Submitted URL: https://clients.onefxea.com/
Effective URL: https://clients.onefxea.com/users/login/?nv_redirect=h2wpoS0y4eOK7qqsiJECiTaPddMTqIM0IiifciKUGqc%2C
Submission: On July 09 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 30 HTTP transactions. The main IP is 123.30.249.124, located in Viet Nam and belongs to VNPT-AS-VN VNPT Corp, VN. The main domain is clients.onefxea.com.
TLS certificate: Issued by E6 on July 9th 2024. Valid for: 3 months.
This is the only time clients.onefxea.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 27 123.30.249.124 45899 (VNPT-AS-V...)
3 142.250.184.228 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
30 3
Apex Domain
Subdomains
Transfer
27 onefxea.com
clients.onefxea.com
356 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 10
984 B
1 gstatic.com
www.gstatic.com
212 KB
30 3
Domain Requested by
27 clients.onefxea.com 1 redirects clients.onefxea.com
3 www.google.com clients.onefxea.com
www.gstatic.com
1 www.gstatic.com www.google.com
30 3

This site contains no links.

Subject Issuer Validity Valid
clients.onefxea.com
E6
2024-07-09 -
2024-10-07
3 months crt.sh
*.google.com
WR2
2024-06-24 -
2024-09-16
3 months crt.sh
*.gstatic.com
WR2
2024-06-24 -
2024-09-16
3 months crt.sh

This page contains 3 frames:

Primary Page: https://clients.onefxea.com/users/login/?nv_redirect=h2wpoS0y4eOK7qqsiJECiTaPddMTqIM0IiifciKUGqc%2C
Frame ID: 89EC794FB4B089E7068168F9E0BFFB52
Requests: 28 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LekJUQpAAAAALPfebrIrr0Km_7AnYUQzmWemq90&co=aHR0cHM6Ly9jbGllbnRzLm9uZWZ4ZWEuY29tOjQ0Mw..&hl=en&type=image&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=normal&cb=k14te9dl05k9
Frame ID: B090F92EACCE8322B2F4F95C7BA7350F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=rKbTvxTxwcw5VqzrtN-ICwWt&k=6LekJUQpAAAAALPfebrIrr0Km_7AnYUQzmWemq90
Frame ID: DC893381B011E6F881D1BC40C10B020A
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Member login

Page URL History Show full URLs

  1. https://clients.onefxea.com/ HTTP 301
    https://clients.onefxea.com/users/login/?nv_redirect=h2wpoS0y4eOK7qqsiJECiTaPddMTqIM0IiifciKUGqc%2C Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • require.*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

