x-xss-protection
0
expires
Fri, 18 Jun 2021 03:57:00 GMT
event
a.ladipage.com/
0
0
Preflight
General
Full URL
https://a.ladipage.com/event
Protocol
H2
Server
52.77.4.114 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,ladi_camp_form_submit,ladi_camp_form_submit_daily,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_page_view_daily,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_form_submit_daily,ladi_page_view,ladi_page_view_daily
Origin
https://inves.nextevent.vn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 18 Jun 2021 01:57:01 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
x-xss-protection
0
x-content-type-options
nosniff
x-download-options
noopen
access-control-allow-origin
*
access-control-allow-methods
POST, OPTIONS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
access-control-max-age
2592000
vary
Accept-Encoding
content-encoding
gzip
5a16229bb0bd5e4ff08408e5.json
g.ladicdn.com/dataset/
2 KB
980 B
XHR
General
Full URL
https://g.ladicdn.com/dataset/5a16229bb0bd5e4ff08408e5.json?id=604d4b159064d900205c7540
Requested by
Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1623298970246
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.251.159 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-251-159.ap-southeast-1.compute.amazonaws.com
Software
openresty /
Resource Hash
b2c45ef1aac545797ccd5767d9615b2d918079eef8c9bb68d622dec6fd4a4bd3

Request headers

Referer
https://inves.nextevent.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 01:57:01 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
statuscode
200
event
a.ladipage.com/
34 B
560 B
XHR
General
Full URL
https://a.ladipage.com/event
Requested by
Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1623298970246
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.4.114 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
287605fd293c9635d7edce4f9fd1b96e6977ec05607aad46a891daa82d2c6e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

LADI_CLIENT_ID
d75fd8e2-a436-41fd-7298-67bd83dc537d
LADI_PAGE_VIEW_DAILY
0
LADI_CAMP_ORIGIN_URL
LADI_FORM_SUBMIT_DAILY
0
LADI_CAMP_ID
LADI_CAMP_FORM_SUBMIT
0
LADI_CAMP_TYPE
LADI_CAMP_FORM_SUBMIT_DAILY
0
LADI_CAMP_PAGE_VIEW_DAILY
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
LADI_FORM_SUBMIT
0
LADI_CAMP_NAME
Content-Type
application/json
Referer
https://inves.nextevent.vn/
LADI_CAMP_TARGET_URL
LADI_CAMP_PAGE_VIEW
0
LADI_PAGE_VIEW
1

Response headers

date
Fri, 18 Jun 2021 01:57:01 GMT
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-max-age
2592000
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
x-xss-protection
0
notify.svg
w.ladicdn.com/source/
Redirect Chain
  • https://static.ladipage.net/source/notify.svg
  • https://w.ladicdn.com/source/notify.svg
2 KB
734 B
Image
General
Full URL
https://w.ladicdn.com/source/notify.svg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c950f9d8711acbcb718c05c7d12d9297acfd418b228382d45c92c36deab49b12

Request headers

Referer
https://inves.nextevent.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 01:57:01 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
5213130
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0abe6f0c5f00004ed9ad93b000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
6610e78d6a1a4ed9-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Sat, 18 Jun 2022 01:57:01 GMT

Redirect headers

location
https://w.ladicdn.com:443/source/notify.svg
date
Fri, 18 Jun 2021 01:57:01 GMT
server
awselb/2.0
content-length
134
content-type
text/html
142246857_102213151901036_3347332983390365229_n-20210506023027.jpg
w.ladicdn.com/5a16229bb0bd5e4ff08408e5/
168 KB
168 KB
Image
General
Full URL
https://w.ladicdn.com/5a16229bb0bd5e4ff08408e5/142246857_102213151901036_3347332983390365229_n-20210506023027.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f6ecf5c19f50bdfc49216b01929364dc55a836adc921940852a2c85c38f9422

Request headers

Referer
https://inves.nextevent.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 01:57:11 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
146406
cf-polished
origSize=176579, status=webp_bigger
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0abe6f32bc00004ed97f9bf000000001
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
6610e7cacf614ed9-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Sat, 18 Jun 2022 01:57:11 GMT
mi-edu-web-6-20210506021639.jpg
w.ladicdn.com/5a16229bb0bd5e4ff08408e5/
80 KB
80 KB
Image
General
Full URL
https://w.ladicdn.com/5a16229bb0bd5e4ff08408e5/mi-edu-web-6-20210506021639.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa8088ccbc86b909e9e263d272d0b86c359403d40b921389c34c6ecbc2aa8270

