doctordong.vn/?utm_source=pdlprofit&utm_medium=cpa&utm_term=32995&click_id=ac22cf0f3fa21f455d4bb82c8121124e8f64cd8b
104.16.119.40301 Moved Permanently 0 B URL HTTP/1.1 doctordong.vn/?utm_source=pdlprofit&utm_medium=cpa&utm_term=32995&click_id=ac22cf0f3fa21f455d4bb82c8121124e8f64cd8b
IP 104.16.119.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?utm_source=pdlprofit&utm_medium=cpa&utm_term=32995&click_id=ac22cf0f3fa21f455d4bb82c8121124e8f64cd8b HTTP/1.1
Host: doctordong.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Dec 2022 03:09:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 09 Dec 2022 04:09:30 GMT
Location: https://doctordong.vn/?utm_source=pdlprofit&utm_medium=cpa&utm_term=32995&click_id=ac22cf0f3fa21f455d4bb82c8121124e8f64cd8b
Server-Timing: cf-q-config;dur=7.0000023697503e-06
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Set-Cookie: __cfruid=d044e217bbbd37931b692d97c6f216c23f972d8c-1670555370; path=/; domain=.doctordong.vn; HttpOnly
Server: cloudflare
CF-RAY: 776a8ad6cd4cb524-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7877
Expires: Fri, 09 Dec 2022 05:20:47 GMT
Date: Fri, 09 Dec 2022 03:09:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10385
Expires: Fri, 09 Dec 2022 06:02:35 GMT
Date: Fri, 09 Dec 2022 03:09:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 03:08:17 GMT
content-type: application/json
age: 73
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7542
Expires: Fri, 09 Dec 2022 05:15:12 GMT
Date: Fri, 09 Dec 2022 03:09:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ru6AFxMzMekkt+uhLBkpF9/XQPxCiXwsmzk72sjfdM5NxGHuQtO/75kKJKEkicEGb+LpEzVs5fw=
x-amz-request-id: JMZTX23YC8GJRTYG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 02:50:05 GMT
age: 1165
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 03:09:30 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 6864130ed275ab56685548885c1e9c4d
169da4c7ad01aedc27acaf29c323ebebea4309c4
5cf7c5c89c101c1fa1f4a2cd1bdbd4513cfcd56298e6718ba7f2cfaaf1a09e10
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=159659
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:09:30 GMT
Etag: "63927395-118"
Expires: Sat, 10 Dec 2022 23:30:29 GMT
Last-Modified: Thu, 08 Dec 2022 23:30:29 GMT
Server: nginx
Content-Length: 280
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 03:07:59 GMT
age: 91
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1031
Cache-Control: max-age=108872
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:09:31 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 09:24:03 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.189.139.67101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.139.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kxOhlzBA/P58Q0fqJ7dGbA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dTsgEepwsczaWBBqktTlis7kb2w=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b5cba4e1962a1fe17c9021f3e418975a
01293d7e4084011451f7d17936ab2427504cdb1a
ecfe30d3abc32ca9f933303d75b2055642d3c7c8197af08fe2c314394699594b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:09:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=6Lc1f6oUAAAAAAwnoHkFB4GqHm19H5OCleA9pY0F
142.250.74.164200 OK 583 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Lc1f6oUAAAAAAwnoHkFB4GqHm19H5OCleA9pY0F
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash b675b87b7799dce17b6193c6ab8ce759
8609835a35dbfd37201c74a5724727ddac16d7fc
46315158f84af0eb3c9296ee097b455832068df043bacbec1c2eacb003079d00
GET /recaptcha/api.js?render=6Lc1f6oUAAAAAAwnoHkFB4GqHm19H5OCleA9pY0F HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doctordong.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 09 Dec 2022 03:09:31 GMT
date: Fri, 09 Dec 2022 03:09:31 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 583
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:09:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:09:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a0905812e8498e6c5c0a9b4b584b972f
039b784fd1e0152ec7f49a54ba027f0b2bd1e833
ee3531ef0f334dcd73a86b1e4365a020d5db69ff7b82bad136eaf1a8e9d3b47f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:09:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:09:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
doctordong.vn/packs/js/components/main/applications/slider_components/review-bda88800999a4d7d0300.js
104.16.119.40200 OK 45 kB URL HTTP/2 doctordong.vn/packs/js/components/main/applications/slider_components/review-bda88800999a4d7d0300.js
IP 104.16.119.40:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 75e8e32a4ca3c5d733625492a6d6d39d
c31acb61b44a957a651d1ee1d0730079b52bae40
32a8a5c306e04b69a3299209f436be2012f6fa39402e9ae24683f5e0f100a4bd
Analyzer Verdict Alert fortinet Phishing
GET /packs/js/components/main/applications/slider_components/review-bda88800999a4d7d0300.js HTTP/1.1
Host: doctordong.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doctordong.vn/?utm_source=pdlprofit&utm_medium=cpa&utm_term=32995&click_id=ac22cf0f3fa21f455d4bb82c8121124e8f64cd8b
Cookie: __cfruid=29fbdc0f4b53ab6385fd217a1d19d5f976033a51-1670555371; url_log=https%3A%2F%2Fdoctordong.vn%2F%3Fclick_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b%26utm_medium%3Dcpa%26utm_source%3Dpdlprofit%26utm_term%3D32995; utm_medium_true_sec=R0gzZHUxbFhQZkgzSHJyN0JEdmN6UT09LS1UZWxWVW1xNWVyQ1RuanRpb1hFNWFRPT0%3D--4b1e5ad0e9a424736e5f9691d3c5a59e96f3db21; utm_source_true_sec=Y2dNaXhmUnFSOEc2MGs1YVJJUkJWdz09LS15OTA3dlErejJ0c1c1d215VENqMVdRPT0%3D--abb94f8745b0d21e8e9ac9c7e46bdde99a1ef350; utm_term_true_sec=SEtLQVlLR3NuMFBhcWozNmZIQ2E2UT09LS16YWlTQUdYeWJhWjIwMUxTRkJjSkZBPT0%3D--36ae2e3027c0ec8957b7fd05832e74d66d40ca84; cet=Qkg5YVRqM3dyOEZwd0YvczdpQ3FNNzNxSXg0bzNEdjVCR0hVTXJlUTVnZz0tLXk4VGhyeFovTjhYalN3RHZ6ZERKVkE9PQ%3D%3D--60c52289dae5d59da419ae1bd7e075651caa9a07; utm_source_sec=d2MzS3JnaE1SUzd3L1JBQURSWTk1UT09LS1YRmRwbkw1Wnh1RmVYblZRRXpHYVBnPT0%3D--53cab07ce8042e089405fbbd280e819bb5eb6316; utm_medium_sec=WlNrS2kxZE1GajhrRkJpeTlLd2lGZz09LS01RDZ1UXFlb3VkVDBVSHpLSlVNZHpnPT0%3D--f7e3d46fb32f1e15c673d3f2e8320bd664516e28; utm_term_sec=bEtGY2ZaQUFoNm5FcmNjdDhLd1haUT09LS1LVk9sTmxuRTlNUWphVDFSM1lqc3B3PT0%3D--0fadb5225afdfbe1d257edb0aa714f68d4a3e3ea; click_id_sec=dzhTakNETjFsTU94ZTI1SVk2TlNiU2puOFRIaVVZZWFjeTdvbm82d1d0VFY5aDM4NzRFQ0FtQWlzQnpyb04yOS0tUThUaHFoZUlscDRKRlJTREczVld1dz09--97b3f151d36462ca95cc8df9e6a3e298760aa740; product_code_sec=aUV6ems4MUNYaFpha05rWjluLzdEZz09LS1SaHROVkRTWnZjbjNmWmI3NE9UVVNnPT0%3D--63eb9166b4d7abe526ca4cdd5ab5244795366a76; _doctordong_session=UEFwRVpmL3pUQ3BrWTBIVmFnbE9MMTlHOFNhUGF2b1pqRC9POWd1eXA5d2hlZklTK2ZBZjJxYVlKVjV4MGJQalpIRyt6dDRzUCs5YVNxaFN4b2NMZWJaNkRZakIxc0syWWQwQW55Zkk2bHNGZ1JndXhMRXZlWXRNWjJrWkdKQmVCR2w1UXN3RlM3Y3F6azRQcTczbTNIUHBvMnJ6QmtKUlhpUzd4eDFOa0xLMjAzSU1icnBRK1FHWCtpSi8rRUJEcmFBMVFtYTR1ckFCQ2ZZMFhCYzBtd2FxTEN3QWU3Um1aN0dQQTN1UWNYWmwrTHdqZUFuTmYvZmtjc1dKM2hCV0FMQWF1QjFkbENQUjRjbEgxOXdsMEs5SHlrMFp2TnIvendISDdxc0ZsUG9obER5K25PdkV0R0RESG1pT1E1S1hPVHpNenVXaWtqZ2FONjdnelhiTTVWdkZFTS93U3FRQ3dJelVrNlR5TWZzPS0tekZNYkZ6dTBmb3M0YVVDYUZPMW9jQT09--68e4e71d009bfaa0e24339255c89d891c36af420
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:09:31 GMT
content-type: application/javascript
cache-control: public, max-age=315360000
cf-bgj: minify
cf-polished: origSize=137357
expires: Mon, 06 Dec 2032 03:09:31 GMT
last-modified: Wed, 30 Nov 2022 11:20:30 GMT
cf-cache-status: HIT
age: 173059
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776a8ae0f97ab518-OSL
content-encoding: br
X-Firefox-Spdy: h2
doctordong.vn/packs/media/webfonts/fa-regular-400-f0f82301.woff2
104.16.119.40200 OK 13 kB URL HTTP/2 doctordong.vn/packs/media/webfonts/fa-regular-400-f0f82301.woff2
IP 104.16.119.40:0
File type Web Open Font Format (Version 2), TrueType, length 13276, version 331.-31261\012- data
Hash f0f8230116992e521526097a28f54066
0447c6b10bbf73f97b23dcfd6e6a48510822cb6e
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
Analyzer Verdict Alert fortinet Phishing
GET /packs/media/webfonts/fa-regular-400-f0f82301.woff2 HTTP/1.1
Host: doctordong.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://doctordong.vn/packs/css/application-16208a23.css
Cookie: __cfruid=29fbdc0f4b53ab6385fd217a1d19d5f976033a51-1670555371; url_log=https%3A%2F%2Fdoctordong.vn%2F%3Fclick_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b%26utm_medium%3Dcpa%26utm_source%3Dpdlprofit%26utm_term%3D32995; utm_medium_true_sec=R0gzZHUxbFhQZkgzSHJyN0JEdmN6UT09LS1UZWxWVW1xNWVyQ1RuanRpb1hFNWFRPT0%3D--4b1e5ad0e9a424736e5f9691d3c5a59e96f3db21; utm_source_true_sec=Y2dNaXhmUnFSOEc2MGs1YVJJUkJWdz09LS15OTA3dlErejJ0c1c1d215VENqMVdRPT0%3D--abb94f8745b0d21e8e9ac9c7e46bdde99a1ef350; utm_term_true_sec=SEtLQVlLR3NuMFBhcWozNmZIQ2E2UT09LS16YWlTQUdYeWJhWjIwMUxTRkJjSkZBPT0%3D--36ae2e3027c0ec8957b7fd05832e74d66d40ca84; cet=Qkg5YVRqM3dyOEZwd0YvczdpQ3FNNzNxSXg0bzNEdjVCR0hVTXJlUTVnZz0tLXk4VGhyeFovTjhYalN3RHZ6ZERKVkE9PQ%3D%3D--60c52289dae5d59da419ae1bd7e075651caa9a07; utm_source_sec=d2MzS3JnaE1SUzd3L1JBQURSWTk1UT09LS1YRmRwbkw1Wnh1RmVYblZRRXpHYVBnPT0%3D--53cab07ce8042e089405fbbd280e819bb5eb6316; utm_medium_sec=WlNrS2kxZE1GajhrRkJpeTlLd2lGZz09LS01RDZ1UXFlb3VkVDBVSHpLSlVNZHpnPT0%3D--f7e3d46fb32f1e15c673d3f2e8320bd664516e28; utm_term_sec=bEtGY2ZaQUFoNm5FcmNjdDhLd1haUT09LS1LVk9sTmxuRTlNUWphVDFSM1lqc3B3PT0%3D--0fadb5225afdfbe1d257edb0aa714f68d4a3e3ea; click_id_sec=dzhTakNETjFsTU94ZTI1SVk2TlNiU2puOFRIaVVZZWFjeTdvbm82d1d0VFY5aDM4NzRFQ0FtQWlzQnpyb04yOS0tUThUaHFoZUlscDRKRlJTREczVld1dz09--97b3f151d36462ca95cc8df9e6a3e298760aa740; product_code_sec=aUV6ems4MUNYaFpha05rWjluLzdEZz09LS1SaHROVkRTWnZjbjNmWmI3NE9UVVNnPT0%3D--63eb9166b4d7abe526ca4cdd5ab5244795366a76; _doctordong_session=UEFwRVpmL3pUQ3BrWTBIVmFnbE9MMTlHOFNhUGF2b1pqRC9POWd1eXA5d2hlZklTK2ZBZjJxYVlKVjV4MGJQalpIRyt6dDRzUCs5YVNxaFN4b2NMZWJaNkRZakIxc0syWWQwQW55Zkk2bHNGZ1JndXhMRXZlWXRNWjJrWkdKQmVCR2w1UXN3RlM3Y3F6azRQcTczbTNIUHBvMnJ6QmtKUlhpUzd4eDFOa0xLMjAzSU1icnBRK1FHWCtpSi8rRUJEcmFBMVFtYTR1ckFCQ2ZZMFhCYzBtd2FxTEN3QWU3Um1aN0dQQTN1UWNYWmwrTHdqZUFuTmYvZmtjc1dKM2hCV0FMQWF1QjFkbENQUjRjbEgxOXdsMEs5SHlrMFp2TnIvendISDdxc0ZsUG9obER5K25PdkV0R0RESG1pT1E1S1hPVHpNenVXaWtqZ2FONjdnelhiTTVWdkZFTS93U3FRQ3dJelVrNlR5TWZzPS0tekZNYkZ6dTBmb3M0YVVDYUZPMW9jQT09--68e4e71d009bfaa0e24339255c89d891c36af420
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:09:31 GMT
content-type: font/woff2
content-length: 13276
expires: Mon, 06 Dec 2032 03:09:31 GMT
cache-control: public, max-age=315360000
last-modified: Wed, 07 Dec 2022 03:05:13 GMT
cf-cache-status: HIT
age: 173058
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776a8ae279f0b518-OSL
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-WWVX9V
142.250.74.168200 OK 68 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-WWVX9V
IP 142.250.74.168:0
File type Unicode text, UTF-8 text, with very long lines (18141)
Hash 2702f1ec17c4efa89082e4fec71bf725
529bb22d594cabf5084a9f1318b16f9329855082
d1ed7e3aafb9b0ab52a80a92d0fd5342d70409632f779488f169b75a44aceaa1
GET /gtm.js?id=GTM-WWVX9V HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doctordong.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Dec 2022 03:09:31 GMT
expires: Fri, 09 Dec 2022 03:09:31 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 68310
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:09:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:09:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:09:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
doctordong.vn/packs/media/images/version_merge/hero_orange-c53a2eb27a0ec80b3fc65433feef417f.jpg
104.16.119.40200 OK 332 kB URL HTTP/2 doctordong.vn/packs/media/images/version_merge/hero_orange-c53a2eb27a0ec80b3fc65433feef417f.jpg
IP 104.16.119.40:0
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 56x56, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=3, software=GIMP 2.10.8, datetime=2020:02:03 16:24:55], progressive, precision 8, 1452x1718, components 3\012- data
Size 332 kB (332058 bytes)
Hash c53a2eb27a0ec80b3fc65433feef417f
01bafd2d2a38afa0fa80e06ebe30a86b8b89bc62
70adf2a87c4b93138c9512b1eba9dae390e02d9b48d51446570c3ea12832325b
GET /packs/media/images/version_merge/hero_orange-c53a2eb27a0ec80b3fc65433feef417f.jpg HTTP/1.1
Host: doctordong.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doctordong.vn/?utm_source=pdlprofit&utm_medium=cpa&utm_term=32995&click_id=ac22cf0f3fa21f455d4bb82c8121124e8f64cd8b
Cookie: __cfruid=29fbdc0f4b53ab6385fd217a1d19d5f976033a51-1670555371; url_log=https%3A%2F%2Fdoctordong.vn%2F%3Fclick_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b%26utm_medium%3Dcpa%26utm_source%3Dpdlprofit%26utm_term%3D32995; utm_medium_true_sec=R0gzZHUxbFhQZkgzSHJyN0JEdmN6UT09LS1UZWxWVW1xNWVyQ1RuanRpb1hFNWFRPT0%3D--4b1e5ad0e9a424736e5f9691d3c5a59e96f3db21; utm_source_true_sec=Y2dNaXhmUnFSOEc2MGs1YVJJUkJWdz09LS15OTA3dlErejJ0c1c1d215VENqMVdRPT0%3D--abb94f8745b0d21e8e9ac9c7e46bdde99a1ef350; utm_term_true_sec=SEtLQVlLR3NuMFBhcWozNmZIQ2E2UT09LS16YWlTQUdYeWJhWjIwMUxTRkJjSkZBPT0%3D--36ae2e3027c0ec8957b7fd05832e74d66d40ca84; cet=Qkg5YVRqM3dyOEZwd0YvczdpQ3FNNzNxSXg0bzNEdjVCR0hVTXJlUTVnZz0tLXk4VGhyeFovTjhYalN3RHZ6ZERKVkE9PQ%3D%3D--60c52289dae5d59da419ae1bd7e075651caa9a07; utm_source_sec=d2MzS3JnaE1SUzd3L1JBQURSWTk1UT09LS1YRmRwbkw1Wnh1RmVYblZRRXpHYVBnPT0%3D--53cab07ce8042e089405fbbd280e819bb5eb6316; utm_medium_sec=WlNrS2kxZE1GajhrRkJpeTlLd2lGZz09LS01RDZ1UXFlb3VkVDBVSHpLSlVNZHpnPT0%3D--f7e3d46fb32f1e15c673d3f2e8320bd664516e28; utm_term_sec=bEtGY2ZaQUFoNm5FcmNjdDhLd1haUT09LS1LVk9sTmxuRTlNUWphVDFSM1lqc3B3PT0%3D--0fadb5225afdfbe1d257edb0aa714f68d4a3e3ea; click_id_sec=dzhTakNETjFsTU94ZTI1SVk2TlNiU2puOFRIaVVZZWFjeTdvbm82d1d0VFY5aDM4NzRFQ0FtQWlzQnpyb04yOS0tUThUaHFoZUlscDRKRlJTREczVld1dz09--97b3f151d36462ca95cc8df9e6a3e298760aa740; product_code_sec=aUV6ems4MUNYaFpha05rWjluLzdEZz09LS1SaHROVkRTWnZjbjNmWmI3NE9UVVNnPT0%3D--63eb9166b4d7abe526ca4cdd5ab5244795366a76; _doctordong_session=UEFwRVpmL3pUQ3BrWTBIVmFnbE9MMTlHOFNhUGF2b1pqRC9POWd1eXA5d2hlZklTK2ZBZjJxYVlKVjV4MGJQalpIRyt6dDRzUCs5YVNxaFN4b2NMZWJaNkRZakIxc0syWWQwQW55Zkk2bHNGZ1JndXhMRXZlWXRNWjJrWkdKQmVCR2w1UXN3RlM3Y3F6azRQcTczbTNIUHBvMnJ6QmtKUlhpUzd4eDFOa0xLMjAzSU1icnBRK1FHWCtpSi8rRUJEcmFBMVFtYTR1ckFCQ2ZZMFhCYzBtd2FxTEN3QWU3Um1aN0dQQTN1UWNYWmwrTHdqZUFuTmYvZmtjc1dKM2hCV0FMQWF1QjFkbENQUjRjbEgxOXdsMEs5SHlrMFp2TnIvendISDdxc0ZsUG9obER5K25PdkV0R0RESG1pT1E1S1hPVHpNenVXaWtqZ2FONjdnelhiTTVWdkZFTS93U3FRQ3dJelVrNlR5TWZzPS0tekZNYkZ6dTBmb3M0YVVDYUZPMW9jQT09--68e4e71d009bfaa0e24339255c89d891c36af420
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:09:32 GMT
content-type: image/jpeg
content-length: 332058
cache-control: public, max-age=315360000
cf-bgj: h2pri
expires: Mon, 06 Dec 2032 03:09:32 GMT
last-modified: Fri, 02 Dec 2022 11:23:57 GMT
cf-cache-status: HIT
age: 173060
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776a8ae2ea17b518-OSL
X-Firefox-Spdy: h2
fonts.gstatic.com/s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
142.250.74.35200 OK 26 kB URL HTTP/2 fonts.gstatic.com/s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 25672, version 1.0\012- data
Hash fe3e5be2baa0126122ba9367ebab73c8
40bec99106dfab5f3721ed725483eb618a9016cd
8b166007d6f54c33b3ea10ea23572bc3166f55f365840d3cbd6ef7b5dcf6674e
GET /s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://doctordong.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25672
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 21:56:33 GMT
expires: Fri, 08 Dec 2023 21:56:33 GMT
cache-control: public, max-age=31536000
age: 18779
last-modified: Mon, 18 Jul 2022 19:12:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
doctordong.vn/?utm_source=pdlprofit&utm_medium=cpa&utm_term=32995&click_id=ac22cf0f3fa21f455d4bb82c8121124e8f64cd8b
104.16.119.40200 OK 39 kB URL HTTP/2 doctordong.vn/?utm_source=pdlprofit&utm_medium=cpa&utm_term=32995&click_id=ac22cf0f3fa21f455d4bb82c8121124e8f64cd8b
IP 104.16.119.40:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (31892)
Hash da660b9faf61b941380389559ec2bfe4
162325baffa8488d803a0bc77691b45e87591df2
53fc025df9cfb664ded444d464a489b6af8fc0ed781d765d1e6116d34b791191
GET /?utm_source=pdlprofit&utm_medium=cpa&utm_term=32995&click_id=ac22cf0f3fa21f455d4bb82c8121124e8f64cd8b HTTP/1.1
Host: doctordong.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:09:31 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=0, private, must-revalidate
x-request-id: 60093325-73dd-4260-b91d-497b53962757
x-runtime: 0.144438
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
set-cookie: url_log=https%3A%2F%2Fdoctordong.vn%2F%3Fclick_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b%26utm_medium%3Dcpa%26utm_source%3Dpdlprofit%26utm_term%3D32995; path=/; HttpOnly
utm_medium_true_sec=R0gzZHUxbFhQZkgzSHJyN0JEdmN6UT09LS1UZWxWVW1xNWVyQ1RuanRpb1hFNWFRPT0%3D--4b1e5ad0e9a424736e5f9691d3c5a59e96f3db21; path=/; HttpOnly; SameSite=Lax; expires=Sun, 08 Jan 2023 03:09:31 -0000
utm_source_true_sec=Y2dNaXhmUnFSOEc2MGs1YVJJUkJWdz09LS15OTA3dlErejJ0c1c1d215VENqMVdRPT0%3D--abb94f8745b0d21e8e9ac9c7e46bdde99a1ef350; path=/; HttpOnly; SameSite=Lax; expires=Sun, 08 Jan 2023 03:09:31 -0000
utm_term_true_sec=SEtLQVlLR3NuMFBhcWozNmZIQ2E2UT09LS16YWlTQUdYeWJhWjIwMUxTRkJjSkZBPT0%3D--36ae2e3027c0ec8957b7fd05832e74d66d40ca84; path=/; HttpOnly; SameSite=Lax; expires=Sun, 08 Jan 2023 03:09:31 -0000
cet=Qkg5YVRqM3dyOEZwd0YvczdpQ3FNNzNxSXg0bzNEdjVCR0hVTXJlUTVnZz0tLXk4VGhyeFovTjhYalN3RHZ6ZERKVkE9PQ%3D%3D--60c52289dae5d59da419ae1bd7e075651caa9a07; path=/; HttpOnly; SameSite=Lax; expires=Sun, 08 Jan 2023 03:09:31 -0000
utm_source_sec=d2MzS3JnaE1SUzd3L1JBQURSWTk1UT09LS1YRmRwbkw1Wnh1RmVYblZRRXpHYVBnPT0%3D--53cab07ce8042e089405fbbd280e819bb5eb6316; path=/; HttpOnly; SameSite=Lax; expires=Sun, 08 Jan 2023 03:09:31 -0000
utm_medium_sec=WlNrS2kxZE1GajhrRkJpeTlLd2lGZz09LS01RDZ1UXFlb3VkVDBVSHpLSlVNZHpnPT0%3D--f7e3d46fb32f1e15c673d3f2e8320bd664516e28; path=/; HttpOnly; SameSite=Lax; expires=Sun, 08 Jan 2023 03:09:31 -0000
utm_term_sec=bEtGY2ZaQUFoNm5FcmNjdDhLd1haUT09LS1LVk9sTmxuRTlNUWphVDFSM1lqc3B3PT0%3D--0fadb5225afdfbe1d257edb0aa714f68d4a3e3ea; path=/; HttpOnly; SameSite=Lax; expires=Sun, 08 Jan 2023 03:09:31 -0000
click_id_sec=dzhTakNETjFsTU94ZTI1SVk2TlNiU2puOFRIaVVZZWFjeTdvbm82d1d0VFY5aDM4NzRFQ0FtQWlzQnpyb04yOS0tUThUaHFoZUlscDRKRlJTREczVld1dz09--97b3f151d36462ca95cc8df9e6a3e298760aa740; path=/; HttpOnly; SameSite=Lax; expires=Sun, 08 Jan 2023 03:09:31 -0000
product_code_sec=aUV6ems4MUNYaFpha05rWjluLzdEZz09LS1SaHROVkRTWnZjbjNmWmI3NE9UVVNnPT0%3D--63eb9166b4d7abe526ca4cdd5ab5244795366a76; path=/; HttpOnly; SameSite=Lax; expires=Sun, 08 Jan 2023 03:09:31 -0000