30
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

568 kB
Transfer

1229 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://clients.onefxea.com/ HTTP 301
    https://clients.onefxea.com/users/login/?nv_redirect=h2wpoS0y4eOK7qqsiJECiTaPddMTqIM0IiifciKUGqc%2C Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
clients.onefxea.com/users/login/
Redirect Chain
  • https://clients.onefxea.com/
  • https://clients.onefxea.com/users/login/?nv_redirect=h2wpoS0y4eOK7qqsiJECiTaPddMTqIM0IiifciKUGqc%2C
10 KB
4 KB
Document
General
Full URL
https://clients.onefxea.com/users/login/?nv_redirect=h2wpoS0y4eOK7qqsiJECiTaPddMTqIM0IiifciKUGqc%2C
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
123.30.249.124 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
melodylogistics.com
Software
Apache/2 /
Resource Hash
d83b87f5f5e7e6c4727b7232cf1b34f31c97b2349ea781c31b6cfffd56f02b86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
2889
content-type
text/html; charset=UTF-8
date
Tue, 09 Jul 2024 14:46:43 GMT
expires
-1
last-modified
Mon, 08 Jul 2024 14:46:43 GMT
link
</assets/css/font-awesome.min.css?t=1699873301>; rel=preload; as=style, </themes/default/css/bootstrap.min.css?t=1699873301>; rel=preload; as=style, </themes/default/css/style.css?t=1699873301>; rel=preload; as=style, </themes/default/css/web24.css?t=1699873301>; rel=preload; as=style, </themes/default/css/style.responsive.css?t=1699873301>; rel=preload; as=style, </themes/default/css/users.css?t=1699873301>; rel=preload; as=style, </themes/default/css/custom.css?t=1699873301>; rel=preload; as=style, </themes/default/css/top_menu.css?t=1699873301>; rel=preload; as=style, </assets/js/jquery/jquery.min.js?t=1699873301>; rel=preload; as=script, </assets/js/jquery/jquery.min.js?t=1699873301>; rel=preload; as=script, </assets/js/language/en.js?t=1699873301>; rel=preload; as=script, </assets/js/DOMPurify/purify.js?t=1699873301>; rel=preload; as=script, </assets/js/global.js?t=1699873301>; rel=preload; as=script, </assets/js/site.js?t=1699873301>; rel=preload; as=script, </themes/default/js/users.js?t=1699873301>; rel=preload; as=script, </themes/default/js/main.js?t=1699873301>; rel=preload; as=script, </themes/default/js/custom.js?t=1699873301>; rel=preload; as=script, </themes/default/js/top_menu.js?t=1699873301>; rel=preload; as=script, </themes/default/js/bootstrap.min.js?t=1699873301>; rel=preload; as=script
permissions-policy
interest-cohort=()
pragma
no-cache
referrer-policy
no-referrer-when-downgrade, strict-origin-when-cross-origin
server
Apache/2
strict-transport-security
max-age=31536000; preload
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-robots-tag
noindex, follow
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 09 Jul 2024 14:46:43 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
/users/login/?nv_redirect=h2wpoS0y4eOK7qqsiJECiTaPddMTqIM0IiifciKUGqc%2C
pragma
no-cache
server
Apache/2
vary
User-Agent
font-awesome.min.css
clients.onefxea.com/assets/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://clients.onefxea.com/assets/css/font-awesome.min.css?t=1699873301
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
123.30.249.124 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
melodylogistics.com
Software
Apache/2 /
Resource Hash
32a372828a837931b0a9238ffbd23f3921e389c726418b207eb43d8b0d702f9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://clients.onefxea.com/users/login/?nv_redirect=h2wpoS0y4eOK7qqsiJECiTaPddMTqIM0IiifciKUGqc%2C
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 14:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 20 Jun 2022 01:13:44 GMT
server
Apache/2
etag
"7867-5e1d6d0b00200-gzip"
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000, no-cache="set-cookie"
accept-ranges
bytes
content-length
7006
x-xss-protection
1; mode=block
bootstrap.min.css
clients.onefxea.com/themes/default/css/
113 KB
18 KB
Stylesheet
General
Full URL
https://clients.onefxea.com/themes/default/css/bootstrap.min.css?t=1699873301
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
123.30.249.124 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
melodylogistics.com
Software
Apache/2 /
Resource Hash
1d46a78c17d1f7b18a2d9e0b3b422e0912c88ed9e9c556a93d2a50275f2a9139
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://clients.onefxea.com/users/login/?nv_redirect=h2wpoS0y4eOK7qqsiJECiTaPddMTqIM0IiifciKUGqc%2C
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 14:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 20 Jun 2022 01:34:16 GMT
server
Apache/2
etag
"1c26b-5e1d71a1ed600-gzip"
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000, no-cache="set-cookie"
accept-ranges
bytes
content-length
18540
x-xss-protection
1; mode=block
style.css
clients.onefxea.com/themes/default/css/
41 KB
9 KB
Stylesheet
General
Full URL
https://clients.onefxea.com/themes/default/css/style.css?t=1699873301
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
123.30.249.124 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
melodylogistics.com
Software
Apache/2 /
Resource Hash
96ab69c7bf79bc856a26d90ece708a0c78d2544c8a4d48ff74118a3ab58ef8f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://clients.onefxea.com/users/login/?nv_redirect=h2wpoS0y4eOK7qqsiJECiTaPddMTqIM0IiifciKUGqc%2C
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 14:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 28 Aug 2023 14:26:16 GMT
server
Apache/2
etag
"a564-603fc7a22b200-gzip"
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000, no-cache="set-cookie"
accept-ranges
bytes
content-length
8775
x-xss-protection
1; mode=block
web24.css
clients.onefxea.com/themes/default/css/
25 KB
5 KB
Stylesheet
General
Full URL
https://clients.onefxea.com/themes/default/css/web24.css?t=1699873301
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
123.30.249.124 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
melodylogistics.com
Software
Apache/2 /
Resource Hash
28632e28cae5dff8a40974c359d2589d4b3ce11f3380c1d9bb62e45743b987cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://clients.onefxea.com/users/login/?nv_redirect=h2wpoS0y4eOK7qqsiJECiTaPddMTqIM0IiifciKUGqc%2C
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 14:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 13 Nov 2023 13:28:57 GMT
server
Apache/2
etag
"637e-60a08a6ef9840-gzip"
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000, no-cache="set-cookie"