Request headers

Referer
https://inves.nextevent.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 01:57:17 GMT
vary
Accept
cf-cache-status
HIT
cf-polished
origFmt=jpeg, origSize=192790
content-disposition
inline; filename="mi-edu-web-6-20210506021639.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0abe6f48360000c303eda12000000001
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
6610e7ed2f64c303-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Sat, 18 Jun 2022 01:57:17 GMT

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| ladi_viewport boolean| ladi_is_desktop function| LadiPageScriptV2 object| Base64 object| LadiPageScript object| LadiFormApi function| parseFloatLadiPage function| decodeURIComponentLadiPage function| lightbox_run function| lightbox_iframe function| lightbox_image function| lightbox_video function| LadiPageLibraryV2 function| LadiPageAppV2 function| ladi object| LadiPageApp

6 Cookies

Domain/Path Name / Value
inves.nextevent.vn/dtk Name: _timenow
Value: 1623981420649
inves.nextevent.vn/dtk Name: LADI_PAGE_VIEW_PATH
Value: 1
inves.nextevent.vn/dtk Name: LADI_PAGE_VIEW
Value: 1
inves.nextevent.vn/ Name: LADI_CLIENT_ID
Value: d75fd8e2-a436-41fd-7298-67bd83dc537d
inves.nextevent.vn/dtk Name: LADI_FORM_SUBMIT_PATH
Value: 0
inves.nextevent.vn/dtk Name: LADI_FORM_SUBMIT
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ladipage.com
baodantri.com.vn
fonts.googleapis.com
fonts.gstatic.com
g.ladicdn.com
img.youtube.com
inves.nextevent.vn
static.ladipage.net
w.ladicdn.com
13.251.251.159
2606:4700::6812:c44
2a00:1450:4001:802::200e
2a00:1450:4001:827::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
45.252.250.10
52.221.6.123
52.77.4.114
54.169.13.63
013bd7c3b15bac87b667a3a37401d9d67dce80f08945133363761c612a8ecfaf
084c00e315311e0f96382851a07e8b8c5b9cc2d14b39f763fce3f20b8f223c88
0c1627cf86991d66fec3986ebb44266761652bc797b1c354bbe16804eccee49b
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1a7fbd542de5216d417cc58bd33f299ffe7706b3bf24e145e5109440da767750
287605fd293c9635d7edce4f9fd1b96e6977ec05607aad46a891daa82d2c6e23
28e9420a6d03a70b837b51c9fbe1bb1f819a3d4aa71bffa07f7c3e79d7dcf878
2bba875302b129847c1b0c14a5abbd40840358939392ae25ee8acd66c1c74045
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
3602bf738566f334e1cebb6e5846cbe12a8293db756cd23644a06256dd261239
40ecdef7db238ecc5958abed6e7151fa5d7ed9df79a0afffdf588a152004863d
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
545575f8cb53bb14294acc7a2cafa73c992cf6228cd714b5260801fa2ad771ad
5e53c43eef88d03f1495dab1a256bf797b9305437f1bc6146425c699f72da983
6ac62ad133b177d67c52cfd6b1fa821b3566637b15c3637335036aae03cf972a
6f6ecf5c19f50bdfc49216b01929364dc55a836adc921940852a2c85c38f9422
848ff4a51d79abd54228aaad2497aa60652bdd605edd9fe2f7ed3d02921f8ca2
9616881bf47c6526f8f1552b31d1b399fb5a95922a3b8914cc6972cf6aacaa72
a120e638ae040f1c7f8b86fa1fa55a4886f502e07576677f31303f178407e610
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
aa8088ccbc86b909e9e263d272d0b86c359403d40b921389c34c6ecbc2aa8270
b2c45ef1aac545797ccd5767d9615b2d918079eef8c9bb68d622dec6fd4a4bd3
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c950f9d8711acbcb718c05c7d12d9297acfd418b228382d45c92c36deab49b12
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cdd3f533cbb03aa426012b4b7b2a2a0b3e6d474733891f74e225bbd58538c145
d8000e1971e761677b4c491fe6724f0872ff9d0bb5fa0da1e6d3d21a4a7a5ed2
f5b952a4baaa3e445e887dd3c5f8a409c04e7da91e46d9f5ac444d08dcea2f7f
f5d1f530e36b38a088074c3b5e12391ed9a1504513c6372ad8de3be42bc14afa
f7c1dce2c0453c9665d283a6d034c8cdaaf3fc3ea77acbb31b4a421d380bc18f
fb56f0e08adb026eb4e4b28c2fc33b35ce3ddf30a075f9906ec14caff095fa3c