_doctordong_session=UEFwRVpmL3pUQ3BrWTBIVmFnbE9MMTlHOFNhUGF2b1pqRC9POWd1eXA5d2hlZklTK2ZBZjJxYVlKVjV4MGJQalpIRyt6dDRzUCs5YVNxaFN4b2NMZWJaNkRZakIxc0syWWQwQW55Zkk2bHNGZ1JndXhMRXZlWXRNWjJrWkdKQmVCR2w1UXN3RlM3Y3F6azRQcTczbTNIUHBvMnJ6QmtKUlhpUzd4eDFOa0xLMjAzSU1icnBRK1FHWCtpSi8rRUJEcmFBMVFtYTR1ckFCQ2ZZMFhCYzBtd2FxTEN3QWU3Um1aN0dQQTN1UWNYWmwrTHdqZUFuTmYvZmtjc1dKM2hCV0FMQWF1QjFkbENQUjRjbEgxOXdsMEs5SHlrMFp2TnIvendISDdxc0ZsUG9obER5K25PdkV0R0RESG1pT1E1S1hPVHpNenVXaWtqZ2FONjdnelhiTTVWdkZFTS93U3FRQ3dJelVrNlR5TWZzPS0tekZNYkZ6dTBmb3M0YVVDYUZPMW9jQT09--68e4e71d009bfaa0e24339255c89d891c36af420; path=/; HttpOnly; SameSite=Lax
__cfruid=29fbdc0f4b53ab6385fd217a1d19d5f976033a51-1670555371; path=/; domain=.doctordong.vn; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 776a8ada5effb518-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 8ecf113c153f96dde52625df36f9dfd0
5f36322aa2ae859aa0085de00c2664f7a54ed393
3491141b8b24187ca205661596614dd48a753c2d2f9ee6115f39cb222ad2d438
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 09 Dec 2022 03:09:31 GMT
Last-Modified: Fri, 09 Dec 2022 02:23:51 GMT
Server: ECS (bsa/EB12)
X-Cache: Miss from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Gm7DZ1tM8ciGBqWIVdimmZf_R77URbvP44KMe2mfk8fHgOn5tVNreg==
Age: 2740
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3334fdf917e935ba9d8b2eeba8e5cffe
117351b066025011e14ee1a9435982f666c3b869
06920b7da42ae1a0f2b35b0fb0b5b9c1653f37cf05768cbf4c1e02239619393b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 225
Cache-Control: max-age=99412
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:09:32 GMT
Etag: "6391875f-117"
Expires: Sat, 10 Dec 2022 06:46:24 GMT
Last-Modified: Thu, 08 Dec 2022 06:42:39 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
doctordong.vn/packs/media/images/version_merge/appstore_btn-7eecfa9918235f98871900471171e858.svg
104.16.119.40200 OK 64 kB URL HTTP/2 doctordong.vn/packs/media/images/version_merge/appstore_btn-7eecfa9918235f98871900471171e858.svg
IP 104.16.119.40:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (8564)
Hash ee613a64638cc8877af479eb03cd0e78
050c0bdb76395fd6a85c891812a1121937a0c8f1
44081a3619c744681a4f604c1c4df254b43572bbb625840787663a03aca4ac96
Analyzer Verdict Alert fortinet Phishing
GET /packs/media/images/version_merge/appstore_btn-7eecfa9918235f98871900471171e858.svg HTTP/1.1
Host: doctordong.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doctordong.vn/?utm_source=pdlprofit&utm_medium=cpa&utm_term=32995&click_id=ac22cf0f3fa21f455d4bb82c8121124e8f64cd8b
Cookie: __cfruid=29fbdc0f4b53ab6385fd217a1d19d5f976033a51-1670555371; url_log=https%3A%2F%2Fdoctordong.vn%2F%3Fclick_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b%26utm_medium%3Dcpa%26utm_source%3Dpdlprofit%26utm_term%3D32995; utm_medium_true_sec=R0gzZHUxbFhQZkgzSHJyN0JEdmN6UT09LS1UZWxWVW1xNWVyQ1RuanRpb1hFNWFRPT0%3D--4b1e5ad0e9a424736e5f9691d3c5a59e96f3db21; utm_source_true_sec=Y2dNaXhmUnFSOEc2MGs1YVJJUkJWdz09LS15OTA3dlErejJ0c1c1d215VENqMVdRPT0%3D--abb94f8745b0d21e8e9ac9c7e46bdde99a1ef350; utm_term_true_sec=SEtLQVlLR3NuMFBhcWozNmZIQ2E2UT09LS16YWlTQUdYeWJhWjIwMUxTRkJjSkZBPT0%3D--36ae2e3027c0ec8957b7fd05832e74d66d40ca84; cet=Qkg5YVRqM3dyOEZwd0YvczdpQ3FNNzNxSXg0bzNEdjVCR0hVTXJlUTVnZz0tLXk4VGhyeFovTjhYalN3RHZ6ZERKVkE9PQ%3D%3D--60c52289dae5d59da419ae1bd7e075651caa9a07; utm_source_sec=d2MzS3JnaE1SUzd3L1JBQURSWTk1UT09LS1YRmRwbkw1Wnh1RmVYblZRRXpHYVBnPT0%3D--53cab07ce8042e089405fbbd280e819bb5eb6316; utm_medium_sec=WlNrS2kxZE1GajhrRkJpeTlLd2lGZz09LS01RDZ1UXFlb3VkVDBVSHpLSlVNZHpnPT0%3D--f7e3d46fb32f1e15c673d3f2e8320bd664516e28; utm_term_sec=bEtGY2ZaQUFoNm5FcmNjdDhLd1haUT09LS1LVk9sTmxuRTlNUWphVDFSM1lqc3B3PT0%3D--0fadb5225afdfbe1d257edb0aa714f68d4a3e3ea; click_id_sec=dzhTakNETjFsTU94ZTI1SVk2TlNiU2puOFRIaVVZZWFjeTdvbm82d1d0VFY5aDM4NzRFQ0FtQWlzQnpyb04yOS0tUThUaHFoZUlscDRKRlJTREczVld1dz09--97b3f151d36462ca95cc8df9e6a3e298760aa740; product_code_sec=aUV6ems4MUNYaFpha05rWjluLzdEZz09LS1SaHROVkRTWnZjbjNmWmI3NE9UVVNnPT0%3D--63eb9166b4d7abe526ca4cdd5ab5244795366a76; _doctordong_session=UEFwRVpmL3pUQ3BrWTBIVmFnbE9MMTlHOFNhUGF2b1pqRC9POWd1eXA5d2hlZklTK2ZBZjJxYVlKVjV4MGJQalpIRyt6dDRzUCs5YVNxaFN4b2NMZWJaNkRZakIxc0syWWQwQW55Zkk2bHNGZ1JndXhMRXZlWXRNWjJrWkdKQmVCR2w1UXN3RlM3Y3F6azRQcTczbTNIUHBvMnJ6QmtKUlhpUzd4eDFOa0xLMjAzSU1icnBRK1FHWCtpSi8rRUJEcmFBMVFtYTR1ckFCQ2ZZMFhCYzBtd2FxTEN3QWU3Um1aN0dQQTN1UWNYWmwrTHdqZUFuTmYvZmtjc1dKM2hCV0FMQWF1QjFkbENQUjRjbEgxOXdsMEs5SHlrMFp2TnIvendISDdxc0ZsUG9obER5K25PdkV0R0RESG1pT1E1S1hPVHpNenVXaWtqZ2FONjdnelhiTTVWdkZFTS93U3FRQ3dJelVrNlR5TWZzPS0tekZNYkZ6dTBmb3M0YVVDYUZPMW9jQT09--68e4e71d009bfaa0e24339255c89d891c36af420
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:09:32 GMT
content-type: image/svg+xml
expires: Mon, 06 Dec 2032 03:09:32 GMT
cache-control: public, max-age=315360000
last-modified: Fri, 02 Dec 2022 11:23:57 GMT
cf-cache-status: HIT
age: 173060
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776a8ae2da13b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 795e67bdfadc3c890a663080413b56b7
fdefde3befb6aceac3c337c34c8d738f5091908c
8375b55cfc13989b0cf96293b7bead2ce5811a993b3445da1776ca7015c36985
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:09:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hJFQNcOM.woff2
142.250.74.35200 OK 6.8 kB URL HTTP/2 fonts.gstatic.com/s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hJFQNcOM.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 6764, version 1.0\012- data
Hash 1743b1f6cc8e6018241c76c5c9cfe5fa
38b2463aef1648ef903aa6567eb39b3d1fa289d0
4300f8b2fe7c4584f81acd4797abeab846f74378ef6d7d6420f6e6fe95b2dd9f
GET /s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hJFQNcOM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://doctordong.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 6764
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 16:32:33 GMT
expires: Wed, 06 Dec 2023 16:32:33 GMT
cache-control: public, max-age=31536000
age: 211019
last-modified: Mon, 18 Jul 2022 19:21:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:09:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
doctordong.vn/packs/media/images/version_merge/google_play_btn-c9540076a7945184768d507cfd67d127.svg
104.16.119.40200 OK 7.5 kB URL HTTP/2 doctordong.vn/packs/media/images/version_merge/google_play_btn-c9540076a7945184768d507cfd67d127.svg
IP 104.16.119.40:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (9846)
Hash b887d02569ce3edf99770f59e5a6cf7a
cf51695a8eb04c3e355747f410a1aa6c14527eda
236fa11c23d70547d9363681f4b4a4a8e3b57a49601c27233bcbde8407c826dc
Analyzer Verdict Alert fortinet Phishing
GET /packs/media/images/version_merge/google_play_btn-c9540076a7945184768d507cfd67d127.svg HTTP/1.1
Host: doctordong.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doctordong.vn/?utm_source=pdlprofit&utm_medium=cpa&utm_term=32995&click_id=ac22cf0f3fa21f455d4bb82c8121124e8f64cd8b
Cookie: __cfruid=29fbdc0f4b53ab6385fd217a1d19d5f976033a51-1670555371; url_log=https%3A%2F%2Fdoctordong.vn%2F%3Fclick_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b%26utm_medium%3Dcpa%26utm_source%3Dpdlprofit%26utm_term%3D32995; utm_medium_true_sec=R0gzZHUxbFhQZkgzSHJyN0JEdmN6UT09LS1UZWxWVW1xNWVyQ1RuanRpb1hFNWFRPT0%3D--4b1e5ad0e9a424736e5f9691d3c5a59e96f3db21; utm_source_true_sec=Y2dNaXhmUnFSOEc2MGs1YVJJUkJWdz09LS15OTA3dlErejJ0c1c1d215VENqMVdRPT0%3D--abb94f8745b0d21e8e9ac9c7e46bdde99a1ef350; utm_term_true_sec=SEtLQVlLR3NuMFBhcWozNmZIQ2E2UT09LS16YWlTQUdYeWJhWjIwMUxTRkJjSkZBPT0%3D--36ae2e3027c0ec8957b7fd05832e74d66d40ca84; cet=Qkg5YVRqM3dyOEZwd0YvczdpQ3FNNzNxSXg0bzNEdjVCR0hVTXJlUTVnZz0tLXk4VGhyeFovTjhYalN3RHZ6ZERKVkE9PQ%3D%3D--60c52289dae5d59da419ae1bd7e075651caa9a07; utm_source_sec=d2MzS3JnaE1SUzd3L1JBQURSWTk1UT09LS1YRmRwbkw1Wnh1RmVYblZRRXpHYVBnPT0%3D--53cab07ce8042e089405fbbd280e819bb5eb6316; utm_medium_sec=WlNrS2kxZE1GajhrRkJpeTlLd2lGZz09LS01RDZ1UXFlb3VkVDBVSHpLSlVNZHpnPT0%3D--f7e3d46fb32f1e15c673d3f2e8320bd664516e28; utm_term_sec=bEtGY2ZaQUFoNm5FcmNjdDhLd1haUT09LS1LVk9sTmxuRTlNUWphVDFSM1lqc3B3PT0%3D--0fadb5225afdfbe1d257edb0aa714f68d4a3e3ea; click_id_sec=dzhTakNETjFsTU94ZTI1SVk2TlNiU2puOFRIaVVZZWFjeTdvbm82d1d0VFY5aDM4NzRFQ0FtQWlzQnpyb04yOS0tUThUaHFoZUlscDRKRlJTREczVld1dz09--97b3f151d36462ca95cc8df9e6a3e298760aa740; product_code_sec=aUV6ems4MUNYaFpha05rWjluLzdEZz09LS1SaHROVkRTWnZjbjNmWmI3NE9UVVNnPT0%3D--63eb9166b4d7abe526ca4cdd5ab5244795366a76; _doctordong_session=UEFwRVpmL3pUQ3BrWTBIVmFnbE9MMTlHOFNhUGF2b1pqRC9POWd1eXA5d2hlZklTK2ZBZjJxYVlKVjV4MGJQalpIRyt6dDRzUCs5YVNxaFN4b2NMZWJaNkRZakIxc0syWWQwQW55Zkk2bHNGZ1JndXhMRXZlWXRNWjJrWkdKQmVCR2w1UXN3RlM3Y3F6azRQcTczbTNIUHBvMnJ6QmtKUlhpUzd4eDFOa0xLMjAzSU1icnBRK1FHWCtpSi8rRUJEcmFBMVFtYTR1ckFCQ2ZZMFhCYzBtd2FxTEN3QWU3Um1aN0dQQTN1UWNYWmwrTHdqZUFuTmYvZmtjc1dKM2hCV0FMQWF1QjFkbENQUjRjbEgxOXdsMEs5SHlrMFp2TnIvendISDdxc0ZsUG9obER5K25PdkV0R0RESG1pT1E1S1hPVHpNenVXaWtqZ2FONjdnelhiTTVWdkZFTS93U3FRQ3dJelVrNlR5TWZzPS0tekZNYkZ6dTBmb3M0YVVDYUZPMW9jQT09--68e4e71d009bfaa0e24339255c89d891c36af420
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:09:31 GMT
content-type: image/svg+xml
expires: Mon, 06 Dec 2032 03:09:31 GMT
cache-control: public, max-age=315360000
last-modified: Wed, 30 Nov 2022 12:36:12 GMT
cf-cache-status: HIT
age: 173059
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776a8ae2da12b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
dfi.world/matomo.js
65.21.196.59200 OK 64 kB IP 65.21.196.59:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1601)
Hash e9e9d0884aaa3aa73208190831ad132e
af8e8910de429e3648ceed380aa8bb091029e26b
5ae1f50302b0902aac44e88dc58c734bd3475ed4e93718dbc8888dc8fd6c0142
GET /matomo.js HTTP/1.1
Host: dfi.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doctordong.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Fri, 09 Dec 2022 03:09:32 GMT
content-type: application/javascript
content-length: 64478
last-modified: Sat, 08 Oct 2022 20:16:34 GMT
etag: "6341daa2-fbde"
strict-transport-security: max-age=63072000
accept-ranges: bytes
X-Firefox-Spdy: h2
via.placeholder.com/120/FF9F1E/FFFFFF?text=60
188.114.97.1200 OK 442 B URL HTTP/2 via.placeholder.com/120/FF9F1E/FFFFFF?text=60
IP 188.114.97.1:0
File type PNG image data, 120 x 120, 4-bit colormap, non-interlaced\012- data
Hash 8165858d183f9f602e23a86cfeed1288
776bc5cc7a229b31574ed86bed1d06cca41f2891
8a1f692f9f3f0e8106edea0279af65f7071674f33f3bf3b5735ed46e6bc59d6d
GET /120/FF9F1E/FFFFFF?text=60 HTTP/1.1
Host: via.placeholder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doctordong.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:09:32 GMT
content-type: image/png
content-length: 442
last-modified: Wed, 30 Dec 2020 01:00:10 GMT
etag: "5febd11a-1ba"
expires: Fri, 16 Dec 2022 03:09:19 GMT
cache-control: max-age=604800
x-cache: L1
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Chg%2BCkDQGfTRElQnamhTPyhF0Lo8y0MUTpNdRdOGOmRdjGX6kYRyF0UOjN2n2ng%2F5%2BYlIz7XKED%2FBwslRYVM4XEXfV4C2Zdf3TvwE3dGC9nOz7hUGkxPBKpIgEoOANpGiSTnCmx4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a8ae37a920b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
via.placeholder.com/120/FF502A/FFFFFF?text=60
188.114.97.1200 OK 442 B URL HTTP/2 via.placeholder.com/120/FF502A/FFFFFF?text=60
IP 188.114.97.1:0
File type PNG image data, 120 x 120, 4-bit colormap, non-interlaced\012- data
Hash bcdad24be3746586658006150e8b7151
e3643219ab85438378631bab79b463584b2a601b
de979b53435c8180c83d2b23a1bcab945f7db638f1235f821b998f5644f372b8
GET /120/FF502A/FFFFFF?text=60 HTTP/1.1
Host: via.placeholder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doctordong.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:09:32 GMT
content-type: image/png
content-length: 442
last-modified: Wed, 30 Dec 2020 01:00:02 GMT
etag: "5febd112-1ba"
expires: Fri, 16 Dec 2022 03:09:19 GMT
cache-control: max-age=604800
x-cache: L1
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CSTXVZTyvMBFb%2BZKXoRndzK7BGUqtSB%2FH2BlTtIIHUJhXSJQigEw7uApojZeuhec9ZopmN69Dnzzn1PavNkbCuQyfzMDndo6eQZSy6GXUfjI5%2Bm6MC5x0uG%2Fom9gXGWNtg9U2%2B5R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a8ae37a930b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
via.placeholder.com/120/7CC547/FFFFFF?text=60
188.114.97.1200 OK 442 B URL HTTP/2 via.placeholder.com/120/7CC547/FFFFFF?text=60
IP 188.114.97.1:0
File type PNG image data, 120 x 120, 4-bit colormap, non-interlaced\012- data
Hash 4eec82c8ebecd3520ab08ed962756ac4
d9f47a9e92c2ea713e1c24a0821348fff9024204
345a4eb8e6f2ba79160870b7627ef6f0b36625433dcfb72213a33c38c71df9fc
GET /120/7CC547/FFFFFF?text=60 HTTP/1.1
Host: via.placeholder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doctordong.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:09:32 GMT
content-type: image/png
content-length: 442
last-modified: Wed, 30 Dec 2020 01:00:06 GMT
etag: "5febd116-1ba"
expires: Fri, 16 Dec 2022 03:09:19 GMT
cache-control: max-age=604800
x-cache: L1
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CjNIrbyzZACbHbiR6o2621h4fBRFhp%2FrNt%2BwtwQtyd%2FXtBc45rYNs4wWbNdEgrk%2BUZtHcPeMy0sTYBpByEF3B4c8rJL032QjqpIRSJ8DYhTLHN%2Fhd8jpTtP3Vaq3rdhMJ6bSV5Bd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776a8ae37a950b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wchat.freshchat.com/js/widget.js
54.204.31.120200 OK 19 kB URL HTTP/1.1 wchat.freshchat.com/js/widget.js
IP 54.204.31.120:0
File type ASCII text, with very long lines (60879), with no line terminators
Hash 4c43db58a00fa48e03016e217c6792e3
dc1dae80fc079e01a674a44f47962ccad48abdbb
c4da6e818eba0c52a4867c40a9378c078052bfa37a45a52bce5ea2002fae7d9c
GET /js/widget.js HTTP/1.1
Host: wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doctordong.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 03:09:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
server: fwe
last-modified: Thu, 01 Dec 2022 12:27:52 GMT
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=900, must-revalidate
served-by: 2601
x-server: 2601
content-encoding: gzip
x-envoy-upstream-service-time: 1
x-trace-id: 00-154798502ab451b22b0383f83c7abc0a-adb4dad4455e9838-00
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
x-fw-ratelimiting-managed: false
x-request-id: a093b911-aedc-4f6f-ac21-7f2acaa0a3c8
dfi.world/matomo.php?action_name=T%C6%B0%20v%E1%BA%A5n%20vay%20t%C3%A0i%20ch%C3%ADnh%20-%20h%E1%BB%97%20tr%E1%BB%A3%20ti%E1%BB%81n%20m%E1%BA%B7t%20nhanh%20trong%20ng%C3%A0y&idsite=20&rec=1&r=470301&h=3&m=9&s=31&url=https%3A%2F%2Fdoctordong.vn%2F%3Futm_source%3Dpdlprofit%26utm_medium%3Dcpa%26utm_term%3D32995%26click_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b&_id=8d33527c549d5109&_idn=1&send_image=0&_rcn=pdlprofit&_rck=32995&_refts=1670555371&cookie=1&res=1280x1024&pv_id=j4FlvH&pf_net=324&pf_srv=967&pf_tfr=330&pf_dm1=458
65.21.196.59204 No Content 0 B URL HTTP/2 dfi.world/matomo.php?action_name=T%C6%B0%20v%E1%BA%A5n%20vay%20t%C3%A0i%20ch%C3%ADnh%20-%20h%E1%BB%97%20tr%E1%BB%A3%20ti%E1%BB%81n%20m%E1%BA%B7t%20nhanh%20trong%20ng%C3%A0y&idsite=20&rec=1&r=470301&h=3&m=9&s=31&url=https%3A%2F%2Fdoctordong.vn%2F%3Futm_source%3Dpdlprofit%26utm_medium%3Dcpa%26utm_term%3D32995%26click_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b&_id=8d33527c549d5109&_idn=1&send_image=0&_rcn=pdlprofit&_rck=32995&_refts=1670555371&cookie=1&res=1280x1024&pv_id=j4FlvH&pf_net=324&pf_srv=967&pf_tfr=330&pf_dm1=458
IP 65.21.196.59:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /matomo.php?action_name=T%C6%B0%20v%E1%BA%A5n%20vay%20t%C3%A0i%20ch%C3%ADnh%20-%20h%E1%BB%97%20tr%E1%BB%A3%20ti%E1%BB%81n%20m%E1%BA%B7t%20nhanh%20trong%20ng%C3%A0y&idsite=20&rec=1&r=470301&h=3&m=9&s=31&url=https%3A%2F%2Fdoctordong.vn%2F%3Futm_source%3Dpdlprofit%26utm_medium%3Dcpa%26utm_term%3D32995%26click_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b&_id=8d33527c549d5109&_idn=1&send_image=0&_rcn=pdlprofit&_rck=32995&_refts=1670555371&cookie=1&res=1280x1024&pv_id=j4FlvH&pf_net=324&pf_srv=967&pf_tfr=330&pf_dm1=458 HTTP/1.1
Host: dfi.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://doctordong.vn
Connection: keep-alive
Referer: https://doctordong.vn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.14.0 (Ubuntu)
date: Fri, 09 Dec 2022 03:09:32 GMT
access-control-allow-origin: https://doctordong.vn
access-control-allow-credentials: true
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6077
Expires: Fri, 09 Dec 2022 04:50:49 GMT
Date: Fri, 09 Dec 2022 03:09:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6077
Expires: Fri, 09 Dec 2022 04:50:49 GMT
Date: Fri, 09 Dec 2022 03:09:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6077
Expires: Fri, 09 Dec 2022 04:50:49 GMT
Date: Fri, 09 Dec 2022 03:09:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6077
Expires: Fri, 09 Dec 2022 04:50:49 GMT
Date: Fri, 09 Dec 2022 03:09:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 730ba1a8edb79ba6f83b46d1ba5aed7b
55a236fedf6f5f7ca2bb88ae13e20846a50fd36d
f8043e76265c59073d111987fd4c08d05a3ac80989af9269cca9ebcc21af4013
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12748
x-amzn-requestid: edd028e3-c23e-4985-b12d-d3ebe760df47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjuciEptIAMFj9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af783-1c151eb66f590c9c0e0c4c82;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:15:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -y4-_OwHl5_OFykJYYZSqwIopjKoYy1MhaGTpVXd4Grq2EsUP2c3IA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 18:34:32 GMT
age: 30900
etag: "55a236fedf6f5f7ca2bb88ae13e20846a50fd36d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45e0c1638ad919bde19731f7987ab064
1e492807c665e6e6b24ec6ce19035fdfc6f23b92
f0d3738ec8406958470c8fd152a02a123d7654c30f974c1df5c4977a380c2d62
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10205
x-amzn-requestid: c5704c7a-60c4-402b-8018-5885a8dae971
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F9BIAMF3ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-3e9573d900714e3250f43e17;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mLTL7L808-OguYGrl3FUvwmFmPQjBPRj7PVfgEheFHWg4g4skoBvOg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 18:05:28 GMT
age: 32644
etag: "1e492807c665e6e6b24ec6ce19035fdfc6f23b92"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf3829a8-4b4d-433d-9452-46c3ffc7ea6e.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf3829a8-4b4d-433d-9452-46c3ffc7ea6e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 955c6ac69b89f6cbd497df53fcb2ae1b
2506152cdd1056533116feb9350124356e570e54
fca1b303a554aa9cdd13c4769a1088e1905ef888ed703de17864fe76ff880abe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf3829a8-4b4d-433d-9452-46c3ffc7ea6e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7217
x-amzn-requestid: be9196fc-3d43-49db-8522-8781cbf5a247
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUEDEWpIAMFqUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e66e6-04b24220213872ba378d3538;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4QlJZW4ZiPNVhOJbcRldanR8veym3l0sIBGa1Ym-4FOTT_utMQeZQg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 10:15:09 GMT
age: 60863