accept-ranges
bytes
content-length
4711
x-xss-protection
1; mode=block
style.responsive.css
clients.onefxea.com/themes/default/css/
8 KB
2 KB
Stylesheet
General
Full URL
https://clients.onefxea.com/themes/default/css/style.responsive.css?t=1699873301
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
123.30.249.124 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
melodylogistics.com
Software
Apache/2 /
Resource Hash
e0d25147eade8f569fc806751a0dadfca562f80496cc2d2488ce78f5df06bcd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://clients.onefxea.com/users/login/?nv_redirect=h2wpoS0y4eOK7qqsiJECiTaPddMTqIM0IiifciKUGqc%2C
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 14:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2023 08:52:32 GMT
server
Apache/2
etag
"1fff-6076cf1a13400-gzip"
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000, no-cache="set-cookie"
accept-ranges
bytes
content-length
1856
x-xss-protection
1; mode=block
users.css
clients.onefxea.com/themes/default/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://clients.onefxea.com/themes/default/css/users.css?t=1699873301
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
123.30.249.124 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
melodylogistics.com
Software
Apache/2 /
Resource Hash
48972d11252ccc466a3a7e38246dc9de5c4c868d3d18a1823cf922788900c513
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://clients.onefxea.com/users/login/?nv_redirect=h2wpoS0y4eOK7qqsiJECiTaPddMTqIM0IiifciKUGqc%2C
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 14:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 29 Oct 2023 12:06:05 GMT
server
Apache/2
etag
"1d2e-608d9bef64540-gzip"
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000, no-cache="set-cookie"
accept-ranges
bytes
content-length
1835
x-xss-protection
1; mode=block
custom.css
clients.onefxea.com/themes/default/css/
357 B
374 B
Stylesheet
General
Full URL
https://clients.onefxea.com/themes/default/css/custom.css?t=1699873301
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
123.30.249.124 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
melodylogistics.com
Software
Apache/2 /
Resource Hash
42c18826bab08f8433ed4727923c536b54db688810dff250a4bef774b3fcd827
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://clients.onefxea.com/users/login/?nv_redirect=h2wpoS0y4eOK7qqsiJECiTaPddMTqIM0IiifciKUGqc%2C
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 14:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 20 Jun 2022 01:34:16 GMT
server
Apache/2
etag
"165-5e1d71a1ed600-gzip"
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000, no-cache="set-cookie"
accept-ranges
bytes
content-length
293
x-xss-protection
1; mode=block
top_menu.css
clients.onefxea.com/themes/default/css/
2 KB
818 B
Stylesheet
General
Full URL
https://clients.onefxea.com/themes/default/css/top_menu.css?t=1699873301
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
123.30.249.124 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
melodylogistics.com
Software
Apache/2 /
Resource Hash
a65f4ad1b00225bd2f9709233cbee4b344f520173ea5a5d646408490d17933f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://clients.onefxea.com/users/login/?nv_redirect=h2wpoS0y4eOK7qqsiJECiTaPddMTqIM0IiifciKUGqc%2C
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 14:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 29 Oct 2023 11:28:17 GMT
server
Apache/2
etag
"95a-608d937c75640-gzip"
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000, no-cache="set-cookie"
accept-ranges
bytes
content-length
736
x-xss-protection
1; mode=block
jquery.min.js
clients.onefxea.com/assets/js/jquery/
87 KB
30 KB
Script
General
Full URL
https://clients.onefxea.com/assets/js/jquery/jquery.min.js?t=1699873301
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
123.30.249.124 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
melodylogistics.com
Software
Apache/2 /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://clients.onefxea.com/users/login/?nv_redirect=h2wpoS0y4eOK7qqsiJECiTaPddMTqIM0IiifciKUGqc%2C
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 14:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 20 Jun 2022 01:13:44 GMT
server
Apache/2
etag
"15d9d-5e1d6d0b00200-gzip"
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, no-cache="set-cookie"
accept-ranges
bytes
content-length
30902
x-xss-protection
1; mode=block
en.js
clients.onefxea.com/assets/js/language/
6 KB
2 KB
Script
General
Full URL
https://clients.onefxea.com/assets/js/language/en.js?t=1699873301
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
123.30.249.124 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
melodylogistics.com
Software
Apache/2 /
Resource Hash
195163518f440b94fe2e969555284207728703716098b79c04314173d74b2e0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://clients.onefxea.com/users/login/?nv_redirect=h2wpoS0y4eOK7qqsiJECiTaPddMTqIM0IiifciKUGqc%2C
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 14:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 20 Jun 2022 01:34:16 GMT
server
Apache/2
etag
"174b-5e1d71a1ed600-gzip"
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, no-cache="set-cookie"
accept-ranges
bytes
content-length
2152
x-xss-protection
1; mode=block
purify.js
clients.onefxea.com/assets/js/DOMPurify/
21 KB
8 KB
Script
General
Full URL
https://clients.onefxea.com/assets/js/DOMPurify/purify.js?t=1699873301
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
123.30.249.124 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
melodylogistics.com
Software
Apache/2 /
Resource Hash
115be10df43e19ced27a02f22fca13b8857fac52864591cbcff5015e74ce0627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://clients.onefxea.com/users/login/?nv_redirect=h2wpoS0y4eOK7qqsiJECiTaPddMTqIM0IiifciKUGqc%2C
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 14:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 20 Jun 2022 01:13:44 GMT
server
Apache/2
etag
"52b0-5e1d6d0b00200-gzip"
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, no-cache="set-cookie"
accept-ranges
bytes
content-length
8271
x-xss-protection
1; mode=block
global.js
clients.onefxea.com/assets/js/
15 KB
5 KB
Script
General
Full URL
https://clients.onefxea.com/assets/js/global.js?t=1699873301
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