etag: "2506152cdd1056533116feb9350124356e570e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eb00a2a503a690cee3e4dd729b5bc9bd
cfb1e5bcab2148a777889680e6e36b9d7e8917ec
7e4583ae78ab597639f53669ac2d67d1ebd26be3278c2fc3fc95af934178c116
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7960
x-amzn-requestid: beadd240-39d0-407d-a890-6a095657cac3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEd8HC0oAMFUag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb459-44d4f63c62f58684782ef14a;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yL-FrFYh-3PuCZCpCHYg--ebTS7wMmMQ7IE2mgimDVsKWFEtKC2gVQ==
via: 1.1 74aa91fe819001bcedd882694f52b436.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 05:44:09 GMT
age: 77123
etag: "cfb1e5bcab2148a777889680e6e36b9d7e8917ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F884d1162-4377-487f-a056-b21117ef5001.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F884d1162-4377-487f-a056-b21117ef5001.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9cb76c68a8cd472600106cc118067868
6cee6b1828c709f68b995197ca943a5c393f86fb
009d9ba19043b03b5aceeb80b69bf249f19a0a225bdbfef7ab8691669cb64130
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F884d1162-4377-487f-a056-b21117ef5001.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8204
x-amzn-requestid: cf54b5f8-ede8-49d5-aa56-5d9de98e3ab8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjtKfEiToAMFSXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af576-6ddfe35c0b31074d6a07076f;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:06:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UfqFAlLedF6ZkfbGXhyYDcvu0porNJb6LPaeQ8p4dqWqsFD6iRgWLw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 15:50:07 GMT
age: 40765
etag: "6cee6b1828c709f68b995197ca943a5c393f86fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c3214044657f3b876d1f1848bca5684
7558222788f06623ddae6e883413e38e1146281e
e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oV7bB5Tek01MFi9x2tr_Wix13-UGlQPIt042XM0ALNUvVFYnu5DRcg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 03:38:24 GMT
age: 84668
etag: "7558222788f06623ddae6e883413e38e1146281e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
216.58.211.3200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 216.58.211.3:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://doctordong.vn
Connection: keep-alive
Referer: https://doctordong.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 13:40:02 GMT
expires: Thu, 07 Dec 2023 13:40:02 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 134970
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
doctordong.vn/packs/js/components/main/home/mgm_popover-169fd7ecc277dc634580.js
104.16.119.40200 OK 37 kB URL HTTP/2 doctordong.vn/packs/js/components/main/home/mgm_popover-169fd7ecc277dc634580.js
IP 104.16.119.40:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 28fe1fd49a7b975345be85cee7fdc38a
e18b42b995649e0113986a75641d698aa0f96be8
162286bf68d91a5d50d4646a9bfbe71b159b4e0a7aff0c91f7b6225b8c015449
Analyzer Verdict Alert fortinet Phishing
GET /packs/js/components/main/home/mgm_popover-169fd7ecc277dc634580.js HTTP/1.1
Host: doctordong.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doctordong.vn/?utm_source=pdlprofit&utm_medium=cpa&utm_term=32995&click_id=ac22cf0f3fa21f455d4bb82c8121124e8f64cd8b
Cookie: __cfruid=29fbdc0f4b53ab6385fd217a1d19d5f976033a51-1670555371; url_log=https%3A%2F%2Fdoctordong.vn%2F%3Fclick_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b%26utm_medium%3Dcpa%26utm_source%3Dpdlprofit%26utm_term%3D32995; utm_medium_true_sec=R0gzZHUxbFhQZkgzSHJyN0JEdmN6UT09LS1UZWxWVW1xNWVyQ1RuanRpb1hFNWFRPT0%3D--4b1e5ad0e9a424736e5f9691d3c5a59e96f3db21; utm_source_true_sec=Y2dNaXhmUnFSOEc2MGs1YVJJUkJWdz09LS15OTA3dlErejJ0c1c1d215VENqMVdRPT0%3D--abb94f8745b0d21e8e9ac9c7e46bdde99a1ef350; utm_term_true_sec=SEtLQVlLR3NuMFBhcWozNmZIQ2E2UT09LS16YWlTQUdYeWJhWjIwMUxTRkJjSkZBPT0%3D--36ae2e3027c0ec8957b7fd05832e74d66d40ca84; cet=Qkg5YVRqM3dyOEZwd0YvczdpQ3FNNzNxSXg0bzNEdjVCR0hVTXJlUTVnZz0tLXk4VGhyeFovTjhYalN3RHZ6ZERKVkE9PQ%3D%3D--60c52289dae5d59da419ae1bd7e075651caa9a07; utm_source_sec=d2MzS3JnaE1SUzd3L1JBQURSWTk1UT09LS1YRmRwbkw1Wnh1RmVYblZRRXpHYVBnPT0%3D--53cab07ce8042e089405fbbd280e819bb5eb6316; utm_medium_sec=WlNrS2kxZE1GajhrRkJpeTlLd2lGZz09LS01RDZ1UXFlb3VkVDBVSHpLSlVNZHpnPT0%3D--f7e3d46fb32f1e15c673d3f2e8320bd664516e28; utm_term_sec=bEtGY2ZaQUFoNm5FcmNjdDhLd1haUT09LS1LVk9sTmxuRTlNUWphVDFSM1lqc3B3PT0%3D--0fadb5225afdfbe1d257edb0aa714f68d4a3e3ea; click_id_sec=dzhTakNETjFsTU94ZTI1SVk2TlNiU2puOFRIaVVZZWFjeTdvbm82d1d0VFY5aDM4NzRFQ0FtQWlzQnpyb04yOS0tUThUaHFoZUlscDRKRlJTREczVld1dz09--97b3f151d36462ca95cc8df9e6a3e298760aa740; product_code_sec=aUV6ems4MUNYaFpha05rWjluLzdEZz09LS1SaHROVkRTWnZjbjNmWmI3NE9UVVNnPT0%3D--63eb9166b4d7abe526ca4cdd5ab5244795366a76; _doctordong_session=UEFwRVpmL3pUQ3BrWTBIVmFnbE9MMTlHOFNhUGF2b1pqRC9POWd1eXA5d2hlZklTK2ZBZjJxYVlKVjV4MGJQalpIRyt6dDRzUCs5YVNxaFN4b2NMZWJaNkRZakIxc0syWWQwQW55Zkk2bHNGZ1JndXhMRXZlWXRNWjJrWkdKQmVCR2w1UXN3RlM3Y3F6azRQcTczbTNIUHBvMnJ6QmtKUlhpUzd4eDFOa0xLMjAzSU1icnBRK1FHWCtpSi8rRUJEcmFBMVFtYTR1ckFCQ2ZZMFhCYzBtd2FxTEN3QWU3Um1aN0dQQTN1UWNYWmwrTHdqZUFuTmYvZmtjc1dKM2hCV0FMQWF1QjFkbENQUjRjbEgxOXdsMEs5SHlrMFp2TnIvendISDdxc0ZsUG9obER5K25PdkV0R0RESG1pT1E1S1hPVHpNenVXaWtqZ2FONjdnelhiTTVWdkZFTS93U3FRQ3dJelVrNlR5TWZzPS0tekZNYkZ6dTBmb3M0YVVDYUZPMW9jQT09--68e4e71d009bfaa0e24339255c89d891c36af420
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:09:31 GMT
content-type: application/javascript
cache-control: public, max-age=315360000
cf-bgj: minify
cf-polished: origSize=105372
expires: Mon, 06 Dec 2032 03:09:31 GMT
last-modified: Fri, 02 Dec 2022 11:23:57 GMT
cf-cache-status: HIT
age: 173059
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776a8ae1a9bbb518-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash b541fb802cc13acd24819478624228c1
000455d9a0c40933eef6916884195cba923100cf
24c2d3a5694ac083249a28e089d39ebfc2a402858b461df7d3fda2dfd1069dcf
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 09 Dec 2022 03:09:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 08 Dec 2022 20:44:46 GMT
Expires: Fri, 09 Dec 2022 20:44:46 GMT
ETag: "000455d9a0c40933eef6916884195cba923100cf"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
doctordong.vn/packs/media/images/home/arrow-down-68c2e0cd61d8f61e6fe20dfdd68966d3.png
104.16.119.40200 OK 933 B URL HTTP/2 doctordong.vn/packs/media/images/home/arrow-down-68c2e0cd61d8f61e6fe20dfdd68966d3.png
IP 104.16.119.40:0
File type PNG image data, 43 x 66, 8-bit/color RGBA, non-interlaced\012- data
Hash 68c2e0cd61d8f61e6fe20dfdd68966d3
b3d142df1e10ed6c95455604bf03b79d1bf2563f
e2c60d331459e510868ea22a7bf5a450668ae6228a85c406e93a353b0f75ae0a
GET /packs/media/images/home/arrow-down-68c2e0cd61d8f61e6fe20dfdd68966d3.png HTTP/1.1
Host: doctordong.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doctordong.vn/?utm_source=pdlprofit&utm_medium=cpa&utm_term=32995&click_id=ac22cf0f3fa21f455d4bb82c8121124e8f64cd8b
Cookie: __cfruid=29fbdc0f4b53ab6385fd217a1d19d5f976033a51-1670555371; url_log=https%3A%2F%2Fdoctordong.vn%2F%3Fclick_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b%26utm_medium%3Dcpa%26utm_source%3Dpdlprofit%26utm_term%3D32995; utm_medium_true_sec=R0gzZHUxbFhQZkgzSHJyN0JEdmN6UT09LS1UZWxWVW1xNWVyQ1RuanRpb1hFNWFRPT0%3D--4b1e5ad0e9a424736e5f9691d3c5a59e96f3db21; utm_source_true_sec=Y2dNaXhmUnFSOEc2MGs1YVJJUkJWdz09LS15OTA3dlErejJ0c1c1d215VENqMVdRPT0%3D--abb94f8745b0d21e8e9ac9c7e46bdde99a1ef350; utm_term_true_sec=SEtLQVlLR3NuMFBhcWozNmZIQ2E2UT09LS16YWlTQUdYeWJhWjIwMUxTRkJjSkZBPT0%3D--36ae2e3027c0ec8957b7fd05832e74d66d40ca84; cet=Qkg5YVRqM3dyOEZwd0YvczdpQ3FNNzNxSXg0bzNEdjVCR0hVTXJlUTVnZz0tLXk4VGhyeFovTjhYalN3RHZ6ZERKVkE9PQ%3D%3D--60c52289dae5d59da419ae1bd7e075651caa9a07; utm_source_sec=d2MzS3JnaE1SUzd3L1JBQURSWTk1UT09LS1YRmRwbkw1Wnh1RmVYblZRRXpHYVBnPT0%3D--53cab07ce8042e089405fbbd280e819bb5eb6316; utm_medium_sec=WlNrS2kxZE1GajhrRkJpeTlLd2lGZz09LS01RDZ1UXFlb3VkVDBVSHpLSlVNZHpnPT0%3D--f7e3d46fb32f1e15c673d3f2e8320bd664516e28; utm_term_sec=bEtGY2ZaQUFoNm5FcmNjdDhLd1haUT09LS1LVk9sTmxuRTlNUWphVDFSM1lqc3B3PT0%3D--0fadb5225afdfbe1d257edb0aa714f68d4a3e3ea; click_id_sec=dzhTakNETjFsTU94ZTI1SVk2TlNiU2puOFRIaVVZZWFjeTdvbm82d1d0VFY5aDM4NzRFQ0FtQWlzQnpyb04yOS0tUThUaHFoZUlscDRKRlJTREczVld1dz09--97b3f151d36462ca95cc8df9e6a3e298760aa740; product_code_sec=aUV6ems4MUNYaFpha05rWjluLzdEZz09LS1SaHROVkRTWnZjbjNmWmI3NE9UVVNnPT0%3D--63eb9166b4d7abe526ca4cdd5ab5244795366a76; _doctordong_session=UEFwRVpmL3pUQ3BrWTBIVmFnbE9MMTlHOFNhUGF2b1pqRC9POWd1eXA5d2hlZklTK2ZBZjJxYVlKVjV4MGJQalpIRyt6dDRzUCs5YVNxaFN4b2NMZWJaNkRZakIxc0syWWQwQW55Zkk2bHNGZ1JndXhMRXZlWXRNWjJrWkdKQmVCR2w1UXN3RlM3Y3F6azRQcTczbTNIUHBvMnJ6QmtKUlhpUzd4eDFOa0xLMjAzSU1icnBRK1FHWCtpSi8rRUJEcmFBMVFtYTR1ckFCQ2ZZMFhCYzBtd2FxTEN3QWU3Um1aN0dQQTN1UWNYWmwrTHdqZUFuTmYvZmtjc1dKM2hCV0FMQWF1QjFkbENQUjRjbEgxOXdsMEs5SHlrMFp2TnIvendISDdxc0ZsUG9obER5K25PdkV0R0RESG1pT1E1S1hPVHpNenVXaWtqZ2FONjdnelhiTTVWdkZFTS93U3FRQ3dJelVrNlR5TWZzPS0tekZNYkZ6dTBmb3M0YVVDYUZPMW9jQT09--68e4e71d009bfaa0e24339255c89d891c36af420; _pk_ref.20.6db0=%5B%22pdlprofit%22%2C%2232995%22%2C1670555371%2C%22%22%5D; _pk_id.20.6db0=8d33527c549d5109.1670555371.; _pk_ses.20.6db0=1; _ga_ZEYJ6ZK33W=GS1.1.1670555371.1.0.1670555371.0.0.0; _ga=GA1.1.942068333.1670555371; timeToPressBorrow=0; _fw_crm_v=0f8ebc34-537c-407f-c3d2-33ced5f079fd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:09:32 GMT
content-type: image/png
content-length: 933
expires: Mon, 06 Dec 2032 03:09:32 GMT
cache-control: public, max-age=315360000
last-modified: Wed, 07 Dec 2022 21:30:52 GMT
cf-cache-status: HIT
age: 75723
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776a8ae60b0fb518-OSL
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.221.16200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.221.16:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doctordong.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 0UXnSQsG658fTzrUIOlqMHxNyIgFzVX3MjvT7FxqSso+isOfr7dFTGptSgu48rB3zzJ7Bo3YyT5/1Nk01HeWlA==
content-length: 27340
x-fb-trip-id: 1679558926
date: Fri, 09 Dec 2022 03:09:32 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 615fddb7dcff0826f0a7dd4140f370b6
06d26c99fcf20516839a656c4c5b023088eb4eaa
f561bef7be5b58a820d37e40135c8bc83511ae9298e6317bf1761f7cc24941bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4842
Cache-Control: max-age=138976
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:09:32 GMT
Etag: "63920fe2-1d7"
Expires: Sat, 10 Dec 2022 17:45:48 GMT
Last-Modified: Thu, 08 Dec 2022 16:25:06 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
doctordong.vn/packs/js/components/main/applications/slider_components/steps-f96880a64556371511f6.js
104.16.119.40200 OK 46 kB URL HTTP/2 doctordong.vn/packs/js/components/main/applications/slider_components/steps-f96880a64556371511f6.js
IP 104.16.119.40:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 07ebd76019a4d488ec699e132f8aa6d1
ebc1c6c9914d8d0d048077d9a073c9df824971c7
b61b5b2b8bb88e59c8e9fa9f27fdb294cc38f7216e4ca637f1d00062d4bb28e5
Analyzer Verdict Alert fortinet Phishing
GET /packs/js/components/main/applications/slider_components/steps-f96880a64556371511f6.js HTTP/1.1
Host: doctordong.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doctordong.vn/?utm_source=pdlprofit&utm_medium=cpa&utm_term=32995&click_id=ac22cf0f3fa21f455d4bb82c8121124e8f64cd8b
Cookie: __cfruid=29fbdc0f4b53ab6385fd217a1d19d5f976033a51-1670555371; url_log=https%3A%2F%2Fdoctordong.vn%2F%3Fclick_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b%26utm_medium%3Dcpa%26utm_source%3Dpdlprofit%26utm_term%3D32995; utm_medium_true_sec=R0gzZHUxbFhQZkgzSHJyN0JEdmN6UT09LS1UZWxWVW1xNWVyQ1RuanRpb1hFNWFRPT0%3D--4b1e5ad0e9a424736e5f9691d3c5a59e96f3db21; utm_source_true_sec=Y2dNaXhmUnFSOEc2MGs1YVJJUkJWdz09LS15OTA3dlErejJ0c1c1d215VENqMVdRPT0%3D--abb94f8745b0d21e8e9ac9c7e46bdde99a1ef350; utm_term_true_sec=SEtLQVlLR3NuMFBhcWozNmZIQ2E2UT09LS16YWlTQUdYeWJhWjIwMUxTRkJjSkZBPT0%3D--36ae2e3027c0ec8957b7fd05832e74d66d40ca84; cet=Qkg5YVRqM3dyOEZwd0YvczdpQ3FNNzNxSXg0bzNEdjVCR0hVTXJlUTVnZz0tLXk4VGhyeFovTjhYalN3RHZ6ZERKVkE9PQ%3D%3D--60c52289dae5d59da419ae1bd7e075651caa9a07; utm_source_sec=d2MzS3JnaE1SUzd3L1JBQURSWTk1UT09LS1YRmRwbkw1Wnh1RmVYblZRRXpHYVBnPT0%3D--53cab07ce8042e089405fbbd280e819bb5eb6316; utm_medium_sec=WlNrS2kxZE1GajhrRkJpeTlLd2lGZz09LS01RDZ1UXFlb3VkVDBVSHpLSlVNZHpnPT0%3D--f7e3d46fb32f1e15c673d3f2e8320bd664516e28; utm_term_sec=bEtGY2ZaQUFoNm5FcmNjdDhLd1haUT09LS1LVk9sTmxuRTlNUWphVDFSM1lqc3B3PT0%3D--0fadb5225afdfbe1d257edb0aa714f68d4a3e3ea; click_id_sec=dzhTakNETjFsTU94ZTI1SVk2TlNiU2puOFRIaVVZZWFjeTdvbm82d1d0VFY5aDM4NzRFQ0FtQWlzQnpyb04yOS0tUThUaHFoZUlscDRKRlJTREczVld1dz09--97b3f151d36462ca95cc8df9e6a3e298760aa740; product_code_sec=aUV6ems4MUNYaFpha05rWjluLzdEZz09LS1SaHROVkRTWnZjbjNmWmI3NE9UVVNnPT0%3D--63eb9166b4d7abe526ca4cdd5ab5244795366a76; _doctordong_session=UEFwRVpmL3pUQ3BrWTBIVmFnbE9MMTlHOFNhUGF2b1pqRC9POWd1eXA5d2hlZklTK2ZBZjJxYVlKVjV4MGJQalpIRyt6dDRzUCs5YVNxaFN4b2NMZWJaNkRZakIxc0syWWQwQW55Zkk2bHNGZ1JndXhMRXZlWXRNWjJrWkdKQmVCR2w1UXN3RlM3Y3F6azRQcTczbTNIUHBvMnJ6QmtKUlhpUzd4eDFOa0xLMjAzSU1icnBRK1FHWCtpSi8rRUJEcmFBMVFtYTR1ckFCQ2ZZMFhCYzBtd2FxTEN3QWU3Um1aN0dQQTN1UWNYWmwrTHdqZUFuTmYvZmtjc1dKM2hCV0FMQWF1QjFkbENQUjRjbEgxOXdsMEs5SHlrMFp2TnIvendISDdxc0ZsUG9obER5K25PdkV0R0RESG1pT1E1S1hPVHpNenVXaWtqZ2FONjdnelhiTTVWdkZFTS93U3FRQ3dJelVrNlR5TWZzPS0tekZNYkZ6dTBmb3M0YVVDYUZPMW9jQT09--68e4e71d009bfaa0e24339255c89d891c36af420
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:09:31 GMT
content-type: application/javascript
cache-control: public, max-age=315360000
cf-bgj: minify
cf-polished: origSize=137278
expires: Mon, 06 Dec 2032 03:09:31 GMT
last-modified: Fri, 02 Dec 2022 11:23:57 GMT
cf-cache-status: HIT
age: 173059
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776a8ae0f976b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash b541fb802cc13acd24819478624228c1
000455d9a0c40933eef6916884195cba923100cf
24c2d3a5694ac083249a28e089d39ebfc2a402858b461df7d3fda2dfd1069dcf
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 09 Dec 2022 03:09:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 08 Dec 2022 20:44:46 GMT
Expires: Fri, 09 Dec 2022 20:44:46 GMT
ETag: "000455d9a0c40933eef6916884195cba923100cf"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
wchat.freshchat.com/widget/css/widget.css?t=1670555371633
54.204.31.120200 OK 1.7 kB URL HTTP/1.1 wchat.freshchat.com/widget/css/widget.css?t=1670555371633
IP 54.204.31.120:0
File type ASCII text, with very long lines (8857)
Hash b5e89ee0ad0cccc7ddc1f3cfad9939d0
04751cd854046b72e25e2428b9ec5fd8c3fa09e0
5f797f013b7f7d86962b0b99977a5990fb3a0e193befaf7e935ab005d6f25b38
GET /widget/css/widget.css?t=1670555371633 HTTP/1.1
Host: wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doctordong.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 03:09:32 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
server: fwe
last-modified: Thu, 01 Dec 2022 12:27:52 GMT
expires: Sat, 09 Dec 2023 03:09:32 GMT
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
served-by: 9886
x-server: 9886
content-encoding: gzip
x-envoy-upstream-service-time: 0
x-trace-id: 00-77648cae659723d977351453f584d91a-8581cecc9abaa2a4-00
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
x-fw-ratelimiting-managed: false
x-request-id: 19b09e7a-276f-4a77-8fa5-6c94c124a69d
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bf8858fa52de668b0013cf9ce66d290c
9c319173ee6a48c6e717e9e8764008564aabe7ba
93df528ead5887cbbcf51f83c9e6ffa451861ae3145296ab3dfc269067080933
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:09:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-ZEYJ6ZK33W>m=2oebu0&_p=2027949054&cid=942068333.1670555371&ul=en-us&sr=1280x1024&_s=1&sid=1670555371&sct=1&seg=0&dl=https%3A%2F%2Fdoctordong.vn%2F%3Futm_source%3Dpdlprofit%26utm_medium%3Dcpa%26utm_term%3D32995%26click_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b&dt=T%C6%B0%20v%E1%BA%A5n%20vay%20t%C3%A0i%20ch%C3%ADnh%20-%20h%E1%BB%97%20tr%E1%BB%A3%20ti%E1%BB%81n%20m%E1%BA%B7t%20nhanh%20trong%20ng%C3%A0y&en=page_view&_fv=1&_nsi=1&_ss=2
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-ZEYJ6ZK33W>m=2oebu0&_p=2027949054&cid=942068333.1670555371&ul=en-us&sr=1280x1024&_s=1&sid=1670555371&sct=1&seg=0&dl=https%3A%2F%2Fdoctordong.vn%2F%3Futm_source%3Dpdlprofit%26utm_medium%3Dcpa%26utm_term%3D32995%26click_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b&dt=T%C6%B0%20v%E1%BA%A5n%20vay%20t%C3%A0i%20ch%C3%ADnh%20-%20h%E1%BB%97%20tr%E1%BB%A3%20ti%E1%BB%81n%20m%E1%BA%B7t%20nhanh%20trong%20ng%C3%A0y&en=page_view&_fv=1&_nsi=1&_ss=2
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-ZEYJ6ZK33W>m=2oebu0&_p=2027949054&cid=942068333.1670555371&ul=en-us&sr=1280x1024&_s=1&sid=1670555371&sct=1&seg=0&dl=https%3A%2F%2Fdoctordong.vn%2F%3Futm_source%3Dpdlprofit%26utm_medium%3Dcpa%26utm_term%3D32995%26click_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b&dt=T%C6%B0%20v%E1%BA%A5n%20vay%20t%C3%A0i%20ch%C3%ADnh%20-%20h%E1%BB%97%20tr%E1%BB%A3%20ti%E1%BB%81n%20m%E1%BA%B7t%20nhanh%20trong%20ng%C3%A0y&en=page_view&_fv=1&_nsi=1&_ss=2 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://doctordong.vn
Connection: keep-alive
Referer: https://doctordong.vn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://doctordong.vn
date: Fri, 09 Dec 2022 03:09:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0c89743226644fddacbe5d50c110b950
b343ae9eb9047cf764b518083d612ffd3652b209
1bf675bb6e12e913a98cd8849c1af9a0c50b0bb8bfa670c86419b41782e06e47
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:09:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
doctordong.vn/packs/media/webfonts/fa-solid-900-e8a427e1.woff2
104.16.119.40200 OK 78 kB URL HTTP/2 doctordong.vn/packs/media/webfonts/fa-solid-900-e8a427e1.woff2
IP 104.16.119.40:0
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Phishing
GET /packs/media/webfonts/fa-solid-900-e8a427e1.woff2 HTTP/1.1
Host: doctordong.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://doctordong.vn/packs/css/application-16208a23.css
Cookie: __cfruid=29fbdc0f4b53ab6385fd217a1d19d5f976033a51-1670555371; url_log=https%3A%2F%2Fdoctordong.vn%2F%3Fclick_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b%26utm_medium%3Dcpa%26utm_source%3Dpdlprofit%26utm_term%3D32995; utm_medium_true_sec=R0gzZHUxbFhQZkgzSHJyN0JEdmN6UT09LS1UZWxWVW1xNWVyQ1RuanRpb1hFNWFRPT0%3D--4b1e5ad0e9a424736e5f9691d3c5a59e96f3db21; utm_source_true_sec=Y2dNaXhmUnFSOEc2MGs1YVJJUkJWdz09LS15OTA3dlErejJ0c1c1d215VENqMVdRPT0%3D--abb94f8745b0d21e8e9ac9c7e46bdde99a1ef350; utm_term_true_sec=SEtLQVlLR3NuMFBhcWozNmZIQ2E2UT09LS16YWlTQUdYeWJhWjIwMUxTRkJjSkZBPT0%3D--36ae2e3027c0ec8957b7fd05832e74d66d40ca84; cet=Qkg5YVRqM3dyOEZwd0YvczdpQ3FNNzNxSXg0bzNEdjVCR0hVTXJlUTVnZz0tLXk4VGhyeFovTjhYalN3RHZ6ZERKVkE9PQ%3D%3D--60c52289dae5d59da419ae1bd7e075651caa9a07; utm_source_sec=d2MzS3JnaE1SUzd3L1JBQURSWTk1UT09LS1YRmRwbkw1Wnh1RmVYblZRRXpHYVBnPT0%3D--53cab07ce8042e089405fbbd280e819bb5eb6316; utm_medium_sec=WlNrS2kxZE1GajhrRkJpeTlLd2lGZz09LS01RDZ1UXFlb3VkVDBVSHpLSlVNZHpnPT0%3D--f7e3d46fb32f1e15c673d3f2e8320bd664516e28; utm_term_sec=bEtGY2ZaQUFoNm5FcmNjdDhLd1haUT09LS1LVk9sTmxuRTlNUWphVDFSM1lqc3B3PT0%3D--0fadb5225afdfbe1d257edb0aa714f68d4a3e3ea; click_id_sec=dzhTakNETjFsTU94ZTI1SVk2TlNiU2puOFRIaVVZZWFjeTdvbm82d1d0VFY5aDM4NzRFQ0FtQWlzQnpyb04yOS0tUThUaHFoZUlscDRKRlJTREczVld1dz09--97b3f151d36462ca95cc8df9e6a3e298760aa740; product_code_sec=aUV6ems4MUNYaFpha05rWjluLzdEZz09LS1SaHROVkRTWnZjbjNmWmI3NE9UVVNnPT0%3D--63eb9166b4d7abe526ca4cdd5ab5244795366a76; _doctordong_session=UEFwRVpmL3pUQ3BrWTBIVmFnbE9MMTlHOFNhUGF2b1pqRC9POWd1eXA5d2hlZklTK2ZBZjJxYVlKVjV4MGJQalpIRyt6dDRzUCs5YVNxaFN4b2NMZWJaNkRZakIxc0syWWQwQW55Zkk2bHNGZ1JndXhMRXZlWXRNWjJrWkdKQmVCR2w1UXN3RlM3Y3F6azRQcTczbTNIUHBvMnJ6QmtKUlhpUzd4eDFOa0xLMjAzSU1icnBRK1FHWCtpSi8rRUJEcmFBMVFtYTR1ckFCQ2ZZMFhCYzBtd2FxTEN3QWU3Um1aN0dQQTN1UWNYWmwrTHdqZUFuTmYvZmtjc1dKM2hCV0FMQWF1QjFkbENQUjRjbEgxOXdsMEs5SHlrMFp2TnIvendISDdxc0ZsUG9obER5K25PdkV0R0RESG1pT1E1S1hPVHpNenVXaWtqZ2FONjdnelhiTTVWdkZFTS93U3FRQ3dJelVrNlR5TWZzPS0tekZNYkZ6dTBmb3M0YVVDYUZPMW9jQT09--68e4e71d009bfaa0e24339255c89d891c36af420; _pk_ref.20.6db0=%5B%22pdlprofit%22%2C%2232995%22%2C1670555371%2C%22%22%5D; _pk_id.20.6db0=8d33527c549d5109.1670555371.; _pk_ses.20.6db0=1; _ga_ZEYJ6ZK33W=GS1.1.1670555371.1.0.1670555371.0.0.0; _ga=GA1.1.942068333.1670555371; timeToPressBorrow=0; _fw_crm_v=0f8ebc34-537c-407f-c3d2-33ced5f079fd; _vwo_uuid_v2=DCA532F33BA19F706255EBC5B34878C61|7aff2fb292ee6e40f8dec777cc37316d; __cf_bm=zj_JJZiBS2vJ7A39VmizXzgbAHYcD7EHzU9PVF9qArY-1670555373-0-ARly/nI6dJNOquqDht4f9wRcphQmDMs6Fy0+irL+nbtTXlzSqHCBl1a+mj/XGfmxibckc5/pUadCjn4CWG8BUOtcWblCqYwzepS8yISI9DIa0tSpYagTahIT73jLwEMeOa45NkUHV0I8abto1/R3a5w=
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:09:33 GMT
content-type: font/woff2
content-length: 78196
expires: Mon, 06 Dec 2032 03:09:33 GMT
cache-control: public, max-age=315360000
last-modified: Tue, 06 Dec 2022 09:52:46 GMT
cf-cache-status: HIT
age: 173059
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776a8aea6cafb518-OSL
X-Firefox-Spdy: h2
assetscdn-wchat.freshchat.com/static/assets/hotline-web.d41d8cd98f00b204e9800998ecf8427e.css
54.230.111.126200 OK 0 B URL HTTP/2 assetscdn-wchat.freshchat.com/static/assets/hotline-web.d41d8cd98f00b204e9800998ecf8427e.css
IP 54.230.111.126:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/assets/hotline-web.d41d8cd98f00b204e9800998ecf8427e.css HTTP/1.1
Host: assetscdn-wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wchat.freshchat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
content-length: 0
last-modified: Thu, 27 Oct 2022 11:43:35 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Dec 2022 03:06:51 GMT
cache-control: max-age=31536000, no-transform, public
expires: Fri, 01 Dec 2023 12:27:52 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CKBV6nJX25WEmEbkUu-af9I0BPhpzW7QgOFiPehnEWhC0wWBwfYNSw==
age: 166
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=951458729111618&ev=PageView&dl=https%3A%2F%2Fdoctordong.vn%2F%3Futm_source%3Dpdlprofit%26utm_medium%3Dcpa%26utm_term%3D32995%26click_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b&rl=&if=false&ts=1670555372553&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&it=1670555372228&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=951458729111618&ev=PageView&dl=https%3A%2F%2Fdoctordong.vn%2F%3Futm_source%3Dpdlprofit%26utm_medium%3Dcpa%26utm_term%3D32995%26click_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b&rl=&if=false&ts=1670555372553&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&it=1670555372228&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=951458729111618&ev=PageView&dl=https%3A%2F%2Fdoctordong.vn%2F%3Futm_source%3Dpdlprofit%26utm_medium%3Dcpa%26utm_term%3D32995%26click_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b&rl=&if=false&ts=1670555372553&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&it=1670555372228&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doctordong.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 09 Dec 2022 03:09:33 GMT
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 21:48:03 GMT
expires: Fri, 08 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 19290
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 16:40:43 GMT
expires: Fri, 08 Dec 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 37730
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
wchat.freshchat.com/app/services/app/webchat/dbd4d785-0a71-4d0c-8b91-6498663adf07/config?domain=aHR0cHM6Ly9kb2N0b3Jkb25nLnZu
54.204.31.120200 OK 1.6 kB URL HTTP/1.1 wchat.freshchat.com/app/services/app/webchat/dbd4d785-0a71-4d0c-8b91-6498663adf07/config?domain=aHR0cHM6Ly9kb2N0b3Jkb25nLnZu
IP 54.204.31.120:0
File type JSON data\012- , ASCII text, with very long lines (1590), with no line terminators
Hash 79328a043f4208686930a64bbefaac7f
1f8f7717a85e7dd74c45e0057431c0e62ce7d9e8
892343aaf2b1a88eda0f52fcfbc12ea0dd01b99355829394b804f569ff5591bc
GET /app/services/app/webchat/dbd4d785-0a71-4d0c-8b91-6498663adf07/config?domain=aHR0cHM6Ly9kb2N0b3Jkb25nLnZu HTTP/1.1
Host: wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wchat.freshchat.com/widget/?token=dbd4d785-0a71-4d0c-8b91-6498663adf07&referrer=aHR0cHM6Ly9kb2N0b3Jkb25nLnZu
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 03:09:33 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 1590
Connection: keep-alive
server: fwe
access-control-allow-credentials: true
cache-control: no-store
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-request-id: ad0d7952-1321-44b1-82e5-72d48db110d8
x-server: 9886
x-envoy-upstream-service-time: 15
x-trace-id: 00-4380b198ad8161659cdbb4c24107c2e5-ecd0830596e7f514-00
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
x-fw-ratelimiting-managed: true
x-ratelimit-total: 3000
x-ratelimit-remaining: 2999
x-ratelimit-used-currentrequest: 1
x-ratelimit-limit: 3000
rts-static-prod.freshworksapi.com/us/rts-min.js
54.230.111.75200 OK 25 kB URL HTTP/2 rts-static-prod.freshworksapi.com/us/rts-min.js
IP 54.230.111.75:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash e73aaeebc3dd764904ab1b64c86add5f
ec9e69bf4cde4df0042426bb2b0eb7273429d05e
6dd76b58440ccc1a92651321ce89ed867557125d750b2d96d5efc7c8d8d17034
GET /us/rts-min.js HTTP/1.1
Host: rts-static-prod.freshworksapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wchat.freshchat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
last-modified: Thu, 17 Nov 2022 06:29:55 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: BHs75.bKXbPkSsEMomQcy9Qw2gVgmqdU
server: AmazonS3
content-encoding: gzip
date: Fri, 09 Dec 2022 03:09:34 GMT
cache-control: no-cache
etag: W/"c4bb02a4c6be31fc499881d3abbbc6be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ETsFRfVvOZ1YHyYAOvScss3VfG4jcbWvS8xL8623j0dmJAvAyIShbw==
X-Firefox-Spdy: h2
doctordong.vn/cdn-cgi/rum?
104.16.119.40204 No Content 0 B URL HTTP/2 doctordong.vn/cdn-cgi/rum?
IP 104.16.119.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
POST /cdn-cgi/rum? HTTP/1.1
Host: doctordong.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 15830
Origin: https://doctordong.vn
Connection: keep-alive
Referer: https://doctordong.vn/?utm_source=pdlprofit&utm_medium=cpa&utm_term=32995&click_id=ac22cf0f3fa21f455d4bb82c8121124e8f64cd8b
Cookie: __cfruid=29fbdc0f4b53ab6385fd217a1d19d5f976033a51-1670555371; url_log=https%3A%2F%2Fdoctordong.vn%2F%3Fclick_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b%26utm_medium%3Dcpa%26utm_source%3Dpdlprofit%26utm_term%3D32995; utm_medium_true_sec=R0gzZHUxbFhQZkgzSHJyN0JEdmN6UT09LS1UZWxWVW1xNWVyQ1RuanRpb1hFNWFRPT0%3D--4b1e5ad0e9a424736e5f9691d3c5a59e96f3db21; utm_source_true_sec=Y2dNaXhmUnFSOEc2MGs1YVJJUkJWdz09LS15OTA3dlErejJ0c1c1d215VENqMVdRPT0%3D--abb94f8745b0d21e8e9ac9c7e46bdde99a1ef350; utm_term_true_sec=SEtLQVlLR3NuMFBhcWozNmZIQ2E2UT09LS16YWlTQUdYeWJhWjIwMUxTRkJjSkZBPT0%3D--36ae2e3027c0ec8957b7fd05832e74d66d40ca84; cet=Qkg5YVRqM3dyOEZwd0YvczdpQ3FNNzNxSXg0bzNEdjVCR0hVTXJlUTVnZz0tLXk4VGhyeFovTjhYalN3RHZ6ZERKVkE9PQ%3D%3D--60c52289dae5d59da419ae1bd7e075651caa9a07; utm_source_sec=d2MzS3JnaE1SUzd3L1JBQURSWTk1UT09LS1YRmRwbkw1Wnh1RmVYblZRRXpHYVBnPT0%3D--53cab07ce8042e089405fbbd280e819bb5eb6316; utm_medium_sec=WlNrS2kxZE1GajhrRkJpeTlLd2lGZz09LS01RDZ1UXFlb3VkVDBVSHpLSlVNZHpnPT0%3D--f7e3d46fb32f1e15c673d3f2e8320bd664516e28; utm_term_sec=bEtGY2ZaQUFoNm5FcmNjdDhLd1haUT09LS1LVk9sTmxuRTlNUWphVDFSM1lqc3B3PT0%3D--0fadb5225afdfbe1d257edb0aa714f68d4a3e3ea; click_id_sec=dzhTakNETjFsTU94ZTI1SVk2TlNiU2puOFRIaVVZZWFjeTdvbm82d1d0VFY5aDM4NzRFQ0FtQWlzQnpyb04yOS0tUThUaHFoZUlscDRKRlJTREczVld1dz09--97b3f151d36462ca95cc8df9e6a3e298760aa740; product_code_sec=aUV6ems4MUNYaFpha05rWjluLzdEZz09LS1SaHROVkRTWnZjbjNmWmI3NE9UVVNnPT0%3D--63eb9166b4d7abe526ca4cdd5ab5244795366a76; _doctordong_session=UEFwRVpmL3pUQ3BrWTBIVmFnbE9MMTlHOFNhUGF2b1pqRC9POWd1eXA5d2hlZklTK2ZBZjJxYVlKVjV4MGJQalpIRyt6dDRzUCs5YVNxaFN4b2NMZWJaNkRZakIxc0syWWQwQW55Zkk2bHNGZ1JndXhMRXZlWXRNWjJrWkdKQmVCR2w1UXN3RlM3Y3F6azRQcTczbTNIUHBvMnJ6QmtKUlhpUzd4eDFOa0xLMjAzSU1icnBRK1FHWCtpSi8rRUJEcmFBMVFtYTR1ckFCQ2ZZMFhCYzBtd2FxTEN3QWU3Um1aN0dQQTN1UWNYWmwrTHdqZUFuTmYvZmtjc1dKM2hCV0FMQWF1QjFkbENQUjRjbEgxOXdsMEs5SHlrMFp2TnIvendISDdxc0ZsUG9obER5K25PdkV0R0RESG1pT1E1S1hPVHpNenVXaWtqZ2FONjdnelhiTTVWdkZFTS93U3FRQ3dJelVrNlR5TWZzPS0tekZNYkZ6dTBmb3M0YVVDYUZPMW9jQT09--68e4e71d009bfaa0e24339255c89d891c36af420; _pk_ref.20.6db0=%5B%22pdlprofit%22%2C%2232995%22%2C1670555371%2C%22%22%5D; _pk_id.20.6db0=8d33527c549d5109.1670555371.; _pk_ses.20.6db0=1; _ga_ZEYJ6ZK33W=GS1.1.1670555371.1.0.1670555371.0.0.0; _ga=GA1.1.942068333.1670555371; timeToPressBorrow=1; _fw_crm_v=0f8ebc34-537c-407f-c3d2-33ced5f079fd; _vwo_uuid_v2=DCA532F33BA19F706255EBC5B34878C61|7aff2fb292ee6e40f8dec777cc37316d; __cf_bm=zj_JJZiBS2vJ7A39VmizXzgbAHYcD7EHzU9PVF9qArY-1670555373-0-ARly/nI6dJNOquqDht4f9wRcphQmDMs6Fy0+irL+nbtTXlzSqHCBl1a+mj/XGfmxibckc5/pUadCjn4CWG8BUOtcWblCqYwzepS8yISI9DIa0tSpYagTahIT73jLwEMeOa45NkUHV0I8abto1/R3a5w=; _gcl_au=1.1.244075955.1670555373
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
date: Fri, 09 Dec 2022 03:09:33 GMT
access-control-allow-origin: https://doctordong.vn
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 776a8aeeee3fb518-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 277 B IP 93.184.220.29:0
Hash c346096f7ab0b3fc45c7261b5875c02f
f4be850667d0b9179693e56c6cfcdd42a3b1ad81
f6d23cf7af5dddd0a1106127edbacf663cbedb58f539876bd92a40bdb76b2f5b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1432
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:09:33 GMT
Etag: "63918fe0-115"
Last-Modified: Fri, 09 Dec 2022 02:45:41 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 277
assetscdn-wchat.freshchat.com/static/assets/notif.da662fefc5060dabf2859ea199198b14.mp3
54.230.111.126206 Partial Content 4.3 kB URL HTTP/2 assetscdn-wchat.freshchat.com/static/assets/notif.da662fefc5060dabf2859ea199198b14.mp3
IP 54.230.111.126:0
File type Audio file with ID3 version 2.4.0, contains:\012- MPEG ADTS, layer III, v2, 56 kbps, 22.05 kHz, Monaural\012- data
Hash a529450a7cfb4a60dea41ef294fa90dd
50eb9373dfa8c38ec6aebfa6e2a5f4494871aa37
eb2e3f703cf8ee0156a1d625e053c0968b0dfcff62ea4254ddd8ba9fece3ad32
GET /static/assets/notif.da662fefc5060dabf2859ea199198b14.mp3 HTTP/1.1
Host: assetscdn-wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://wchat.freshchat.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 206 Partial Content
content-type: audio/mpeg
content-length: 4302
last-modified: Thu, 27 Oct 2022 11:43:36 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Dec 2022 03:09:34 GMT
cache-control: max-age=31536000, no-transform, public
expires: Fri, 01 Dec 2023 12:27:52 GMT
etag: "a529450a7cfb4a60dea41ef294fa90dd"
vary: Accept-Encoding
content-range: bytes 0-4301/4302
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: x-aqCIiAlHZpDrCbiMyOFyLLqI0nEZOjkgeOBPNxEqur7krtTRF81g==
age: 5
X-Firefox-Spdy: h2
wchat.freshchat.com/widget/js/co-browsing.js
54.204.31.120200 OK 8.0 kB URL HTTP/1.1 wchat.freshchat.com/widget/js/co-browsing.js
IP 54.204.31.120:0
File type ASCII text, with very long lines (27109), with no line terminators
Hash 451e59041c9a97c80376792d2b0a3b17
1dde1364568db32996c36b6e479e21233f2d4901
4a22e8436c72556b1b44b1c5e691127b31f7852261afac57dde7a76f8b9d1ab9
GET /widget/js/co-browsing.js HTTP/1.1
Host: wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doctordong.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 03:09:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
server: fwe
last-modified: Thu, 01 Dec 2022 12:27:52 GMT
expires: Sat, 09 Dec 2023 03:09:34 GMT
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
served-by: 9886
x-server: 9886
content-encoding: gzip
x-envoy-upstream-service-time: 0
x-trace-id: 00-e7806b2b662bcf5faf94ed420bad9658-c6fb1d685b14535f-00
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
x-fw-ratelimiting-managed: false
x-request-id: ec25e0cf-206d-4d0c-be9e-020fc90bdae7
ssl.mousestats.com/js/5/4/5436798338759835015.js?2784258
188.114.97.1200 OK 6.1 kB URL HTTP/2 ssl.mousestats.com/js/5/4/5436798338759835015.js?2784258
IP 188.114.97.1:0
File type ASCII text, with very long lines (641), with CRLF line terminators
Hash f42ef28120694d7bcb3eed762be97ea4
2568fd7b4535d7ed8947585bcd8b2b3ca586e13d
486d5c4dfe6f54beda8d39daac45398f4bb22583da01432abaca900e08649382
GET /js/5/4/5436798338759835015.js?2784258 HTTP/1.1
Host: ssl.mousestats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doctordong.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:09:34 GMT
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1800
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
powered-by: MouseStats
cf-cache-status: MISS
last-modified: Fri, 09 Dec 2022 03:09:34 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G9v%2BzWG571bN3UqeB6fe4vVENGT0mYazO4CTjhCrKwmWye55kiMeQoqIxPOVVSBFdlV6MAfxqRzOYdXlFgFgca0UTwF0xTpvAGDEC4PZZRxtCxRHcIfF4Pa8f3uA%2FrOmckoEUCs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776a8aef3c7cb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wchat.freshchat.com/widget/css/cb.css?t=1670555373304
54.204.31.120200 OK 639 B URL HTTP/1.1 wchat.freshchat.com/widget/css/cb.css?t=1670555373304
IP 54.204.31.120:0
File type ASCII text, with very long lines (1524)
Hash a9f329d058fdd0d77215e146238839e5
805ec101d0f1e8499e7d6228c4ae260e9321459f
0e6588f44780ace88861cf0e21c7d684c1adf891f23348a44bc466bc73409e6a
GET /widget/css/cb.css?t=1670555373304 HTTP/1.1
Host: wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doctordong.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 03:09:34 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
server: fwe
last-modified: Thu, 01 Dec 2022 12:27:52 GMT
expires: Sat, 09 Dec 2023 03:09:34 GMT
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
served-by: 6714
x-server: 6714
content-encoding: gzip
x-envoy-upstream-service-time: 0
x-trace-id: 00-67b5840be106ec810fc56f3ab6227118-b5ef6c0c85a5eba6-00
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
x-fw-ratelimiting-managed: false
x-request-id: a9c4689c-eef2-4ecf-a120-b71b462c9ba9
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doctordong.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 09 Dec 2022 02:46:55 GMT
expires: Fri, 09 Dec 2022 04:46:55 GMT
cache-control: public, max-age=7200
age: 1359
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 07a86cf9d9c8389ebd9c52303c83b27f
fd3524d701bdf111c541b6fc9e038bffcc3b5d6c
de08c944b2cb2671078e452d870757622e286f7214d736ab2c1b1d1c2ab8dcfb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:09:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.hotjar.com/c/hotjar-2428610.js?sv=6
143.204.55.98200 OK 3.1 kB URL HTTP/2 static.hotjar.com/c/hotjar-2428610.js?sv=6
IP 143.204.55.98:0
File type ASCII text, with very long lines (6375)
Hash 0ba05e7be86ae6ceb65e58483addc9df
60af7ec6f20f45bb0eb5d4f3d19bad7857f9dff9
5d0fc14e76d785a39e4b25464075e5383b41e730edcdeadff90d3371b5fb13b6
GET /c/hotjar-2428610.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doctordong.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Fri, 09 Dec 2022 03:09:34 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/ffe96bba296fb718bd97c2809e3f2af6
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -2MT_kaEkTy0_OUihi1YQJT-_uB6lQ-AgtWXUUu5_s2zmvWMcWs0sg==
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/11017086352/?random=1670555373073&cv=11&fst=1670555373073&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fdoctordong.vn%2F%3Futm_source%3Dpdlprofit%26utm_medium%3Dcpa%26utm_term%3D32995%26click_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b&tiba=T%C6%B0%20v%E1%BA%A5n%20vay%20t%C3%A0i%20ch%C3%ADnh%20-%20h%E1%BB%97%20tr%E1%BB%A3%20ti%E1%BB%81n%20m%E1%BA%B7t%20nhanh%20trong%20ng%C3%A0y&auid=244075955.1670555373&rfmt=3&fmt=4
142.250.74.98200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/11017086352/?random=1670555373073&cv=11&fst=1670555373073&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fdoctordong.vn%2F%3Futm_source%3Dpdlprofit%26utm_medium%3Dcpa%26utm_term%3D32995%26click_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b&tiba=T%C6%B0%20v%E1%BA%A5n%20vay%20t%C3%A0i%20ch%C3%ADnh%20-%20h%E1%BB%97%20tr%E1%BB%A3%20ti%E1%BB%81n%20m%E1%BA%B7t%20nhanh%20trong%20ng%C3%A0y&auid=244075955.1670555373&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2249), with no line terminators
Hash 6c8c2964bd10205c438ce7eaee555727
d289f27358e9940c44feaa5fe205dfca0c475c78
bbdfe7573e58d6e6231b020885c8b694b16b9055119b37d7fbefb7e14d09570a
GET /pagead/viewthroughconversion/11017086352/?random=1670555373073&cv=11&fst=1670555373073&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fdoctordong.vn%2F%3Futm_source%3Dpdlprofit%26utm_medium%3Dcpa%26utm_term%3D32995%26click_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b&tiba=T%C6%B0%20v%E1%BA%A5n%20vay%20t%C3%A0i%20ch%C3%ADnh%20-%20h%E1%BB%97%20tr%E1%BB%A3%20ti%E1%BB%81n%20m%E1%BA%B7t%20nhanh%20trong%20ng%C3%A0y&auid=244075955.1670555373&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doctordong.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 03:09:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1010
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 09-Dec-2022 03:24:34 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js
54.230.111.126200 OK 184 kB URL HTTP/2 assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js
IP 54.230.111.126:0
File type Unicode text, UTF-8 text, with very long lines (38260), with NEL line terminators
Size 184 kB (184210 bytes)
Hash e9b1d5a3c6f64c6f78ce36f6e7410a49
90b14e5ddf6ac627d5a08a685114b6f5a3dcd947