123.30.249.124 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
melodylogistics.com
Software
Apache/2 /
Resource Hash
10188398053694c3d42984d33a498e8a3514ff07383ee6474513673c1c46e3b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://clients.onefxea.com/users/login/?nv_redirect=h2wpoS0y4eOK7qqsiJECiTaPddMTqIM0IiifciKUGqc%2C
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 14:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 20 Jun 2022 01:34:16 GMT
server
Apache/2
etag
"3dae-5e1d71a1ed600-gzip"
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, no-cache="set-cookie"
accept-ranges
bytes
content-length
4913
x-xss-protection
1; mode=block
site.js
clients.onefxea.com/assets/js/
907 B
595 B
Script
General
Full URL
https://clients.onefxea.com/assets/js/site.js?t=1699873301
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
123.30.249.124 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
melodylogistics.com
Software
Apache/2 /
Resource Hash
d05090ad47b860e895cd43fac0f13d56b8c10c53ee7fb1e8ca2f2b073fb91d1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://clients.onefxea.com/users/login/?nv_redirect=h2wpoS0y4eOK7qqsiJECiTaPddMTqIM0IiifciKUGqc%2C
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 14:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 20 Jun 2022 01:13:48 GMT
server
Apache/2
etag
"38b-5e1d6d0ed0b00-gzip"
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, no-cache="set-cookie"
accept-ranges
bytes
content-length
513
x-xss-protection
1; mode=block
users.js
clients.onefxea.com/themes/default/js/
29 KB
6 KB
Script
General
Full URL
https://clients.onefxea.com/themes/default/js/users.js?t=1699873301
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
123.30.249.124 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
melodylogistics.com
Software
Apache/2 /
Resource Hash
0eb842b1fadecf553daa5a752e58ffc601b62ff58db3665e8fd938700f7fa903
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://clients.onefxea.com/users/login/?nv_redirect=h2wpoS0y4eOK7qqsiJECiTaPddMTqIM0IiifciKUGqc%2C
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 14:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 20 Jun 2022 01:34:16 GMT
server
Apache/2
etag
"72c0-5e1d71a1ed600-gzip"
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, no-cache="set-cookie"
accept-ranges
bytes
content-length
6048
x-xss-protection
1; mode=block
main.js
clients.onefxea.com/themes/default/js/
25 KB
6 KB
Script
General
Full URL
https://clients.onefxea.com/themes/default/js/main.js?t=1699873301
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
123.30.249.124 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
melodylogistics.com
Software
Apache/2 /
Resource Hash
f4eea55f439037523d542cfa498e13bc8910850dc96e0140189c340ff15c8ff5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://clients.onefxea.com/users/login/?nv_redirect=h2wpoS0y4eOK7qqsiJECiTaPddMTqIM0IiifciKUGqc%2C
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 14:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 20 Jun 2022 01:34:16 GMT
server
Apache/2
etag
"65b4-5e1d71a1ed600-gzip"
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, no-cache="set-cookie"
accept-ranges
bytes
content-length
6518
x-xss-protection
1; mode=block
custom.js
clients.onefxea.com/themes/default/js/
356 B
349 B
Script
General
Full URL
https://clients.onefxea.com/themes/default/js/custom.js?t=1699873301
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
123.30.249.124 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
melodylogistics.com
Software
Apache/2 /
Resource Hash
0d7a721ac9e91827007481b172c9ebaa37b0ab334be201ff9549224ae3acb3a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://clients.onefxea.com/users/login/?nv_redirect=h2wpoS0y4eOK7qqsiJECiTaPddMTqIM0IiifciKUGqc%2C
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 14:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 20 Jun 2022 01:34:16 GMT
server
Apache/2
etag
"164-5e1d71a1ed600-gzip"
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, no-cache="set-cookie"
accept-ranges
bytes
content-length
292
x-xss-protection
1; mode=block
top_menu.js
clients.onefxea.com/themes/default/js/
177 B
196 B
Script
General
Full URL
https://clients.onefxea.com/themes/default/js/top_menu.js?t=1699873301
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
123.30.249.124 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
melodylogistics.com
Software
Apache/2 /
Resource Hash
cda69da913743135ba4b1b067f540b74d982f376783b9feb886ee4b339497a0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://clients.onefxea.com/users/login/?nv_redirect=h2wpoS0y4eOK7qqsiJECiTaPddMTqIM0IiifciKUGqc%2C
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 14:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Oct 2022 07:44:55 GMT
server
Apache/2
etag
"b1-5ea58de878bc0-gzip"
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, no-cache="set-cookie"
accept-ranges
bytes
content-length
116
x-xss-protection
1; mode=block
bootstrap.min.js
clients.onefxea.com/themes/default/js/
34 KB
9 KB
Script
General
Full URL
https://clients.onefxea.com/themes/default/js/bootstrap.min.js?t=1699873301
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
123.30.249.124 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
melodylogistics.com
Software
Apache/2 /
Resource Hash
fccc48c02caa70da1bc5a4a7e06048797bf74e3d1a5638bcaeb46e02e8d09210
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://clients.onefxea.com/users/login/?nv_redirect=h2wpoS0y4eOK7qqsiJECiTaPddMTqIM0IiifciKUGqc%2C
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 14:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 17 Jun 2022 00:42:38 GMT
server
Apache/2
etag
"86aa-5e19a07f0fb80-gzip"
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, no-cache="set-cookie"
accept-ranges
bytes
content-length
9282
x-xss-protection
1; mode=block
logo.png
clients.onefxea.com/uploads/
11 KB
11 KB
Image
General
Full URL
https://clients.onefxea.com/uploads/logo.png
Requested by
Host: clients.onefxea.com
URL: https://clients.onefxea.com/users/login/?nv_redirect=h2wpoS0y4eOK7qqsiJECiTaPddMTqIM0IiifciKUGqc%2C
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
123.30.249.124 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
melodylogistics.com
Software
Apache/2 /
Resource Hash
6e94056227e9bcd7e6e8a9cc2976650c0bc5608c865e45a36c24dd6f0325881f

Request headers

Referer
https://clients.onefxea.com/users/login/?nv_redirect=h2wpoS0y4eOK7qqsiJECiTaPddMTqIM0IiifciKUGqc%2C
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 14:46:43 GMT
last-modified
Wed, 03 Jan 2024 07:02:23 GMT
server
Apache/2
etag
"2d45-60e05326a2d15"
content-type
image/png
cache-control
public, max-age=2592000, no-cache="set-cookie"
accept-ranges
bytes
content-length
11589
index.php
clients.onefxea.com/
692 B
565 B
Image
General
Full URL
https://clients.onefxea.com/index.php?second=cronjobs&p=q52drGzD
Requested by
Host: clients.onefxea.com
URL: https://clients.onefxea.com/users/login/?nv_redirect=h2wpoS0y4eOK7qqsiJECiTaPddMTqIM0IiifciKUGqc%2C
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
123.30.249.124 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
melodylogistics.com
Software
Apache/2 /
Resource Hash
134c2ed468f37ed61c5f1109a2ce3750495f551376f323c85d7b6061c2ae2d63

Request headers

Referer
https://clients.onefxea.com/users/login/?nv_redirect=h2wpoS0y4eOK7qqsiJECiTaPddMTqIM0IiifciKUGqc%2C
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jul 2024 14:46:43 GMT
content-encoding
gzip
server
Apache/2
vary
Accept-Encoding,User-Agent
content-type
image/jpg
cache-control
no-store, no-cache, must-revalidate
content-length
524
expires
Thu, 19 Nov 1981 08:52:00 GMT
bg.jpg
clients.onefxea.com/themes/default/images/
156 KB
156 KB
Image
General
Full URL
https://clients.onefxea.com/themes/default/images/bg.jpg
Requested by
Host: clients.onefxea.com
URL: https://clients.onefxea.com/themes/default/css/top_menu.css?t=1699873301
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
123.30.249.124 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
melodylogistics.com
Software
Apache/2 /
Resource Hash
7c08b1f34081749cd564aac907e0ebcf7bc8faecd3b7551f4447a784fcc07296