9171028eb77ee2fd9bddaa282dc36afbf2799697572414fe4523c64663feb4db
GET /static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js HTTP/1.1
Host: assetscdn-wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wchat.freshchat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 11:43:36 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Fri, 09 Dec 2022 03:07:03 GMT
cache-control: max-age=31536000, no-transform, public
expires: Fri, 01 Dec 2023 12:27:52 GMT
etag: W/"3474f8e0dcdb6126f26894076afa40d6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: B1_RN79kQbv7ZqUi-QMKN3px4n0yghI3tImGP3doqcw4QcxtSJ6E0g==
age: 152
X-Firefox-Spdy: h2
assetscdn-wchat.freshchat.com/static/assets/chunk.dae9916ea314ef4d0ff8.css
54.230.111.126200 OK 94 kB URL HTTP/2 assetscdn-wchat.freshchat.com/static/assets/chunk.dae9916ea314ef4d0ff8.css
IP 54.230.111.126:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 82f099b0209f46d0b3fb7f1a226ff0d3
88ce45ddb9849f6f44cf6eac9a5ecc8585e16f3a
62b632c132ca55fa4680831b486be98b501e9ef87e70b5cd446a5ce70a1067fd
GET /static/assets/chunk.dae9916ea314ef4d0ff8.css HTTP/1.1
Host: assetscdn-wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wchat.freshchat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 01 Dec 2022 12:27:57 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Fri, 09 Dec 2022 03:06:45 GMT
cache-control: max-age=31536000, no-transform, public
expires: Fri, 01 Dec 2023 12:27:52 GMT
etag: W/"d7b50c07b9248a5b3580e8673cc25c3f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vL1HF-0s3T55FGGcKMNBmzvTsmEKCDSvNzOyMOxBdme1KZo4IX5uow==
age: 173
X-Firefox-Spdy: h2
wchat.freshchat.com/app/services/app/webchat/dbd4d785-0a71-4d0c-8b91-6498663adf07/user
54.204.31.120200 OK 63 B URL HTTP/1.1 wchat.freshchat.com/app/services/app/webchat/dbd4d785-0a71-4d0c-8b91-6498663adf07/user
IP 54.204.31.120:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 986b346dcc5bc15f4f28a5878eb3bd54
0576953cc35e7ddfad56bf9e0ca4c35411c62aea
02a00e3ef645e0351f654665d42b03388e6a73e0ab4f853c8904faecf322b229
GET /app/services/app/webchat/dbd4d785-0a71-4d0c-8b91-6498663adf07/user HTTP/1.1
Host: wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wchat.freshchat.com/widget/?token=dbd4d785-0a71-4d0c-8b91-6498663adf07&referrer=aHR0cHM6Ly9kb2N0b3Jkb25nLnZu
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 03:09:34 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 63
Connection: keep-alive
server: fwe
access-control-allow-credentials: true
cache-control: no-store
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-request-id: 94c03eed-801d-4fc5-b995-5b86a5585db4
x-server: 2601
x-envoy-upstream-service-time: 4
x-trace-id: 00-a3a1068f75f6c4e9eb0c50074c3dbb99-570b00f00b3b1a28-00
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
x-fw-ratelimiting-managed: true
x-ratelimit-total: 3000
x-ratelimit-remaining: 2998
x-ratelimit-used-currentrequest: 1
x-ratelimit-limit: 3000
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2556512b197b09798af71bea10bb4bbb
23b647aca5f8294ae82fa8cc7e2215ebe3347b60
3b5bd592342d978bcf8919d1a1e2f87295e2e4af5b5b266e6017b7a25725d08d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:09:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
143.204.55.20200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
IP 143.204.55.20:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash e0652b84b7b3b650769c759fc520c3f8
0b55d6e28613350c7f41b88f19e726e6751ad03b
94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d
GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doctordong.vn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 23 Nov 2022 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hl9-Ar-RNTHBCP5GA6IOHxZ5wf3rarNVR2AwTP2G3ZLAD-frhuzP5g==
age: 1346368
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 07a86cf9d9c8389ebd9c52303c83b27f
fd3524d701bdf111c541b6fc9e038bffcc3b5d6c
de08c944b2cb2671078e452d870757622e286f7214d736ab2c1b1d1c2ab8dcfb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:09:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-63865714-1&cid=942068333.1670555371&jid=121750827&gjid=633340697&_gid=158753634.1670555373&_u=YCDAgAABAAAAAE~&z=806977550
108.177.14.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-63865714-1&cid=942068333.1670555371&jid=121750827&gjid=633340697&_gid=158753634.1670555373&_u=YCDAgAABAAAAAE~&z=806977550
IP 108.177.14.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-63865714-1&cid=942068333.1670555371&jid=121750827&gjid=633340697&_gid=158753634.1670555373&_u=YCDAgAABAAAAAE~&z=806977550 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://doctordong.vn
Connection: keep-alive
Referer: https://doctordong.vn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://doctordong.vn
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 09 Dec 2022 03:09:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 32d90ff0cc366730c3633c1201b4c058
f4175292b607197a15085e14bf69df301dff6706
b4b2f80fbe9b02f3d54dc35a3738c31a4d7cb5a5e528fcbce50263d8c458231a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:09:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/11017086352/?random=1670555373073&cv=11&fst=1670554800000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fdoctordong.vn%2F%3Futm_source%3Dpdlprofit%26utm_medium%3Dcpa%26utm_term%3D32995%26click_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b&tiba=T%C6%B0%20v%E1%BA%A5n%20vay%20t%C3%A0i%20ch%C3%ADnh%20-%20h%E1%BB%97%20tr%E1%BB%A3%20ti%E1%BB%81n%20m%E1%BA%B7t%20nhanh%20trong%20ng%C3%A0y&fmt=3&is_vtc=1&random=2420364992&rmt_tld=1&ipr=y
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/11017086352/?random=1670555373073&cv=11&fst=1670554800000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fdoctordong.vn%2F%3Futm_source%3Dpdlprofit%26utm_medium%3Dcpa%26utm_term%3D32995%26click_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b&tiba=T%C6%B0%20v%E1%BA%A5n%20vay%20t%C3%A0i%20ch%C3%ADnh%20-%20h%E1%BB%97%20tr%E1%BB%A3%20ti%E1%BB%81n%20m%E1%BA%B7t%20nhanh%20trong%20ng%C3%A0y&fmt=3&is_vtc=1&random=2420364992&rmt_tld=1&ipr=y
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/11017086352/?random=1670555373073&cv=11&fst=1670554800000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fdoctordong.vn%2F%3Futm_source%3Dpdlprofit%26utm_medium%3Dcpa%26utm_term%3D32995%26click_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b&tiba=T%C6%B0%20v%E1%BA%A5n%20vay%20t%C3%A0i%20ch%C3%ADnh%20-%20h%E1%BB%97%20tr%E1%BB%A3%20ti%E1%BB%81n%20m%E1%BA%B7t%20nhanh%20trong%20ng%C3%A0y&fmt=3&is_vtc=1&random=2420364992&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doctordong.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 03:09:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2556512b197b09798af71bea10bb4bbb
23b647aca5f8294ae82fa8cc7e2215ebe3347b60
3b5bd592342d978bcf8919d1a1e2f87295e2e4af5b5b266e6017b7a25725d08d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:09:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-63865714-1&cid=942068333.1670555371&jid=121750827&_u=YCDAgAABAAAAAE~&z=632147
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-63865714-1&cid=942068333.1670555371&jid=121750827&_u=YCDAgAABAAAAAE~&z=632147
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-63865714-1&cid=942068333.1670555371&jid=121750827&_u=YCDAgAABAAAAAE~&z=632147 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doctordong.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 03:09:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 32d90ff0cc366730c3633c1201b4c058
f4175292b607197a15085e14bf69df301dff6706
b4b2f80fbe9b02f3d54dc35a3738c31a4d7cb5a5e528fcbce50263d8c458231a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:09:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wchat.freshchat.com/app/services/app/webchat/dbd4d785-0a71-4d0c-8b91-6498663adf07/widget_info_v2?locales=en-US,en-US&platform=web
54.204.31.120200 OK 3.4 kB URL HTTP/1.1 wchat.freshchat.com/app/services/app/webchat/dbd4d785-0a71-4d0c-8b91-6498663adf07/widget_info_v2?locales=en-US,en-US&platform=web
IP 54.204.31.120:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (12268), with no line terminators
Hash e3c1bd5f17628bb51a9ef3445c6179be
beeac16352cd1faa530ace8c631201dc7b373467
1cd98589390ee4ec1b9908678b7b37e0bca2cc4f08f83e29f454a82ebe8c0f3f
GET /app/services/app/webchat/dbd4d785-0a71-4d0c-8b91-6498663adf07/widget_info_v2?locales=en-US,en-US&platform=web HTTP/1.1
Host: wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wchat.freshchat.com/widget/?token=dbd4d785-0a71-4d0c-8b91-6498663adf07&referrer=aHR0cHM6Ly9kb2N0b3Jkb25nLnZu
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 03:09:34 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
server: fwe
access-control-allow-credentials: true
cache-control: no-store
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-request-id: 41d0508b-ad72-4de9-b1e9-c8770474ed62
content-encoding: gzip
vary: accept-encoding
x-server: 9886
x-status: EXPIRED
x-envoy-upstream-service-time: 23
x-trace-id: 00-c299fab6065b10737a5947b7bc1b1fc5-89546e0285ecbd0b-00
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
x-fw-ratelimiting-managed: true
x-ratelimit-total: 3000
x-ratelimit-remaining: 2997
x-ratelimit-used-currentrequest: 1
x-ratelimit-limit: 3000
assetscdn-wchat.freshchat.com/static/assets/freshchat-line.7327fc2a43ff6a857c38e96ffa7e00f2.svg
54.230.111.126200 OK 663 B URL HTTP/2 assetscdn-wchat.freshchat.com/static/assets/freshchat-line.7327fc2a43ff6a857c38e96ffa7e00f2.svg
IP 54.230.111.126:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (663), with no line terminators
Hash cd452acf4efb05843ef7575e5a9de756
be8d842348dc19a58dcf46588cdfa8010616da05
2b82601133216ec29983087a0532e9b0af553f7f4a8b3b00ff9d7ffcc1142542
GET /static/assets/freshchat-line.7327fc2a43ff6a857c38e96ffa7e00f2.svg HTTP/1.1
Host: assetscdn-wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wchat.freshchat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 663
last-modified: Thu, 27 Oct 2022 11:43:35 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Dec 2022 03:06:34 GMT
cache-control: max-age=31536000, no-transform, public
expires: Fri, 01 Dec 2023 12:27:52 GMT
etag: "cd452acf4efb05843ef7575e5a9de756"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BYeHPtoBAOG2fNnTMTp4MQmMtH2owcbTGOzGjq9DvBu4C2DoSRzejA==
age: 198
X-Firefox-Spdy: h2
wchat.freshchat.com/app/services/app/webchat/dbd4d785-0a71-4d0c-8b91-6498663adf07/user/c9f9c3a1-3673-4a88-bb78-215c3cb72fd5/activity
54.204.31.120200 OK 17 B URL HTTP/1.1 wchat.freshchat.com/app/services/app/webchat/dbd4d785-0a71-4d0c-8b91-6498663adf07/user/c9f9c3a1-3673-4a88-bb78-215c3cb72fd5/activity
IP 54.204.31.120:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5b64e8b89092b2e3dfd448b10700627f
484b3032619fa1acd135d114565b0a5166281c22
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
PUT /app/services/app/webchat/dbd4d785-0a71-4d0c-8b91-6498663adf07/user/c9f9c3a1-3673-4a88-bb78-215c3cb72fd5/activity HTTP/1.1
Host: wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wchat.freshchat.com
Connection: keep-alive
Referer: https://wchat.freshchat.com/widget/?token=dbd4d785-0a71-4d0c-8b91-6498663adf07&referrer=aHR0cHM6Ly9kb2N0b3Jkb25nLnZu
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 03:09:34 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 17
Connection: keep-alive
server: fwe
access-control-allow-credentials: true
cache-control: no-store
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-request-id: 266d83c5-603f-4b4c-8799-1edb877181ea
x-server: 2601
x-envoy-upstream-service-time: 4
x-trace-id: 00-bc48c09185175b22d9c8ff2ea626c5d3-205c7e6ca8894f73-00
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
x-fw-ratelimiting-managed: true
x-ratelimit-total: 3000
x-ratelimit-remaining: 2996
x-ratelimit-used-currentrequest: 1
x-ratelimit-limit: 3000
assetscdn-wchat.freshchat.com/static/assets/freshchat_logo.f6e2dc08072c0bf69ca4c005e561b7dc.png
54.230.111.126200 OK 5.0 kB URL HTTP/2 assetscdn-wchat.freshchat.com/static/assets/freshchat_logo.f6e2dc08072c0bf69ca4c005e561b7dc.png
IP 54.230.111.126:0
File type PNG image data, 293 x 293, 8-bit/color RGBA, non-interlaced\012- data
Hash 220df3cb357233c7db4db0b168d191ba
76931b059d8503b77a5aa55836199b9cb3bf9cb9
65844f2f98cb4ef7ee8eea8b791a403cd4c01ff6b638adfba3613738af7efeb6
GET /static/assets/freshchat_logo.f6e2dc08072c0bf69ca4c005e561b7dc.png HTTP/1.1
Host: assetscdn-wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wchat.freshchat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 5034
last-modified: Thu, 27 Oct 2022 11:43:35 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Dec 2022 03:06:58 GMT
cache-control: max-age=31536000, no-transform, public
expires: Fri, 01 Dec 2023 12:27:52 GMT
etag: "220df3cb357233c7db4db0b168d191ba"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nMiEfV704QwLRNnd_5HoPLuuruRCSjfy6mbbupfLab_NvRexFhCZMw==
age: 178
X-Firefox-Spdy: h2
wchat.freshchat.com/app/services/app/webchat/dbd4d785-0a71-4d0c-8b91-6498663adf07/faq/category?platform=web&locales=en-US%2Cen-US&since=&lastLocaleId=
54.204.31.120200 OK 4.9 kB URL HTTP/1.1 wchat.freshchat.com/app/services/app/webchat/dbd4d785-0a71-4d0c-8b91-6498663adf07/faq/category?platform=web&locales=en-US%2Cen-US&since=&lastLocaleId=
IP 54.204.31.120:0
File type JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (28988), with no line terminators
Hash 8650e21a646fa5b128a7fd9002d1a836
958bda3790a105bd9aa6103f43bdc9af953c32a2
f4cb01d33461564088fff31e3f16ff246ae952ce907632d33089bcef3bbe0fc8
GET /app/services/app/webchat/dbd4d785-0a71-4d0c-8b91-6498663adf07/faq/category?platform=web&locales=en-US%2Cen-US&since=&lastLocaleId= HTTP/1.1
Host: wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wchat.freshchat.com/widget/?token=dbd4d785-0a71-4d0c-8b91-6498663adf07&referrer=aHR0cHM6Ly9kb2N0b3Jkb25nLnZu
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 03:09:34 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
server: fwe
access-control-allow-credentials: true
cache-control: no-store
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-request-id: a6d945c7-3a21-4296-91f1-0afd5f8fe23a
content-encoding: gzip
vary: accept-encoding
x-server: 6714
x-envoy-upstream-service-time: 8
x-trace-id: 00-845d47abb88393db234c05265baed0e9-0cdccec91a62b6a9-00
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
x-fw-ratelimiting-managed: true
x-ratelimit-total: 3000
x-ratelimit-remaining: 2995
x-ratelimit-used-currentrequest: 1
x-ratelimit-limit: 3000
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash f412629172fd427a829ea51896c1f7dd
abc84048ef8a684874d76acec7c641b8cd3622bf
884d1d2741892947369c639ac5f1c7357484c972beb0bdd7b35d89bd4f26d234
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=125870
Date: Fri, 09 Dec 2022 03:09:34 GMT
Etag: "6391eb4f-1d7"
Expires: Sat, 10 Dec 2022 14:07:24 GMT
Last-Modified: Thu, 08 Dec 2022 13:49:03 GMT
Server: ECS (nyb/1D11)
X-Cache: Miss from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cFiS4-P7SIBUFfEpTb3PTB_L-Y5IedJI7ptdTlkkIUpQCVxyAgeUGA==
Age: 1101
httpsdoctordongvn.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9kb2N0b3Jkb25nLnZu
143.204.55.12200 OK 10 kB URL HTTP/2 httpsdoctordongvn.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9kb2N0b3Jkb25nLnZu
IP 143.204.55.12:0
Hash 2089d9f51d7eebc7cbf0ac77b79552a8
e61897500b0bb8881f0b1c1d6a3c649048a0a83b
f14fee482062003f8c431db8e114d321ba85f99676b8659e563cc4d14d6b4798
GET /index.html?ref=aHR0cHM6Ly9kb2N0b3Jkb25nLnZu HTTP/1.1
Host: httpsdoctordongvn.webpush.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doctordong.vn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
last-modified: Fri, 25 Oct 2019 06:53:38 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Fri, 09 Dec 2022 03:09:35 GMT
etag: W/"4d98f93ebe4eb8cedbbfdb3004920aeb"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kQtdzJdDEz9KbfxljgpGZ6HxY1bQXLE6ZIFOSABQM7xtdyKu_cSoAw==
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 9339e946ac214e7f0fae26fbb0f86402
c3c21c6f12a64d96ef5e39acb895db4210d46af8
bc70f65bc29e724b208408b2856b482a1865b2756093da1fd33e83526133d00e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=120843
Date: Fri, 09 Dec 2022 03:09:35 GMT
Etag: "6391d7ae-1d7"
Expires: Sat, 10 Dec 2022 12:43:38 GMT
Last-Modified: Thu, 08 Dec 2022 12:25:18 GMT
Server: ECS (nyb/1D15)
X-Cache: Miss from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: q723aWlDFG9Fx-EZH_cMCr_POD0TJ2kPfZqzKxGaDDJQsuonq4RMZw==
Age: 1100
fc-use1-00-pics-bkt-00.s3.amazonaws.com/75478db4eb2b747f69d7c6011b67591d72ee80e5f35f40bb5237ad755739ae1d/f_marketingpicFull/u_dd2e0f00bff404fcd4847946b7d77b7fc4bbc69752d107f88ccf522f3e1580bb/img_1561092971903.png
52.217.207.65200 OK 27 kB URL HTTP/1.1 fc-use1-00-pics-bkt-00.s3.amazonaws.com/75478db4eb2b747f69d7c6011b67591d72ee80e5f35f40bb5237ad755739ae1d/f_marketingpicFull/u_dd2e0f00bff404fcd4847946b7d77b7fc4bbc69752d107f88ccf522f3e1580bb/img_1561092971903.png
IP 52.217.207.65:0
File type PNG image data, 296 x 296, 8-bit/color RGBA, non-interlaced\012- data
Hash fa6344e49df126f80be7ecb2ddeaeda4
cd1935a170ce49ca43750d5e70a326820b9f4761
997907d705690beda28215ab0f18ef67dacc84d87e90f142d9c49135e23cbccf
GET /75478db4eb2b747f69d7c6011b67591d72ee80e5f35f40bb5237ad755739ae1d/f_marketingpicFull/u_dd2e0f00bff404fcd4847946b7d77b7fc4bbc69752d107f88ccf522f3e1580bb/img_1561092971903.png HTTP/1.1
Host: fc-use1-00-pics-bkt-00.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wchat.freshchat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: BSstgVaNbxH9hOzaGsdJB2LPijivQ97TixRbn5Ej6QrgCOOwly8uDc+wQtZyGDm9GZ2QS3IwCB4=
x-amz-request-id: PJJDCP7MQRPTQA7T
Date: Fri, 09 Dec 2022 03:09:36 GMT
Last-Modified: Fri, 21 Jun 2019 04:56:12 GMT
ETag: "fa6344e49df126f80be7ecb2ddeaeda4"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 26952
s3.amazonaws.com/hotline-static/starter_kit/1/ckeditor_img/img_1456128838120.png
52.217.96.142200 OK 2.6 kB URL HTTP/1.1 s3.amazonaws.com/hotline-static/starter_kit/1/ckeditor_img/img_1456128838120.png
IP 52.217.96.142:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 50ef44a1341b31c7b6e46605da336067
f860b23c6409f83a82835fc148dd4bbd6a7c1576
fb809b8b1cd54500fcd52a3e4b380be753a1130e172a5cf1261c4da46591bd16
GET /hotline-static/starter_kit/1/ckeditor_img/img_1456128838120.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wchat.freshchat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: KL3aSvFnQpNqYgwVv176JsMp5K/5FhGyAQhEoRGZTljhJ1t9KeNv5RhTnVbI9vMr8CudgF4PnGA=
x-amz-request-id: PJJ0B9616HMGD0JF
Date: Fri, 09 Dec 2022 03:09:36 GMT
Last-Modified: Thu, 18 Jun 2020 14:01:12 GMT
ETag: "50ef44a1341b31c7b6e46605da336067"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 2628
doctordong.vn/cdn-cgi/rum?