Request headers

Referer
https://clients.onefxea.com/themes/default/css/top_menu.css?t=1699873301
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 14:46:44 GMT
last-modified
Thu, 09 Nov 2023 08:43:51 GMT
server
Apache/2
etag
"27034-609b433f93fc0"
content-type
image/jpeg
cache-control
public, max-age=2592000, no-cache="set-cookie"
accept-ranges
bytes
content-length
159796
required.png
clients.onefxea.com/themes/default/images/icons/
194 B
242 B
Image
General
Full URL
https://clients.onefxea.com/themes/default/images/icons/required.png
Requested by
Host: clients.onefxea.com
URL: https://clients.onefxea.com/themes/default/css/style.css?t=1699873301
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
123.30.249.124 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
melodylogistics.com
Software
Apache/2 /
Resource Hash
9cb4e16246b35a90ddc8ff585670beb0fcf320cfcbd985a8aff8db6d08d3059c

Request headers

Referer
https://clients.onefxea.com/themes/default/css/style.css?t=1699873301
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 14:46:44 GMT
last-modified
Fri, 17 Jun 2022 00:42:38 GMT
server
Apache/2
etag
"c2-5e19a07f0fb80"
content-type
image/png
cache-control
public, max-age=2592000, no-cache="set-cookie"
accept-ranges
bytes
content-length
194
museo-sans-700-webfont.woff
clients.onefxea.com/themes/default/fonts/
33 KB
33 KB
Font
General
Full URL
https://clients.onefxea.com/themes/default/fonts/museo-sans-700-webfont.woff
Requested by
Host: clients.onefxea.com
URL: https://clients.onefxea.com/themes/default/css/web24.css?t=1699873301
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
123.30.249.124 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
melodylogistics.com
Software
Apache/2 /
Resource Hash
3675ed57fbe359962a7a4a6c67096a2e59a4e3930a0ffb8550414e03a0c89dc2

Request headers

Referer
https://clients.onefxea.com/themes/default/css/web24.css?t=1699873301
Origin
https://clients.onefxea.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 14:46:44 GMT
content-encoding
gzip
last-modified
Thu, 06 Oct 2022 08:27:10 GMT
server
Apache/2
etag
"823e-5ea5975a09380-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-font-woff
cache-control
public, max-age=2592000, no-cache="set-cookie"
accept-ranges
bytes
content-length
33339
museo-sans-300-webfont.woff
clients.onefxea.com/themes/default/fonts/
34 KB
35 KB
Font
General
Full URL
https://clients.onefxea.com/themes/default/fonts/museo-sans-300-webfont.woff
Requested by
Host: clients.onefxea.com
URL: https://clients.onefxea.com/themes/default/css/web24.css?t=1699873301
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
123.30.249.124 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
melodylogistics.com
Software
Apache/2 /
Resource Hash
6a382a283c77b7e93e7bb5b0b1902242082a4800dac20da3334d641093b33005

Request headers

Referer
https://clients.onefxea.com/themes/default/css/web24.css?t=1699873301
Origin
https://clients.onefxea.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 14:46:44 GMT
content-encoding
gzip
last-modified
Thu, 06 Oct 2022 08:27:09 GMT
server
Apache/2
etag
"89a9-5ea5975915140-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-font-woff
cache-control
public, max-age=2592000, no-cache="set-cookie"
accept-ranges
bytes
content-length
35242
api.js
www.google.com/recaptcha/
1 KB
984 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?hl=en&onload=reCaptcha2OnLoad&render=explicit
Requested by
Host: clients.onefxea.com
URL: https://clients.onefxea.com/themes/default/js/main.js?t=1699873301
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
GSE /
Resource Hash
62f402f313d75c65f5ee673f8715d460be4235c0b9bd2f46ca43e33d2173895c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://clients.onefxea.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 14:58:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Tue, 09 Jul 2024 14:58:37 GMT
favicon.png
clients.onefxea.com/uploads/
4 KB
4 KB
Other
General
Full URL
https://clients.onefxea.com/uploads/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
123.30.249.124 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
melodylogistics.com
Software
Apache/2 /
Resource Hash
8f54494e39fc90077b1319ba1cc432f24d9017c7fe9b083a9f1b5f78ef596e90