104.16.119.40204 No Content 0 B URL HTTP/2 doctordong.vn/cdn-cgi/rum?
IP 104.16.119.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
POST /cdn-cgi/rum? HTTP/1.1
Host: doctordong.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 549
Origin: https://doctordong.vn
Connection: keep-alive
Referer: https://doctordong.vn/?utm_source=pdlprofit&utm_medium=cpa&utm_term=32995&click_id=ac22cf0f3fa21f455d4bb82c8121124e8f64cd8b
Cookie: __cfruid=29fbdc0f4b53ab6385fd217a1d19d5f976033a51-1670555371; url_log=https%3A%2F%2Fdoctordong.vn%2F%3Fclick_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b%26utm_medium%3Dcpa%26utm_source%3Dpdlprofit%26utm_term%3D32995; utm_medium_true_sec=R0gzZHUxbFhQZkgzSHJyN0JEdmN6UT09LS1UZWxWVW1xNWVyQ1RuanRpb1hFNWFRPT0%3D--4b1e5ad0e9a424736e5f9691d3c5a59e96f3db21; utm_source_true_sec=Y2dNaXhmUnFSOEc2MGs1YVJJUkJWdz09LS15OTA3dlErejJ0c1c1d215VENqMVdRPT0%3D--abb94f8745b0d21e8e9ac9c7e46bdde99a1ef350; utm_term_true_sec=SEtLQVlLR3NuMFBhcWozNmZIQ2E2UT09LS16YWlTQUdYeWJhWjIwMUxTRkJjSkZBPT0%3D--36ae2e3027c0ec8957b7fd05832e74d66d40ca84; cet=Qkg5YVRqM3dyOEZwd0YvczdpQ3FNNzNxSXg0bzNEdjVCR0hVTXJlUTVnZz0tLXk4VGhyeFovTjhYalN3RHZ6ZERKVkE9PQ%3D%3D--60c52289dae5d59da419ae1bd7e075651caa9a07; utm_source_sec=d2MzS3JnaE1SUzd3L1JBQURSWTk1UT09LS1YRmRwbkw1Wnh1RmVYblZRRXpHYVBnPT0%3D--53cab07ce8042e089405fbbd280e819bb5eb6316; utm_medium_sec=WlNrS2kxZE1GajhrRkJpeTlLd2lGZz09LS01RDZ1UXFlb3VkVDBVSHpLSlVNZHpnPT0%3D--f7e3d46fb32f1e15c673d3f2e8320bd664516e28; utm_term_sec=bEtGY2ZaQUFoNm5FcmNjdDhLd1haUT09LS1LVk9sTmxuRTlNUWphVDFSM1lqc3B3PT0%3D--0fadb5225afdfbe1d257edb0aa714f68d4a3e3ea; click_id_sec=dzhTakNETjFsTU94ZTI1SVk2TlNiU2puOFRIaVVZZWFjeTdvbm82d1d0VFY5aDM4NzRFQ0FtQWlzQnpyb04yOS0tUThUaHFoZUlscDRKRlJTREczVld1dz09--97b3f151d36462ca95cc8df9e6a3e298760aa740; product_code_sec=WVRwcFY3S3M0TlphN3ZNOWdKenI2dz09LS1yVHZGakhrT1h2ZEhrTzFRU00yU2h3PT0%3D--52e29355e488f3b696425761d7ada295d6a757e2; _doctordong_session=VFdkZlZqYUxkLy82NkJ2RDljRHk0VEhaaVA4am51b3BNTXNRVlV4dGRBU29SbU9RekFleDYzU0c3TzFhNWR2WjAzcWMwbGFuZFZnY1JHemlEMnZobEhSQ3kxZkVPTUdtYzh3blpGTzNTRFgySGJSWklHZEFRMU0vdkxqb2xlYnJGUXFpSDdMdWZ2bXE1aXZvZGYwWWNUbFQ2eWZFVzFsSXdHWXhqdWFQbXVDWHRFOGtXamdPSjN1Z0t4MktleCttUXJvdE02YWVKNXdPc2FXL3RraFEyOC9CSmJhOXRYMnVwNlN0VHhseGRMS3VZVjV5NERRSklXVE8vZmVlb29kblBQVUVudUE4cUZvNTUyem1lQ1cyMjRLckVZc3FieEtnQWd5WnhDbUZLV2JjbE9neFlLOVJpdDg2OUtUWmxyaE4tLUtaSGNoQUo0QzJPbzkxREw5a1VsT2c9PQ%3D%3D--7721101f6ba974ecb9505e790afe5c9ef3df24d4; _pk_ref.20.6db0=%5B%22pdlprofit%22%2C%2232995%22%2C1670555371%2C%22%22%5D; _pk_id.20.6db0=8d33527c549d5109.1670555371.; _pk_ses.20.6db0=1; _ga_ZEYJ6ZK33W=GS1.1.1670555371.1.0.1670555378.0.0.0; _ga=GA1.2.942068333.1670555371; timeToPressBorrow=6; _fw_crm_v=0f8ebc34-537c-407f-c3d2-33ced5f079fd; _vwo_uuid_v2=DCA532F33BA19F706255EBC5B34878C61|7aff2fb292ee6e40f8dec777cc37316d; __cf_bm=zj_JJZiBS2vJ7A39VmizXzgbAHYcD7EHzU9PVF9qArY-1670555373-0-ARly/nI6dJNOquqDht4f9wRcphQmDMs6Fy0+irL+nbtTXlzSqHCBl1a+mj/XGfmxibckc5/pUadCjn4CWG8BUOtcWblCqYwzepS8yISI9DIa0tSpYagTahIT73jLwEMeOa45NkUHV0I8abto1/R3a5w=; _gcl_au=1.1.244075955.1670555373; mousestats_vi=94f83b18ae8b01691261; mousestats_si=1f4463f9e8b7a80f58f9; _gid=GA1.2.158753634.1670555373; _dc_gtm_UA-63865714-1=1; _gat_%5Bobject%20Object%5D=1; _hjSessionUser_2428610=eyJpZCI6IjI1NmJmNzNiLWVkOTYtNTVlYS04NGUzLTExNjIxZTk3YzM3NyIsImNyZWF0ZWQiOjE2NzA1NTUzNzM2MjksImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2428610=eyJpZCI6IjZhNmMwZTE5LTE3ZmYtNDg3Ny05MjZiLWM0MjZmODUzY2U1ZSIsImNyZWF0ZWQiOjE2NzA1NTUzNzM2MzYsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
date: Fri, 09 Dec 2022 03:09:39 GMT
access-control-allow-origin: https://doctordong.vn
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 776a8b105a1cb518-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
assetscdn-wchat.freshchat.com/static/assets/chunk.f0e50d864072128887fc.js
54.230.111.126200 OK 0 B URL HTTP/2 assetscdn-wchat.freshchat.com/static/assets/chunk.f0e50d864072128887fc.js
IP 54.230.111.126:0
GET /static/assets/chunk.f0e50d864072128887fc.js HTTP/1.1
Host: assetscdn-wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wchat.freshchat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 11:43:35 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Fri, 09 Dec 2022 03:07:10 GMT
cache-control: max-age=31536000, no-transform, public
expires: Fri, 01 Dec 2023 12:27:52 GMT
etag: W/"1ae4407b7afcc2dc550f4d597659d448"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pX_mN8rhZ323e2gx-DUmtDRBMOukdl8OOv-atzgeNJ7Tpxj3KJPtCg==
age: 284
X-Firefox-Spdy: h2
doctordong.vn/404?redirect_from=https%3A%2F%2Fdoctordong.vn%2Fimages%2Ffavicons%2Ffavicon.ico
104.16.119.40404 Not Found 0 B URL HTTP/2 doctordong.vn/404?redirect_from=https%3A%2F%2Fdoctordong.vn%2Fimages%2Ffavicons%2Ffavicon.ico
IP 104.16.119.40:0
GET /404?redirect_from=https%3A%2F%2Fdoctordong.vn%2Fimages%2Ffavicons%2Ffavicon.ico HTTP/1.1
Host: doctordong.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://doctordong.vn/?utm_source=pdlprofit&utm_medium=cpa&utm_term=32995&click_id=ac22cf0f3fa21f455d4bb82c8121124e8f64cd8b
Connection: keep-alive
Cookie: __cfruid=29fbdc0f4b53ab6385fd217a1d19d5f976033a51-1670555371; url_log=https%3A%2F%2Fdoctordong.vn%2F%3Fclick_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b%26utm_medium%3Dcpa%26utm_source%3Dpdlprofit%26utm_term%3D32995; utm_medium_true_sec=R0gzZHUxbFhQZkgzSHJyN0JEdmN6UT09LS1UZWxWVW1xNWVyQ1RuanRpb1hFNWFRPT0%3D--4b1e5ad0e9a424736e5f9691d3c5a59e96f3db21; utm_source_true_sec=Y2dNaXhmUnFSOEc2MGs1YVJJUkJWdz09LS15OTA3dlErejJ0c1c1d215VENqMVdRPT0%3D--abb94f8745b0d21e8e9ac9c7e46bdde99a1ef350; utm_term_true_sec=SEtLQVlLR3NuMFBhcWozNmZIQ2E2UT09LS16YWlTQUdYeWJhWjIwMUxTRkJjSkZBPT0%3D--36ae2e3027c0ec8957b7fd05832e74d66d40ca84; cet=Qkg5YVRqM3dyOEZwd0YvczdpQ3FNNzNxSXg0bzNEdjVCR0hVTXJlUTVnZz0tLXk4VGhyeFovTjhYalN3RHZ6ZERKVkE9PQ%3D%3D--60c52289dae5d59da419ae1bd7e075651caa9a07; utm_source_sec=d2MzS3JnaE1SUzd3L1JBQURSWTk1UT09LS1YRmRwbkw1Wnh1RmVYblZRRXpHYVBnPT0%3D--53cab07ce8042e089405fbbd280e819bb5eb6316; utm_medium_sec=WlNrS2kxZE1GajhrRkJpeTlLd2lGZz09LS01RDZ1UXFlb3VkVDBVSHpLSlVNZHpnPT0%3D--f7e3d46fb32f1e15c673d3f2e8320bd664516e28; utm_term_sec=bEtGY2ZaQUFoNm5FcmNjdDhLd1haUT09LS1LVk9sTmxuRTlNUWphVDFSM1lqc3B3PT0%3D--0fadb5225afdfbe1d257edb0aa714f68d4a3e3ea; click_id_sec=dzhTakNETjFsTU94ZTI1SVk2TlNiU2puOFRIaVVZZWFjeTdvbm82d1d0VFY5aDM4NzRFQ0FtQWlzQnpyb04yOS0tUThUaHFoZUlscDRKRlJTREczVld1dz09--97b3f151d36462ca95cc8df9e6a3e298760aa740; product_code_sec=aUV6ems4MUNYaFpha05rWjluLzdEZz09LS1SaHROVkRTWnZjbjNmWmI3NE9UVVNnPT0%3D--63eb9166b4d7abe526ca4cdd5ab5244795366a76; _doctordong_session=UEFwRVpmL3pUQ3BrWTBIVmFnbE9MMTlHOFNhUGF2b1pqRC9POWd1eXA5d2hlZklTK2ZBZjJxYVlKVjV4MGJQalpIRyt6dDRzUCs5YVNxaFN4b2NMZWJaNkRZakIxc0syWWQwQW55Zkk2bHNGZ1JndXhMRXZlWXRNWjJrWkdKQmVCR2w1UXN3RlM3Y3F6azRQcTczbTNIUHBvMnJ6QmtKUlhpUzd4eDFOa0xLMjAzSU1icnBRK1FHWCtpSi8rRUJEcmFBMVFtYTR1ckFCQ2ZZMFhCYzBtd2FxTEN3QWU3Um1aN0dQQTN1UWNYWmwrTHdqZUFuTmYvZmtjc1dKM2hCV0FMQWF1QjFkbENQUjRjbEgxOXdsMEs5SHlrMFp2TnIvendISDdxc0ZsUG9obER5K25PdkV0R0RESG1pT1E1S1hPVHpNenVXaWtqZ2FONjdnelhiTTVWdkZFTS93U3FRQ3dJelVrNlR5TWZzPS0tekZNYkZ6dTBmb3M0YVVDYUZPMW9jQT09--68e4e71d009bfaa0e24339255c89d891c36af420; _pk_ref.20.6db0=%5B%22pdlprofit%22%2C%2232995%22%2C1670555371%2C%22%22%5D; _pk_id.20.6db0=8d33527c549d5109.1670555371.; _pk_ses.20.6db0=1; _ga_ZEYJ6ZK33W=GS1.1.1670555371.1.0.1670555371.0.0.0; _ga=GA1.1.942068333.1670555371; timeToPressBorrow=0; _fw_crm_v=0f8ebc34-537c-407f-c3d2-33ced5f079fd; _vwo_uuid_v2=DCA532F33BA19F706255EBC5B34878C61|7aff2fb292ee6e40f8dec777cc37316d; __cf_bm=zj_JJZiBS2vJ7A39VmizXzgbAHYcD7EHzU9PVF9qArY-1670555373-0-ARly/nI6dJNOquqDht4f9wRcphQmDMs6Fy0+irL+nbtTXlzSqHCBl1a+mj/XGfmxibckc5/pUadCjn4CWG8BUOtcWblCqYwzepS8yISI9DIa0tSpYagTahIT73jLwEMeOa45NkUHV0I8abto1/R3a5w=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Fri, 09 Dec 2022 03:09:34 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: no-cache
set-cookie: product_code_sec=WVRwcFY3S3M0TlphN3ZNOWdKenI2dz09LS1yVHZGakhrT1h2ZEhrTzFRU00yU2h3PT0%3D--52e29355e488f3b696425761d7ada295d6a757e2; path=/; HttpOnly; SameSite=Lax; expires=Sun, 08 Jan 2023 03:09:34 -0000
_doctordong_session=VFdkZlZqYUxkLy82NkJ2RDljRHk0VEhaaVA4am51b3BNTXNRVlV4dGRBU29SbU9RekFleDYzU0c3TzFhNWR2WjAzcWMwbGFuZFZnY1JHemlEMnZobEhSQ3kxZkVPTUdtYzh3blpGTzNTRFgySGJSWklHZEFRMU0vdkxqb2xlYnJGUXFpSDdMdWZ2bXE1aXZvZGYwWWNUbFQ2eWZFVzFsSXdHWXhqdWFQbXVDWHRFOGtXamdPSjN1Z0t4MktleCttUXJvdE02YWVKNXdPc2FXL3RraFEyOC9CSmJhOXRYMnVwNlN0VHhseGRMS3VZVjV5NERRSklXVE8vZmVlb29kblBQVUVudUE4cUZvNTUyem1lQ1cyMjRLckVZc3FieEtnQWd5WnhDbUZLV2JjbE9neFlLOVJpdDg2OUtUWmxyaE4tLUtaSGNoQUo0QzJPbzkxREw5a1VsT2c9PQ%3D%3D--7721101f6ba974ecb9505e790afe5c9ef3df24d4; path=/; HttpOnly; SameSite=Lax
x-request-id: 147a3480-11fe-4d94-8a37-8de81fa4bbea
x-runtime: 0.057122
cf-cache-status: DYNAMIC
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 776a8aec1d47b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
doctordong.vn/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
104.16.119.40200 OK 0 B URL HTTP/2 doctordong.vn/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 104.16.119.40:0
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: doctordong.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doctordong.vn/?utm_source=pdlprofit&utm_medium=cpa&utm_term=32995&click_id=ac22cf0f3fa21f455d4bb82c8121124e8f64cd8b
Cookie: __cfruid=29fbdc0f4b53ab6385fd217a1d19d5f976033a51-1670555371; url_log=https%3A%2F%2Fdoctordong.vn%2F%3Fclick_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b%26utm_medium%3Dcpa%26utm_source%3Dpdlprofit%26utm_term%3D32995; utm_medium_true_sec=R0gzZHUxbFhQZkgzSHJyN0JEdmN6UT09LS1UZWxWVW1xNWVyQ1RuanRpb1hFNWFRPT0%3D--4b1e5ad0e9a424736e5f9691d3c5a59e96f3db21; utm_source_true_sec=Y2dNaXhmUnFSOEc2MGs1YVJJUkJWdz09LS15OTA3dlErejJ0c1c1d215VENqMVdRPT0%3D--abb94f8745b0d21e8e9ac9c7e46bdde99a1ef350; utm_term_true_sec=SEtLQVlLR3NuMFBhcWozNmZIQ2E2UT09LS16YWlTQUdYeWJhWjIwMUxTRkJjSkZBPT0%3D--36ae2e3027c0ec8957b7fd05832e74d66d40ca84; cet=Qkg5YVRqM3dyOEZwd0YvczdpQ3FNNzNxSXg0bzNEdjVCR0hVTXJlUTVnZz0tLXk4VGhyeFovTjhYalN3RHZ6ZERKVkE9PQ%3D%3D--60c52289dae5d59da419ae1bd7e075651caa9a07; utm_source_sec=d2MzS3JnaE1SUzd3L1JBQURSWTk1UT09LS1YRmRwbkw1Wnh1RmVYblZRRXpHYVBnPT0%3D--53cab07ce8042e089405fbbd280e819bb5eb6316; utm_medium_sec=WlNrS2kxZE1GajhrRkJpeTlLd2lGZz09LS01RDZ1UXFlb3VkVDBVSHpLSlVNZHpnPT0%3D--f7e3d46fb32f1e15c673d3f2e8320bd664516e28; utm_term_sec=bEtGY2ZaQUFoNm5FcmNjdDhLd1haUT09LS1LVk9sTmxuRTlNUWphVDFSM1lqc3B3PT0%3D--0fadb5225afdfbe1d257edb0aa714f68d4a3e3ea; click_id_sec=dzhTakNETjFsTU94ZTI1SVk2TlNiU2puOFRIaVVZZWFjeTdvbm82d1d0VFY5aDM4NzRFQ0FtQWlzQnpyb04yOS0tUThUaHFoZUlscDRKRlJTREczVld1dz09--97b3f151d36462ca95cc8df9e6a3e298760aa740; product_code_sec=aUV6ems4MUNYaFpha05rWjluLzdEZz09LS1SaHROVkRTWnZjbjNmWmI3NE9UVVNnPT0%3D--63eb9166b4d7abe526ca4cdd5ab5244795366a76; _doctordong_session=UEFwRVpmL3pUQ3BrWTBIVmFnbE9MMTlHOFNhUGF2b1pqRC9POWd1eXA5d2hlZklTK2ZBZjJxYVlKVjV4MGJQalpIRyt6dDRzUCs5YVNxaFN4b2NMZWJaNkRZakIxc0syWWQwQW55Zkk2bHNGZ1JndXhMRXZlWXRNWjJrWkdKQmVCR2w1UXN3RlM3Y3F6azRQcTczbTNIUHBvMnJ6QmtKUlhpUzd4eDFOa0xLMjAzSU1icnBRK1FHWCtpSi8rRUJEcmFBMVFtYTR1ckFCQ2ZZMFhCYzBtd2FxTEN3QWU3Um1aN0dQQTN1UWNYWmwrTHdqZUFuTmYvZmtjc1dKM2hCV0FMQWF1QjFkbENQUjRjbEgxOXdsMEs5SHlrMFp2TnIvendISDdxc0ZsUG9obER5K25PdkV0R0RESG1pT1E1S1hPVHpNenVXaWtqZ2FONjdnelhiTTVWdkZFTS93U3FRQ3dJelVrNlR5TWZzPS0tekZNYkZ6dTBmb3M0YVVDYUZPMW9jQT09--68e4e71d009bfaa0e24339255c89d891c36af420
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:09:31 GMT
content-type: application/javascript
last-modified: Fri, 02 Dec 2022 17:55:37 GMT
etag: W/"638a3c19-4d7"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776a8ae2ca11b518-OSL
x-frame-options: DENY
expires: Sun, 11 Dec 2022 03:09:31 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
doctordong.vn/packs/js/application-1705ccd82a233e80b913.js
104.16.119.40200 OK 0 B URL HTTP/2 doctordong.vn/packs/js/application-1705ccd82a233e80b913.js
IP 104.16.119.40:0
Analyzer Verdict Alert fortinet Phishing
GET /packs/js/application-1705ccd82a233e80b913.js HTTP/1.1
Host: doctordong.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doctordong.vn/?utm_source=pdlprofit&utm_medium=cpa&utm_term=32995&click_id=ac22cf0f3fa21f455d4bb82c8121124e8f64cd8b
Cookie: __cfruid=29fbdc0f4b53ab6385fd217a1d19d5f976033a51-1670555371; url_log=https%3A%2F%2Fdoctordong.vn%2F%3Fclick_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b%26utm_medium%3Dcpa%26utm_source%3Dpdlprofit%26utm_term%3D32995; utm_medium_true_sec=R0gzZHUxbFhQZkgzSHJyN0JEdmN6UT09LS1UZWxWVW1xNWVyQ1RuanRpb1hFNWFRPT0%3D--4b1e5ad0e9a424736e5f9691d3c5a59e96f3db21; utm_source_true_sec=Y2dNaXhmUnFSOEc2MGs1YVJJUkJWdz09LS15OTA3dlErejJ0c1c1d215VENqMVdRPT0%3D--abb94f8745b0d21e8e9ac9c7e46bdde99a1ef350; utm_term_true_sec=SEtLQVlLR3NuMFBhcWozNmZIQ2E2UT09LS16YWlTQUdYeWJhWjIwMUxTRkJjSkZBPT0%3D--36ae2e3027c0ec8957b7fd05832e74d66d40ca84; cet=Qkg5YVRqM3dyOEZwd0YvczdpQ3FNNzNxSXg0bzNEdjVCR0hVTXJlUTVnZz0tLXk4VGhyeFovTjhYalN3RHZ6ZERKVkE9PQ%3D%3D--60c52289dae5d59da419ae1bd7e075651caa9a07; utm_source_sec=d2MzS3JnaE1SUzd3L1JBQURSWTk1UT09LS1YRmRwbkw1Wnh1RmVYblZRRXpHYVBnPT0%3D--53cab07ce8042e089405fbbd280e819bb5eb6316; utm_medium_sec=WlNrS2kxZE1GajhrRkJpeTlLd2lGZz09LS01RDZ1UXFlb3VkVDBVSHpLSlVNZHpnPT0%3D--f7e3d46fb32f1e15c673d3f2e8320bd664516e28; utm_term_sec=bEtGY2ZaQUFoNm5FcmNjdDhLd1haUT09LS1LVk9sTmxuRTlNUWphVDFSM1lqc3B3PT0%3D--0fadb5225afdfbe1d257edb0aa714f68d4a3e3ea; click_id_sec=dzhTakNETjFsTU94ZTI1SVk2TlNiU2puOFRIaVVZZWFjeTdvbm82d1d0VFY5aDM4NzRFQ0FtQWlzQnpyb04yOS0tUThUaHFoZUlscDRKRlJTREczVld1dz09--97b3f151d36462ca95cc8df9e6a3e298760aa740; product_code_sec=aUV6ems4MUNYaFpha05rWjluLzdEZz09LS1SaHROVkRTWnZjbjNmWmI3NE9UVVNnPT0%3D--63eb9166b4d7abe526ca4cdd5ab5244795366a76; _doctordong_session=UEFwRVpmL3pUQ3BrWTBIVmFnbE9MMTlHOFNhUGF2b1pqRC9POWd1eXA5d2hlZklTK2ZBZjJxYVlKVjV4MGJQalpIRyt6dDRzUCs5YVNxaFN4b2NMZWJaNkRZakIxc0syWWQwQW55Zkk2bHNGZ1JndXhMRXZlWXRNWjJrWkdKQmVCR2w1UXN3RlM3Y3F6azRQcTczbTNIUHBvMnJ6QmtKUlhpUzd4eDFOa0xLMjAzSU1icnBRK1FHWCtpSi8rRUJEcmFBMVFtYTR1ckFCQ2ZZMFhCYzBtd2FxTEN3QWU3Um1aN0dQQTN1UWNYWmwrTHdqZUFuTmYvZmtjc1dKM2hCV0FMQWF1QjFkbENQUjRjbEgxOXdsMEs5SHlrMFp2TnIvendISDdxc0ZsUG9obER5K25PdkV0R0RESG1pT1E1S1hPVHpNenVXaWtqZ2FONjdnelhiTTVWdkZFTS93U3FRQ3dJelVrNlR5TWZzPS0tekZNYkZ6dTBmb3M0YVVDYUZPMW9jQT09--68e4e71d009bfaa0e24339255c89d891c36af420
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:09:31 GMT
content-type: application/javascript
cache-control: public, max-age=315360000
cf-bgj: minify
cf-polished: origSize=679370
expires: Mon, 06 Dec 2032 03:09:31 GMT
last-modified: Wed, 30 Nov 2022 11:20:29 GMT
cf-cache-status: HIT
age: 75723
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776a8ae0e974b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
doctordong.vn/cdn-cgi/challenge-platform/h/b/cv/result/776a8ada5effb518
104.16.119.40200 OK 0 B URL HTTP/2 doctordong.vn/cdn-cgi/challenge-platform/h/b/cv/result/776a8ada5effb518
IP 104.16.119.40:0
Analyzer Verdict Alert fortinet Phishing
POST /cdn-cgi/challenge-platform/h/b/cv/result/776a8ada5effb518 HTTP/1.1
Host: doctordong.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12614
Origin: https://doctordong.vn
Connection: keep-alive
Referer: https://doctordong.vn/?utm_source=pdlprofit&utm_medium=cpa&utm_term=32995&click_id=ac22cf0f3fa21f455d4bb82c8121124e8f64cd8b
Cookie: __cfruid=29fbdc0f4b53ab6385fd217a1d19d5f976033a51-1670555371; url_log=https%3A%2F%2Fdoctordong.vn%2F%3Fclick_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b%26utm_medium%3Dcpa%26utm_source%3Dpdlprofit%26utm_term%3D32995; utm_medium_true_sec=R0gzZHUxbFhQZkgzSHJyN0JEdmN6UT09LS1UZWxWVW1xNWVyQ1RuanRpb1hFNWFRPT0%3D--4b1e5ad0e9a424736e5f9691d3c5a59e96f3db21; utm_source_true_sec=Y2dNaXhmUnFSOEc2MGs1YVJJUkJWdz09LS15OTA3dlErejJ0c1c1d215VENqMVdRPT0%3D--abb94f8745b0d21e8e9ac9c7e46bdde99a1ef350; utm_term_true_sec=SEtLQVlLR3NuMFBhcWozNmZIQ2E2UT09LS16YWlTQUdYeWJhWjIwMUxTRkJjSkZBPT0%3D--36ae2e3027c0ec8957b7fd05832e74d66d40ca84; cet=Qkg5YVRqM3dyOEZwd0YvczdpQ3FNNzNxSXg0bzNEdjVCR0hVTXJlUTVnZz0tLXk4VGhyeFovTjhYalN3RHZ6ZERKVkE9PQ%3D%3D--60c52289dae5d59da419ae1bd7e075651caa9a07; utm_source_sec=d2MzS3JnaE1SUzd3L1JBQURSWTk1UT09LS1YRmRwbkw1Wnh1RmVYblZRRXpHYVBnPT0%3D--53cab07ce8042e089405fbbd280e819bb5eb6316; utm_medium_sec=WlNrS2kxZE1GajhrRkJpeTlLd2lGZz09LS01RDZ1UXFlb3VkVDBVSHpLSlVNZHpnPT0%3D--f7e3d46fb32f1e15c673d3f2e8320bd664516e28; utm_term_sec=bEtGY2ZaQUFoNm5FcmNjdDhLd1haUT09LS1LVk9sTmxuRTlNUWphVDFSM1lqc3B3PT0%3D--0fadb5225afdfbe1d257edb0aa714f68d4a3e3ea; click_id_sec=dzhTakNETjFsTU94ZTI1SVk2TlNiU2puOFRIaVVZZWFjeTdvbm82d1d0VFY5aDM4NzRFQ0FtQWlzQnpyb04yOS0tUThUaHFoZUlscDRKRlJTREczVld1dz09--97b3f151d36462ca95cc8df9e6a3e298760aa740; product_code_sec=aUV6ems4MUNYaFpha05rWjluLzdEZz09LS1SaHROVkRTWnZjbjNmWmI3NE9UVVNnPT0%3D--63eb9166b4d7abe526ca4cdd5ab5244795366a76; _doctordong_session=UEFwRVpmL3pUQ3BrWTBIVmFnbE9MMTlHOFNhUGF2b1pqRC9POWd1eXA5d2hlZklTK2ZBZjJxYVlKVjV4MGJQalpIRyt6dDRzUCs5YVNxaFN4b2NMZWJaNkRZakIxc0syWWQwQW55Zkk2bHNGZ1JndXhMRXZlWXRNWjJrWkdKQmVCR2w1UXN3RlM3Y3F6azRQcTczbTNIUHBvMnJ6QmtKUlhpUzd4eDFOa0xLMjAzSU1icnBRK1FHWCtpSi8rRUJEcmFBMVFtYTR1ckFCQ2ZZMFhCYzBtd2FxTEN3QWU3Um1aN0dQQTN1UWNYWmwrTHdqZUFuTmYvZmtjc1dKM2hCV0FMQWF1QjFkbENQUjRjbEgxOXdsMEs5SHlrMFp2TnIvendISDdxc0ZsUG9obER5K25PdkV0R0RESG1pT1E1S1hPVHpNenVXaWtqZ2FONjdnelhiTTVWdkZFTS93U3FRQ3dJelVrNlR5TWZzPS0tekZNYkZ6dTBmb3M0YVVDYUZPMW9jQT09--68e4e71d009bfaa0e24339255c89d891c36af420; _pk_ref.20.6db0=%5B%22pdlprofit%22%2C%2232995%22%2C1670555371%2C%22%22%5D; _pk_id.20.6db0=8d33527c549d5109.1670555371.; _pk_ses.20.6db0=1; _ga_ZEYJ6ZK33W=GS1.1.1670555371.1.0.1670555371.0.0.0; _ga=GA1.1.942068333.1670555371; timeToPressBorrow=0; _fw_crm_v=0f8ebc34-537c-407f-c3d2-33ced5f079fd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:09:33 GMT
content-type: text/plain; charset=UTF-8
set-cookie: __cf_bm=zj_JJZiBS2vJ7A39VmizXzgbAHYcD7EHzU9PVF9qArY-1670555373-0-ARly/nI6dJNOquqDht4f9wRcphQmDMs6Fy0+irL+nbtTXlzSqHCBl1a+mj/XGfmxibckc5/pUadCjn4CWG8BUOtcWblCqYwzepS8yISI9DIa0tSpYagTahIT73jLwEMeOa45NkUHV0I8abto1/R3a5w=; path=/; expires=Fri, 09-Dec-22 03:39:33 GMT; domain=.doctordong.vn; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776a8ae91c2fb518-OSL
content-encoding: br
X-Firefox-Spdy: h2
doctordong.vn/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1670544000
104.16.119.40200 OK 0 B URL HTTP/2 doctordong.vn/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1670544000
IP 104.16.119.40:0
GET /cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1670544000 HTTP/1.1
Host: doctordong.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __cfruid=29fbdc0f4b53ab6385fd217a1d19d5f976033a51-1670555371; url_log=https%3A%2F%2Fdoctordong.vn%2F%3Fclick_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b%26utm_medium%3Dcpa%26utm_source%3Dpdlprofit%26utm_term%3D32995; utm_medium_true_sec=R0gzZHUxbFhQZkgzSHJyN0JEdmN6UT09LS1UZWxWVW1xNWVyQ1RuanRpb1hFNWFRPT0%3D--4b1e5ad0e9a424736e5f9691d3c5a59e96f3db21; utm_source_true_sec=Y2dNaXhmUnFSOEc2MGs1YVJJUkJWdz09LS15OTA3dlErejJ0c1c1d215VENqMVdRPT0%3D--abb94f8745b0d21e8e9ac9c7e46bdde99a1ef350; utm_term_true_sec=SEtLQVlLR3NuMFBhcWozNmZIQ2E2UT09LS16YWlTQUdYeWJhWjIwMUxTRkJjSkZBPT0%3D--36ae2e3027c0ec8957b7fd05832e74d66d40ca84; cet=Qkg5YVRqM3dyOEZwd0YvczdpQ3FNNzNxSXg0bzNEdjVCR0hVTXJlUTVnZz0tLXk4VGhyeFovTjhYalN3RHZ6ZERKVkE9PQ%3D%3D--60c52289dae5d59da419ae1bd7e075651caa9a07; utm_source_sec=d2MzS3JnaE1SUzd3L1JBQURSWTk1UT09LS1YRmRwbkw1Wnh1RmVYblZRRXpHYVBnPT0%3D--53cab07ce8042e089405fbbd280e819bb5eb6316; utm_medium_sec=WlNrS2kxZE1GajhrRkJpeTlLd2lGZz09LS01RDZ1UXFlb3VkVDBVSHpLSlVNZHpnPT0%3D--f7e3d46fb32f1e15c673d3f2e8320bd664516e28; utm_term_sec=bEtGY2ZaQUFoNm5FcmNjdDhLd1haUT09LS1LVk9sTmxuRTlNUWphVDFSM1lqc3B3PT0%3D--0fadb5225afdfbe1d257edb0aa714f68d4a3e3ea; click_id_sec=dzhTakNETjFsTU94ZTI1SVk2TlNiU2puOFRIaVVZZWFjeTdvbm82d1d0VFY5aDM4NzRFQ0FtQWlzQnpyb04yOS0tUThUaHFoZUlscDRKRlJTREczVld1dz09--97b3f151d36462ca95cc8df9e6a3e298760aa740; product_code_sec=aUV6ems4MUNYaFpha05rWjluLzdEZz09LS1SaHROVkRTWnZjbjNmWmI3NE9UVVNnPT0%3D--63eb9166b4d7abe526ca4cdd5ab5244795366a76; _doctordong_session=UEFwRVpmL3pUQ3BrWTBIVmFnbE9MMTlHOFNhUGF2b1pqRC9POWd1eXA5d2hlZklTK2ZBZjJxYVlKVjV4MGJQalpIRyt6dDRzUCs5YVNxaFN4b2NMZWJaNkRZakIxc0syWWQwQW55Zkk2bHNGZ1JndXhMRXZlWXRNWjJrWkdKQmVCR2w1UXN3RlM3Y3F6azRQcTczbTNIUHBvMnJ6QmtKUlhpUzd4eDFOa0xLMjAzSU1icnBRK1FHWCtpSi8rRUJEcmFBMVFtYTR1ckFCQ2ZZMFhCYzBtd2FxTEN3QWU3Um1aN0dQQTN1UWNYWmwrTHdqZUFuTmYvZmtjc1dKM2hCV0FMQWF1QjFkbENQUjRjbEgxOXdsMEs5SHlrMFp2TnIvendISDdxc0ZsUG9obER5K25PdkV0R0RESG1pT1E1S1hPVHpNenVXaWtqZ2FONjdnelhiTTVWdkZFTS93U3FRQ3dJelVrNlR5TWZzPS0tekZNYkZ6dTBmb3M0YVVDYUZPMW9jQT09--68e4e71d009bfaa0e24339255c89d891c36af420; _pk_ref.20.6db0=%5B%22pdlprofit%22%2C%2232995%22%2C1670555371%2C%22%22%5D; _pk_id.20.6db0=8d33527c549d5109.1670555371.; _pk_ses.20.6db0=1; _ga_ZEYJ6ZK33W=GS1.1.1670555371.1.0.1670555371.0.0.0; _ga=GA1.1.942068333.1670555371
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:09:32 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
cache-control: max-age=14400, public
x-control-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776a8ae54ac4b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
doctordong.vn/packs/media/images/version_merge/iphone_back-83a9cb6b1e8be31f7bacd1e9e6c2ce99.png
104.16.119.40200 OK 0 B URL HTTP/2 doctordong.vn/packs/media/images/version_merge/iphone_back-83a9cb6b1e8be31f7bacd1e9e6c2ce99.png
IP 104.16.119.40:0
GET /packs/media/images/version_merge/iphone_back-83a9cb6b1e8be31f7bacd1e9e6c2ce99.png HTTP/1.1
Host: doctordong.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doctordong.vn/packs/css/application-16208a23.css
Cookie: __cfruid=29fbdc0f4b53ab6385fd217a1d19d5f976033a51-1670555371; url_log=https%3A%2F%2Fdoctordong.vn%2F%3Fclick_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b%26utm_medium%3Dcpa%26utm_source%3Dpdlprofit%26utm_term%3D32995; utm_medium_true_sec=R0gzZHUxbFhQZkgzSHJyN0JEdmN6UT09LS1UZWxWVW1xNWVyQ1RuanRpb1hFNWFRPT0%3D--4b1e5ad0e9a424736e5f9691d3c5a59e96f3db21; utm_source_true_sec=Y2dNaXhmUnFSOEc2MGs1YVJJUkJWdz09LS15OTA3dlErejJ0c1c1d215VENqMVdRPT0%3D--abb94f8745b0d21e8e9ac9c7e46bdde99a1ef350; utm_term_true_sec=SEtLQVlLR3NuMFBhcWozNmZIQ2E2UT09LS16YWlTQUdYeWJhWjIwMUxTRkJjSkZBPT0%3D--36ae2e3027c0ec8957b7fd05832e74d66d40ca84; cet=Qkg5YVRqM3dyOEZwd0YvczdpQ3FNNzNxSXg0bzNEdjVCR0hVTXJlUTVnZz0tLXk4VGhyeFovTjhYalN3RHZ6ZERKVkE9PQ%3D%3D--60c52289dae5d59da419ae1bd7e075651caa9a07; utm_source_sec=d2MzS3JnaE1SUzd3L1JBQURSWTk1UT09LS1YRmRwbkw1Wnh1RmVYblZRRXpHYVBnPT0%3D--53cab07ce8042e089405fbbd280e819bb5eb6316; utm_medium_sec=WlNrS2kxZE1GajhrRkJpeTlLd2lGZz09LS01RDZ1UXFlb3VkVDBVSHpLSlVNZHpnPT0%3D--f7e3d46fb32f1e15c673d3f2e8320bd664516e28; utm_term_sec=bEtGY2ZaQUFoNm5FcmNjdDhLd1haUT09LS1LVk9sTmxuRTlNUWphVDFSM1lqc3B3PT0%3D--0fadb5225afdfbe1d257edb0aa714f68d4a3e3ea; click_id_sec=dzhTakNETjFsTU94ZTI1SVk2TlNiU2puOFRIaVVZZWFjeTdvbm82d1d0VFY5aDM4NzRFQ0FtQWlzQnpyb04yOS0tUThUaHFoZUlscDRKRlJTREczVld1dz09--97b3f151d36462ca95cc8df9e6a3e298760aa740; product_code_sec=aUV6ems4MUNYaFpha05rWjluLzdEZz09LS1SaHROVkRTWnZjbjNmWmI3NE9UVVNnPT0%3D--63eb9166b4d7abe526ca4cdd5ab5244795366a76; _doctordong_session=UEFwRVpmL3pUQ3BrWTBIVmFnbE9MMTlHOFNhUGF2b1pqRC9POWd1eXA5d2hlZklTK2ZBZjJxYVlKVjV4MGJQalpIRyt6dDRzUCs5YVNxaFN4b2NMZWJaNkRZakIxc0syWWQwQW55Zkk2bHNGZ1JndXhMRXZlWXRNWjJrWkdKQmVCR2w1UXN3RlM3Y3F6azRQcTczbTNIUHBvMnJ6QmtKUlhpUzd4eDFOa0xLMjAzSU1icnBRK1FHWCtpSi8rRUJEcmFBMVFtYTR1ckFCQ2ZZMFhCYzBtd2FxTEN3QWU3Um1aN0dQQTN1UWNYWmwrTHdqZUFuTmYvZmtjc1dKM2hCV0FMQWF1QjFkbENQUjRjbEgxOXdsMEs5SHlrMFp2TnIvendISDdxc0ZsUG9obER5K25PdkV0R0RESG1pT1E1S1hPVHpNenVXaWtqZ2FONjdnelhiTTVWdkZFTS93U3FRQ3dJelVrNlR5TWZzPS0tekZNYkZ6dTBmb3M0YVVDYUZPMW9jQT09--68e4e71d009bfaa0e24339255c89d891c36af420; _pk_ref.20.6db0=%5B%22pdlprofit%22%2C%2232995%22%2C1670555371%2C%22%22%5D; _pk_id.20.6db0=8d33527c549d5109.1670555371.; _pk_ses.20.6db0=1; _ga_ZEYJ6ZK33W=GS1.1.1670555371.1.0.1670555371.0.0.0; _ga=GA1.1.942068333.1670555371; timeToPressBorrow=0; _fw_crm_v=0f8ebc34-537c-407f-c3d2-33ced5f079fd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:09:32 GMT
content-type: image/png
content-length: 254646
expires: Mon, 06 Dec 2032 03:09:32 GMT
cache-control: public, max-age=315360000
last-modified: Wed, 07 Dec 2022 03:05:13 GMT
cf-cache-status: HIT
age: 173059
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776a8ae5aaf2b518-OSL
X-Firefox-Spdy: h2
assetscdn-wchat.freshchat.com/static/assets/fd-messaging.70b5110e6eed58324691.js
54.230.111.126200 OK 0 B URL HTTP/2 assetscdn-wchat.freshchat.com/static/assets/fd-messaging.70b5110e6eed58324691.js
IP 54.230.111.126:0
GET /static/assets/fd-messaging.70b5110e6eed58324691.js HTTP/1.1
Host: assetscdn-wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wchat.freshchat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 12:27:58 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Fri, 09 Dec 2022 03:08:38 GMT
cache-control: max-age=31536000, no-transform, public
expires: Fri, 01 Dec 2023 12:27:52 GMT
etag: W/"a575d616c2f2189f6befb324344343ab"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IidQPbuFYsUf9GfxuAZZqUvpJRdSqEcSq2QEzScUcgRB8fUukgePGg==
age: 69
X-Firefox-Spdy: h2
doctordong.vn/packs/css/application-16208a23.css
104.16.119.40200 OK 0 B URL HTTP/2 doctordong.vn/packs/css/application-16208a23.css
IP 104.16.119.40:0
GET /packs/css/application-16208a23.css HTTP/1.1
Host: doctordong.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doctordong.vn/?utm_source=pdlprofit&utm_medium=cpa&utm_term=32995&click_id=ac22cf0f3fa21f455d4bb82c8121124e8f64cd8b
Cookie: __cfruid=29fbdc0f4b53ab6385fd217a1d19d5f976033a51-1670555371; url_log=https%3A%2F%2Fdoctordong.vn%2F%3Fclick_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b%26utm_medium%3Dcpa%26utm_source%3Dpdlprofit%26utm_term%3D32995; utm_medium_true_sec=R0gzZHUxbFhQZkgzSHJyN0JEdmN6UT09LS1UZWxWVW1xNWVyQ1RuanRpb1hFNWFRPT0%3D--4b1e5ad0e9a424736e5f9691d3c5a59e96f3db21; utm_source_true_sec=Y2dNaXhmUnFSOEc2MGs1YVJJUkJWdz09LS15OTA3dlErejJ0c1c1d215VENqMVdRPT0%3D--abb94f8745b0d21e8e9ac9c7e46bdde99a1ef350; utm_term_true_sec=SEtLQVlLR3NuMFBhcWozNmZIQ2E2UT09LS16YWlTQUdYeWJhWjIwMUxTRkJjSkZBPT0%3D--36ae2e3027c0ec8957b7fd05832e74d66d40ca84; cet=Qkg5YVRqM3dyOEZwd0YvczdpQ3FNNzNxSXg0bzNEdjVCR0hVTXJlUTVnZz0tLXk4VGhyeFovTjhYalN3RHZ6ZERKVkE9PQ%3D%3D--60c52289dae5d59da419ae1bd7e075651caa9a07; utm_source_sec=d2MzS3JnaE1SUzd3L1JBQURSWTk1UT09LS1YRmRwbkw1Wnh1RmVYblZRRXpHYVBnPT0%3D--53cab07ce8042e089405fbbd280e819bb5eb6316; utm_medium_sec=WlNrS2kxZE1GajhrRkJpeTlLd2lGZz09LS01RDZ1UXFlb3VkVDBVSHpLSlVNZHpnPT0%3D--f7e3d46fb32f1e15c673d3f2e8320bd664516e28; utm_term_sec=bEtGY2ZaQUFoNm5FcmNjdDhLd1haUT09LS1LVk9sTmxuRTlNUWphVDFSM1lqc3B3PT0%3D--0fadb5225afdfbe1d257edb0aa714f68d4a3e3ea; click_id_sec=dzhTakNETjFsTU94ZTI1SVk2TlNiU2puOFRIaVVZZWFjeTdvbm82d1d0VFY5aDM4NzRFQ0FtQWlzQnpyb04yOS0tUThUaHFoZUlscDRKRlJTREczVld1dz09--97b3f151d36462ca95cc8df9e6a3e298760aa740; product_code_sec=aUV6ems4MUNYaFpha05rWjluLzdEZz09LS1SaHROVkRTWnZjbjNmWmI3NE9UVVNnPT0%3D--63eb9166b4d7abe526ca4cdd5ab5244795366a76; _doctordong_session=UEFwRVpmL3pUQ3BrWTBIVmFnbE9MMTlHOFNhUGF2b1pqRC9POWd1eXA5d2hlZklTK2ZBZjJxYVlKVjV4MGJQalpIRyt6dDRzUCs5YVNxaFN4b2NMZWJaNkRZakIxc0syWWQwQW55Zkk2bHNGZ1JndXhMRXZlWXRNWjJrWkdKQmVCR2w1UXN3RlM3Y3F6azRQcTczbTNIUHBvMnJ6QmtKUlhpUzd4eDFOa0xLMjAzSU1icnBRK1FHWCtpSi8rRUJEcmFBMVFtYTR1ckFCQ2ZZMFhCYzBtd2FxTEN3QWU3Um1aN0dQQTN1UWNYWmwrTHdqZUFuTmYvZmtjc1dKM2hCV0FMQWF1QjFkbENQUjRjbEgxOXdsMEs5SHlrMFp2TnIvendISDdxc0ZsUG9obER5K25PdkV0R0RESG1pT1E1S1hPVHpNenVXaWtqZ2FONjdnelhiTTVWdkZFTS93U3FRQ3dJelVrNlR5TWZzPS0tekZNYkZ6dTBmb3M0YVVDYUZPMW9jQT09--68e4e71d009bfaa0e24339255c89d891c36af420
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:09:31 GMT
content-type: text/css
cache-control: public, max-age=315360000
cf-bgj: minify
expires: Mon, 06 Dec 2032 03:09:31 GMT
last-modified: Thu, 08 Dec 2022 05:08:29 GMT
cf-cache-status: HIT
age: 75723
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776a8ae0e973b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
assetscdn-wchat.freshchat.com/static/assets/3799.js
54.230.111.126200 OK 0 B URL HTTP/2 assetscdn-wchat.freshchat.com/static/assets/3799.js
IP 54.230.111.126:0
GET /static/assets/3799.js HTTP/1.1
Host: assetscdn-wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wchat.freshchat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 11:43:33 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Fri, 09 Dec 2022 03:09:16 GMT
cache-control: max-age=31536000, no-transform, public
expires: Fri, 01 Dec 2023 12:27:52 GMT
etag: W/"8180076189d919f05b9c73b7c659821f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jHfQTvoVBiXGy-hdhftKU2J1XfAsNZIiKqzkLZ1RzNgypFPT4JxEzA==