Request headers

Referer
https://clients.onefxea.com/users/login/?nv_redirect=h2wpoS0y4eOK7qqsiJECiTaPddMTqIM0IiifciKUGqc%2C
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 14:46:44 GMT
last-modified
Wed, 03 Jan 2024 07:02:30 GMT
server
Apache/2
etag
"e86-60e0532cce685"
content-type
image/png
cache-control
public, max-age=2592000, no-cache="set-cookie"
accept-ranges
bytes
content-length
3718
recaptcha__en.js
www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/
534 KB
212 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en&onload=reCaptcha2OnLoad&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ec782544506a0aea967ea044659c633e1ee735b79e5172cb263797cc5cefe3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://clients.onefxea.com/
Origin
https://clients.onefxea.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 14:13:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2683
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
216123
x-xss-protection
0
last-modified
Sun, 23 Jun 2024 08:01:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Jul 2025 14:13:55 GMT
anchor
www.google.com/recaptcha/api2/ Frame B090
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LekJUQpAAAAALPfebrIrr0Km_7AnYUQzmWemq90&co=aHR0cHM6Ly9jbGllbnRzLm9uZWZ4ZWEuY29tOjQ0Mw..&hl=en&type=image&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=normal&cb=k14te9dl05k9
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8STFJC6F_WpiHtXjenn84g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://clients.onefxea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-8STFJC6F_WpiHtXjenn84g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jul 2024 14:58:38 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bframe
www.google.com/recaptcha/api2/ Frame DC89
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=rKbTvxTxwcw5VqzrtN-ICwWt&k=6LekJUQpAAAAALPfebrIrr0Km_7AnYUQzmWemq90
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JjegQcHEDxmH1NMW-Kp8nQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://clients.onefxea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-JjegQcHEDxmH1NMW-Kp8nQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jul 2024 14:58:38 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

197 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| $ function| jQuery string| nv_base_siteurl string| nv_lang_data string| nv_lang_interface string| nv_name_variable string| nv_fc_variable string| nv_lang_variable string| nv_module_name string| nv_func_name number| nv_my_ofs string| nv_my_abbr string| nv_cookie_prefix number| nv_check_pass_mstime number| theme_responsive number| nv_recaptcha_ver string| nv_recaptcha_sitekey string| nv_recaptcha_type number| XSSsanitize object| nv_aryDayName object| nv_aryDayNS object| nv_aryMonth object| nv_aryMS object| nv_admlogout_confirm object| nv_is_del_confirm object| nv_is_change_act_confirm object| nv_is_empty_confirm object| nv_is_recreate_confirm object| nv_is_add_user_confirm object| nv_is_exclude_user_confirm string| nv_formatString string| nv_gotoString string| nv_todayString string| nv_weekShortString string| nv_weekString string| nv_scrollLeftMessage string| nv_scrollRightMessage string| nv_selectMonthMessage string| nv_selectYearMessage string| nv_selectDateMessage string| nv_loadingText string| nv_loadingTitle string| nv_focusTitle string| nv_fullExpandTitle string| nv_restoreTitle string| nv_error_login string| nv_error_password string| nv_error_email string| nv_error_seccode string| nv_login_failed string| nv_content_failed string| nv_required string| nv_remote string| nv_email string| nv_url string| nv_date string| nv_dateISO string| nv_number string| nv_digits string| nv_creditcard string| nv_equalTo string| nv_accept string| nv_maxlength string| nv_minlength string| nv_rangelength string| nv_range string| nv_max string| nv_min string| nv_fullname string| nv_title string| nv_content string| nv_code string| nv_msgbeforeunload object| NVJL function| DOMPurify boolean| GK boolean| SA function| DOM object| nv_mailfilter object| nv_numcheck object| nv_namecheck object| nv_uname_filter object| nv_md5check object| nv_imgexts string| nv_iChars object| nv_specialchars number| nv_old_Minute string| strHref string| script_name string| query_string function| nv_email_check function| nv_num_check function| nv_name_check function| nv_md5_check function| nv_iChars_check function| nv_iChars_Remove function| nv_setCookie function| nv_getCookie function| nv_check_timezone function| is_array function| strip_tags function| trim function| rawurlencode function| rawurldecode function| is_numeric function| intval function| nv_is_dst function| nv_DigitalClock function| nv_show_hidden function| nv_checkAll function| nv_UncheckAll function| nv_set_disable_false function| nv_settimeout_disable function| nv_randomPassword function| nv_urldecode_ajax function| nv_isExternal function| nv_open_browse function| nv_setIframeHeight function| formXSSsanitize function| btnClickSubmit function| addpass function| safe_deactivate_show function| safekeySend function| changeAvatar function| deleteAvatar function| datepickerShow function| button_datepickerShow function| verkeySend function| addQuestion function| usageTermsShow function| validErrorShow function| uname_check function| required_uname_check function| login_check function| validCheck function| validErrorHidden function| formErrorHidden function| validReset function| login_validForm function| reg_validForm function| lostpass_validForm function| changemail_validForm function| bt_logout function| login2step_change object| UAV boolean| tip_autoclose boolean| ftip_autoclose number| winX number| winY number| cRangeX number| cRangeY number| docX number| docY object| brcb object| siteMenu object| reCapIDs function| winResize function| fix_banner_center function| timeoutsesscancel function| timeoutsessrun function| locationReplace function| checkWidthMenu function| checkAll function| checkSingle function| tipHide function| ftipHide function| tipAutoClose function| ftipAutoClose function| tipShow function| ftipShow function| openID_load function| openID_result function| qrcodeLoad function| switchTab function| loginForm function| modalShow function| modalShowByObj function| nvbreadcrumbs function| showSubBreadcrumbs function| cookie_notice_hide function| change_captcha function| isRecaptchaCheck function| reCaptcha2Recreate function| reCaptcha2OnLoad function| reCaptcha2Callback function| reCaptcha2ApiLoad function| reCaptcha3OnLoad function| reCaptcha3ApiLoad object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_289656

5 Cookies

Domain/Path Name / Value
.clients.onefxea.com/ Name: nv4_ctr
Value: ODBfMjU1XzdfMTA3LkRF
.clients.onefxea.com/ Name: nv4_sess
Value: gaqkoufhpv9jsr98bj1j7v2ip0
.clients.onefxea.com/ Name: nv4_statistic_en
Value: DMSc-KazPtoYs-_-gpymqg%2C%2C
.clients.onefxea.com/ Name: nv4_nventhemever
Value: ep_1It6I-91byBG0zDRjLg%2C%2C
.clients.onefxea.com/ Name: nv4_cltz
Value: 120.60.120%257C%252F%257C.clients.onefxea.com

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clients.onefxea.com
www.google.com
www.gstatic.com
123.30.249.124
142.250.184.228
2a00:1450:4001:80e::2003
0d7a721ac9e91827007481b172c9ebaa37b0ab334be201ff9549224ae3acb3a3
0eb842b1fadecf553daa5a752e58ffc601b62ff58db3665e8fd938700f7fa903
0ec782544506a0aea967ea044659c633e1ee735b79e5172cb263797cc5cefe3a
10188398053694c3d42984d33a498e8a3514ff07383ee6474513673c1c46e3b7
115be10df43e19ced27a02f22fca13b8857fac52864591cbcff5015e74ce0627
134c2ed468f37ed61c5f1109a2ce3750495f551376f323c85d7b6061c2ae2d63
195163518f440b94fe2e969555284207728703716098b79c04314173d74b2e0f
1d46a78c17d1f7b18a2d9e0b3b422e0912c88ed9e9c556a93d2a50275f2a9139
28632e28cae5dff8a40974c359d2589d4b3ce11f3380c1d9bb62e45743b987cd
32a372828a837931b0a9238ffbd23f3921e389c726418b207eb43d8b0d702f9a
3675ed57fbe359962a7a4a6c67096a2e59a4e3930a0ffb8550414e03a0c89dc2
42c18826bab08f8433ed4727923c536b54db688810dff250a4bef774b3fcd827
48972d11252ccc466a3a7e38246dc9de5c4c868d3d18a1823cf922788900c513
62f402f313d75c65f5ee673f8715d460be4235c0b9bd2f46ca43e33d2173895c
6a382a283c77b7e93e7bb5b0b1902242082a4800dac20da3334d641093b33005
6e94056227e9bcd7e6e8a9cc2976650c0bc5608c865e45a36c24dd6f0325881f
7c08b1f34081749cd564aac907e0ebcf7bc8faecd3b7551f4447a784fcc07296
8f54494e39fc90077b1319ba1cc432f24d9017c7fe9b083a9f1b5f78ef596e90
96ab69c7bf79bc856a26d90ece708a0c78d2544c8a4d48ff74118a3ab58ef8f7
9cb4e16246b35a90ddc8ff585670beb0fcf320cfcbd985a8aff8db6d08d3059c
a65f4ad1b00225bd2f9709233cbee4b344f520173ea5a5d646408490d17933f5
cda69da913743135ba4b1b067f540b74d982f376783b9feb886ee4b339497a0f
d05090ad47b860e895cd43fac0f13d56b8c10c53ee7fb1e8ca2f2b073fb91d1a
d83b87f5f5e7e6c4727b7232cf1b34f31c97b2349ea781c31b6cfffd56f02b86
e0d25147eade8f569fc806751a0dadfca562f80496cc2d2488ce78f5df06bcd0
f4eea55f439037523d542cfa498e13bc8910850dc96e0140189c340ff15c8ff5
fccc48c02caa70da1bc5a4a7e06048797bf74e3d1a5638bcaeb46e02e8d09210
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e