age: 30
X-Firefox-Spdy: h2
assetscdn-wchat.freshchat.com/static/fd-messaging.76925d88901c00a60140.css
54.230.111.126200 OK 0 B URL HTTP/2 assetscdn-wchat.freshchat.com/static/fd-messaging.76925d88901c00a60140.css
IP 54.230.111.126:0
GET /static/fd-messaging.76925d88901c00a60140.css HTTP/1.1
Host: assetscdn-wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wchat.freshchat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 27 Oct 2022 11:43:36 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Fri, 09 Dec 2022 03:09:33 GMT
cache-control: max-age=31536000, no-transform, public
expires: Fri, 01 Dec 2023 12:27:52 GMT
etag: W/"d7b50c07b9248a5b3580e8673cc25c3f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DiVbagzkAnZ7nhzVXMnHPlMy1zgEeksZwZ9wD5POSfC0J_ZZFQ3FXA==
age: 5
X-Firefox-Spdy: h2
assetscdn-wchat.freshchat.com/static/assets/chunk.1dc4795cd56d572db712.js
54.230.111.126200 OK 0 B URL HTTP/2 assetscdn-wchat.freshchat.com/static/assets/chunk.1dc4795cd56d572db712.js
IP 54.230.111.126:0
GET /static/assets/chunk.1dc4795cd56d572db712.js HTTP/1.1
Host: assetscdn-wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wchat.freshchat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 28 Nov 2022 06:43:59 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Fri, 09 Dec 2022 03:05:27 GMT
cache-control: max-age=31536000, no-transform, public
expires: Fri, 01 Dec 2023 12:27:52 GMT
etag: W/"c939aebf2ff94aae618963959833de70"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -Yk1kZBtpqHnOnfXjRPmaZP67ilOcsWaHVsXvrT8GouI3RQDp4rlDQ==
age: 283
X-Firefox-Spdy: h2
doctordong.vn/packs/media/images/version_merge/head_logo-7e8878cc31fa08b78d38ced8cdc224b0.svg
104.16.119.40200 OK 0 B URL HTTP/2 doctordong.vn/packs/media/images/version_merge/head_logo-7e8878cc31fa08b78d38ced8cdc224b0.svg
IP 104.16.119.40:0
Analyzer Verdict Alert fortinet Phishing
GET /packs/media/images/version_merge/head_logo-7e8878cc31fa08b78d38ced8cdc224b0.svg HTTP/1.1
Host: doctordong.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doctordong.vn/?utm_source=pdlprofit&utm_medium=cpa&utm_term=32995&click_id=ac22cf0f3fa21f455d4bb82c8121124e8f64cd8b
Cookie: __cfruid=29fbdc0f4b53ab6385fd217a1d19d5f976033a51-1670555371; url_log=https%3A%2F%2Fdoctordong.vn%2F%3Fclick_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b%26utm_medium%3Dcpa%26utm_source%3Dpdlprofit%26utm_term%3D32995; utm_medium_true_sec=R0gzZHUxbFhQZkgzSHJyN0JEdmN6UT09LS1UZWxWVW1xNWVyQ1RuanRpb1hFNWFRPT0%3D--4b1e5ad0e9a424736e5f9691d3c5a59e96f3db21; utm_source_true_sec=Y2dNaXhmUnFSOEc2MGs1YVJJUkJWdz09LS15OTA3dlErejJ0c1c1d215VENqMVdRPT0%3D--abb94f8745b0d21e8e9ac9c7e46bdde99a1ef350; utm_term_true_sec=SEtLQVlLR3NuMFBhcWozNmZIQ2E2UT09LS16YWlTQUdYeWJhWjIwMUxTRkJjSkZBPT0%3D--36ae2e3027c0ec8957b7fd05832e74d66d40ca84; cet=Qkg5YVRqM3dyOEZwd0YvczdpQ3FNNzNxSXg0bzNEdjVCR0hVTXJlUTVnZz0tLXk4VGhyeFovTjhYalN3RHZ6ZERKVkE9PQ%3D%3D--60c52289dae5d59da419ae1bd7e075651caa9a07; utm_source_sec=d2MzS3JnaE1SUzd3L1JBQURSWTk1UT09LS1YRmRwbkw1Wnh1RmVYblZRRXpHYVBnPT0%3D--53cab07ce8042e089405fbbd280e819bb5eb6316; utm_medium_sec=WlNrS2kxZE1GajhrRkJpeTlLd2lGZz09LS01RDZ1UXFlb3VkVDBVSHpLSlVNZHpnPT0%3D--f7e3d46fb32f1e15c673d3f2e8320bd664516e28; utm_term_sec=bEtGY2ZaQUFoNm5FcmNjdDhLd1haUT09LS1LVk9sTmxuRTlNUWphVDFSM1lqc3B3PT0%3D--0fadb5225afdfbe1d257edb0aa714f68d4a3e3ea; click_id_sec=dzhTakNETjFsTU94ZTI1SVk2TlNiU2puOFRIaVVZZWFjeTdvbm82d1d0VFY5aDM4NzRFQ0FtQWlzQnpyb04yOS0tUThUaHFoZUlscDRKRlJTREczVld1dz09--97b3f151d36462ca95cc8df9e6a3e298760aa740; product_code_sec=aUV6ems4MUNYaFpha05rWjluLzdEZz09LS1SaHROVkRTWnZjbjNmWmI3NE9UVVNnPT0%3D--63eb9166b4d7abe526ca4cdd5ab5244795366a76; _doctordong_session=UEFwRVpmL3pUQ3BrWTBIVmFnbE9MMTlHOFNhUGF2b1pqRC9POWd1eXA5d2hlZklTK2ZBZjJxYVlKVjV4MGJQalpIRyt6dDRzUCs5YVNxaFN4b2NMZWJaNkRZakIxc0syWWQwQW55Zkk2bHNGZ1JndXhMRXZlWXRNWjJrWkdKQmVCR2w1UXN3RlM3Y3F6azRQcTczbTNIUHBvMnJ6QmtKUlhpUzd4eDFOa0xLMjAzSU1icnBRK1FHWCtpSi8rRUJEcmFBMVFtYTR1ckFCQ2ZZMFhCYzBtd2FxTEN3QWU3Um1aN0dQQTN1UWNYWmwrTHdqZUFuTmYvZmtjc1dKM2hCV0FMQWF1QjFkbENQUjRjbEgxOXdsMEs5SHlrMFp2TnIvendISDdxc0ZsUG9obER5K25PdkV0R0RESG1pT1E1S1hPVHpNenVXaWtqZ2FONjdnelhiTTVWdkZFTS93U3FRQ3dJelVrNlR5TWZzPS0tekZNYkZ6dTBmb3M0YVVDYUZPMW9jQT09--68e4e71d009bfaa0e24339255c89d891c36af420
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:09:31 GMT
content-type: image/svg+xml
expires: Mon, 06 Dec 2032 03:09:31 GMT
cache-control: public, max-age=315360000
last-modified: Fri, 02 Dec 2022 11:23:57 GMT
cf-cache-status: HIT
age: 173059
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776a8ae0f97cb518-OSL
content-encoding: br
X-Firefox-Spdy: h2
doctordong.vn/images/favicons/favicon.ico
104.16.119.40302 Found 0 B URL HTTP/2 doctordong.vn/images/favicons/favicon.ico
IP 104.16.119.40:0
GET /images/favicons/favicon.ico HTTP/1.1
Host: doctordong.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doctordong.vn/?utm_source=pdlprofit&utm_medium=cpa&utm_term=32995&click_id=ac22cf0f3fa21f455d4bb82c8121124e8f64cd8b
Cookie: __cfruid=29fbdc0f4b53ab6385fd217a1d19d5f976033a51-1670555371; url_log=https%3A%2F%2Fdoctordong.vn%2F%3Fclick_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b%26utm_medium%3Dcpa%26utm_source%3Dpdlprofit%26utm_term%3D32995; utm_medium_true_sec=R0gzZHUxbFhQZkgzSHJyN0JEdmN6UT09LS1UZWxWVW1xNWVyQ1RuanRpb1hFNWFRPT0%3D--4b1e5ad0e9a424736e5f9691d3c5a59e96f3db21; utm_source_true_sec=Y2dNaXhmUnFSOEc2MGs1YVJJUkJWdz09LS15OTA3dlErejJ0c1c1d215VENqMVdRPT0%3D--abb94f8745b0d21e8e9ac9c7e46bdde99a1ef350; utm_term_true_sec=SEtLQVlLR3NuMFBhcWozNmZIQ2E2UT09LS16YWlTQUdYeWJhWjIwMUxTRkJjSkZBPT0%3D--36ae2e3027c0ec8957b7fd05832e74d66d40ca84; cet=Qkg5YVRqM3dyOEZwd0YvczdpQ3FNNzNxSXg0bzNEdjVCR0hVTXJlUTVnZz0tLXk4VGhyeFovTjhYalN3RHZ6ZERKVkE9PQ%3D%3D--60c52289dae5d59da419ae1bd7e075651caa9a07; utm_source_sec=d2MzS3JnaE1SUzd3L1JBQURSWTk1UT09LS1YRmRwbkw1Wnh1RmVYblZRRXpHYVBnPT0%3D--53cab07ce8042e089405fbbd280e819bb5eb6316; utm_medium_sec=WlNrS2kxZE1GajhrRkJpeTlLd2lGZz09LS01RDZ1UXFlb3VkVDBVSHpLSlVNZHpnPT0%3D--f7e3d46fb32f1e15c673d3f2e8320bd664516e28; utm_term_sec=bEtGY2ZaQUFoNm5FcmNjdDhLd1haUT09LS1LVk9sTmxuRTlNUWphVDFSM1lqc3B3PT0%3D--0fadb5225afdfbe1d257edb0aa714f68d4a3e3ea; click_id_sec=dzhTakNETjFsTU94ZTI1SVk2TlNiU2puOFRIaVVZZWFjeTdvbm82d1d0VFY5aDM4NzRFQ0FtQWlzQnpyb04yOS0tUThUaHFoZUlscDRKRlJTREczVld1dz09--97b3f151d36462ca95cc8df9e6a3e298760aa740; product_code_sec=aUV6ems4MUNYaFpha05rWjluLzdEZz09LS1SaHROVkRTWnZjbjNmWmI3NE9UVVNnPT0%3D--63eb9166b4d7abe526ca4cdd5ab5244795366a76; _doctordong_session=UEFwRVpmL3pUQ3BrWTBIVmFnbE9MMTlHOFNhUGF2b1pqRC9POWd1eXA5d2hlZklTK2ZBZjJxYVlKVjV4MGJQalpIRyt6dDRzUCs5YVNxaFN4b2NMZWJaNkRZakIxc0syWWQwQW55Zkk2bHNGZ1JndXhMRXZlWXRNWjJrWkdKQmVCR2w1UXN3RlM3Y3F6azRQcTczbTNIUHBvMnJ6QmtKUlhpUzd4eDFOa0xLMjAzSU1icnBRK1FHWCtpSi8rRUJEcmFBMVFtYTR1ckFCQ2ZZMFhCYzBtd2FxTEN3QWU3Um1aN0dQQTN1UWNYWmwrTHdqZUFuTmYvZmtjc1dKM2hCV0FMQWF1QjFkbENQUjRjbEgxOXdsMEs5SHlrMFp2TnIvendISDdxc0ZsUG9obER5K25PdkV0R0RESG1pT1E1S1hPVHpNenVXaWtqZ2FONjdnelhiTTVWdkZFTS93U3FRQ3dJelVrNlR5TWZzPS0tekZNYkZ6dTBmb3M0YVVDYUZPMW9jQT09--68e4e71d009bfaa0e24339255c89d891c36af420; _pk_ref.20.6db0=%5B%22pdlprofit%22%2C%2232995%22%2C1670555371%2C%22%22%5D; _pk_id.20.6db0=8d33527c549d5109.1670555371.; _pk_ses.20.6db0=1; _ga_ZEYJ6ZK33W=GS1.1.1670555371.1.0.1670555371.0.0.0; _ga=GA1.1.942068333.1670555371
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Fri, 09 Dec 2022 03:09:33 GMT
content-type: text/html; charset=utf-8
location: https://doctordong.vn/404?redirect_from=https%3A%2F%2Fdoctordong.vn%2Fimages%2Ffavicons%2Ffavicon.ico
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: no-cache
x-request-id: c252a512-7dbc-4f5b-a3eb-25d2786ca8b0
x-runtime: 0.033928
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 776a8ae54ac3b518-OSL
X-Firefox-Spdy: h2
assetscdn-wchat.freshchat.com/static/assets/chunk.9938837881ee5355d084.js
54.230.111.126200 OK 0 B URL HTTP/2 assetscdn-wchat.freshchat.com/static/assets/chunk.9938837881ee5355d084.js
IP 54.230.111.126:0
GET /static/assets/chunk.9938837881ee5355d084.js HTTP/1.1
Host: assetscdn-wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wchat.freshchat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 12:27:57 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Fri, 09 Dec 2022 03:07:29 GMT
cache-control: max-age=31536000, no-transform, public
expires: Fri, 01 Dec 2023 12:27:52 GMT
etag: W/"daac960ffa002e906acd414b6f246293"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GZ5evboqkNwUl6tAmxfZFK_Nrmr5hNIw0pGNQud7MBy0qao-JNfINA==
age: 139
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
104.16.57.101200 OK 0 B URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP 104.16.57.101:0
GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://doctordong.vn
Connection: keep-alive
Referer: https://doctordong.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:09:32 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 776a8ae36f5d1c06-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
doctordong.vn/packs/js/components/main/applications/slider_components/why_us-e64f268934594510c230.js
104.16.119.40200 OK 0 B URL HTTP/2 doctordong.vn/packs/js/components/main/applications/slider_components/why_us-e64f268934594510c230.js
IP 104.16.119.40:0
Analyzer Verdict Alert fortinet Phishing
GET /packs/js/components/main/applications/slider_components/why_us-e64f268934594510c230.js HTTP/1.1
Host: doctordong.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doctordong.vn/?utm_source=pdlprofit&utm_medium=cpa&utm_term=32995&click_id=ac22cf0f3fa21f455d4bb82c8121124e8f64cd8b
Cookie: __cfruid=29fbdc0f4b53ab6385fd217a1d19d5f976033a51-1670555371; url_log=https%3A%2F%2Fdoctordong.vn%2F%3Fclick_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b%26utm_medium%3Dcpa%26utm_source%3Dpdlprofit%26utm_term%3D32995; utm_medium_true_sec=R0gzZHUxbFhQZkgzSHJyN0JEdmN6UT09LS1UZWxWVW1xNWVyQ1RuanRpb1hFNWFRPT0%3D--4b1e5ad0e9a424736e5f9691d3c5a59e96f3db21; utm_source_true_sec=Y2dNaXhmUnFSOEc2MGs1YVJJUkJWdz09LS15OTA3dlErejJ0c1c1d215VENqMVdRPT0%3D--abb94f8745b0d21e8e9ac9c7e46bdde99a1ef350; utm_term_true_sec=SEtLQVlLR3NuMFBhcWozNmZIQ2E2UT09LS16YWlTQUdYeWJhWjIwMUxTRkJjSkZBPT0%3D--36ae2e3027c0ec8957b7fd05832e74d66d40ca84; cet=Qkg5YVRqM3dyOEZwd0YvczdpQ3FNNzNxSXg0bzNEdjVCR0hVTXJlUTVnZz0tLXk4VGhyeFovTjhYalN3RHZ6ZERKVkE9PQ%3D%3D--60c52289dae5d59da419ae1bd7e075651caa9a07; utm_source_sec=d2MzS3JnaE1SUzd3L1JBQURSWTk1UT09LS1YRmRwbkw1Wnh1RmVYblZRRXpHYVBnPT0%3D--53cab07ce8042e089405fbbd280e819bb5eb6316; utm_medium_sec=WlNrS2kxZE1GajhrRkJpeTlLd2lGZz09LS01RDZ1UXFlb3VkVDBVSHpLSlVNZHpnPT0%3D--f7e3d46fb32f1e15c673d3f2e8320bd664516e28; utm_term_sec=bEtGY2ZaQUFoNm5FcmNjdDhLd1haUT09LS1LVk9sTmxuRTlNUWphVDFSM1lqc3B3PT0%3D--0fadb5225afdfbe1d257edb0aa714f68d4a3e3ea; click_id_sec=dzhTakNETjFsTU94ZTI1SVk2TlNiU2puOFRIaVVZZWFjeTdvbm82d1d0VFY5aDM4NzRFQ0FtQWlzQnpyb04yOS0tUThUaHFoZUlscDRKRlJTREczVld1dz09--97b3f151d36462ca95cc8df9e6a3e298760aa740; product_code_sec=aUV6ems4MUNYaFpha05rWjluLzdEZz09LS1SaHROVkRTWnZjbjNmWmI3NE9UVVNnPT0%3D--63eb9166b4d7abe526ca4cdd5ab5244795366a76; _doctordong_session=UEFwRVpmL3pUQ3BrWTBIVmFnbE9MMTlHOFNhUGF2b1pqRC9POWd1eXA5d2hlZklTK2ZBZjJxYVlKVjV4MGJQalpIRyt6dDRzUCs5YVNxaFN4b2NMZWJaNkRZakIxc0syWWQwQW55Zkk2bHNGZ1JndXhMRXZlWXRNWjJrWkdKQmVCR2w1UXN3RlM3Y3F6azRQcTczbTNIUHBvMnJ6QmtKUlhpUzd4eDFOa0xLMjAzSU1icnBRK1FHWCtpSi8rRUJEcmFBMVFtYTR1ckFCQ2ZZMFhCYzBtd2FxTEN3QWU3Um1aN0dQQTN1UWNYWmwrTHdqZUFuTmYvZmtjc1dKM2hCV0FMQWF1QjFkbENQUjRjbEgxOXdsMEs5SHlrMFp2TnIvendISDdxc0ZsUG9obER5K25PdkV0R0RESG1pT1E1S1hPVHpNenVXaWtqZ2FONjdnelhiTTVWdkZFTS93U3FRQ3dJelVrNlR5TWZzPS0tekZNYkZ6dTBmb3M0YVVDYUZPMW9jQT09--68e4e71d009bfaa0e24339255c89d891c36af420
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:09:31 GMT
content-type: application/javascript
cache-control: public, max-age=315360000
cf-bgj: minify
cf-polished: origSize=137072
expires: Mon, 06 Dec 2032 03:09:31 GMT
last-modified: Wed, 30 Nov 2022 11:20:29 GMT
cf-cache-status: HIT
age: 173059
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776a8ae0f978b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
doctordong.vn/packs/js/components/main/home/index-7a1f7b059b9bcd81283b.js
104.16.119.40200 OK 0 B URL HTTP/2 doctordong.vn/packs/js/components/main/home/index-7a1f7b059b9bcd81283b.js
IP 104.16.119.40:0
Analyzer Verdict Alert fortinet Phishing
GET /packs/js/components/main/home/index-7a1f7b059b9bcd81283b.js HTTP/1.1
Host: doctordong.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doctordong.vn/?utm_source=pdlprofit&utm_medium=cpa&utm_term=32995&click_id=ac22cf0f3fa21f455d4bb82c8121124e8f64cd8b
Cookie: __cfruid=29fbdc0f4b53ab6385fd217a1d19d5f976033a51-1670555371; url_log=https%3A%2F%2Fdoctordong.vn%2F%3Fclick_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b%26utm_medium%3Dcpa%26utm_source%3Dpdlprofit%26utm_term%3D32995; utm_medium_true_sec=R0gzZHUxbFhQZkgzSHJyN0JEdmN6UT09LS1UZWxWVW1xNWVyQ1RuanRpb1hFNWFRPT0%3D--4b1e5ad0e9a424736e5f9691d3c5a59e96f3db21; utm_source_true_sec=Y2dNaXhmUnFSOEc2MGs1YVJJUkJWdz09LS15OTA3dlErejJ0c1c1d215VENqMVdRPT0%3D--abb94f8745b0d21e8e9ac9c7e46bdde99a1ef350; utm_term_true_sec=SEtLQVlLR3NuMFBhcWozNmZIQ2E2UT09LS16YWlTQUdYeWJhWjIwMUxTRkJjSkZBPT0%3D--36ae2e3027c0ec8957b7fd05832e74d66d40ca84; cet=Qkg5YVRqM3dyOEZwd0YvczdpQ3FNNzNxSXg0bzNEdjVCR0hVTXJlUTVnZz0tLXk4VGhyeFovTjhYalN3RHZ6ZERKVkE9PQ%3D%3D--60c52289dae5d59da419ae1bd7e075651caa9a07; utm_source_sec=d2MzS3JnaE1SUzd3L1JBQURSWTk1UT09LS1YRmRwbkw1Wnh1RmVYblZRRXpHYVBnPT0%3D--53cab07ce8042e089405fbbd280e819bb5eb6316; utm_medium_sec=WlNrS2kxZE1GajhrRkJpeTlLd2lGZz09LS01RDZ1UXFlb3VkVDBVSHpLSlVNZHpnPT0%3D--f7e3d46fb32f1e15c673d3f2e8320bd664516e28; utm_term_sec=bEtGY2ZaQUFoNm5FcmNjdDhLd1haUT09LS1LVk9sTmxuRTlNUWphVDFSM1lqc3B3PT0%3D--0fadb5225afdfbe1d257edb0aa714f68d4a3e3ea; click_id_sec=dzhTakNETjFsTU94ZTI1SVk2TlNiU2puOFRIaVVZZWFjeTdvbm82d1d0VFY5aDM4NzRFQ0FtQWlzQnpyb04yOS0tUThUaHFoZUlscDRKRlJTREczVld1dz09--97b3f151d36462ca95cc8df9e6a3e298760aa740; product_code_sec=aUV6ems4MUNYaFpha05rWjluLzdEZz09LS1SaHROVkRTWnZjbjNmWmI3NE9UVVNnPT0%3D--63eb9166b4d7abe526ca4cdd5ab5244795366a76; _doctordong_session=UEFwRVpmL3pUQ3BrWTBIVmFnbE9MMTlHOFNhUGF2b1pqRC9POWd1eXA5d2hlZklTK2ZBZjJxYVlKVjV4MGJQalpIRyt6dDRzUCs5YVNxaFN4b2NMZWJaNkRZakIxc0syWWQwQW55Zkk2bHNGZ1JndXhMRXZlWXRNWjJrWkdKQmVCR2w1UXN3RlM3Y3F6azRQcTczbTNIUHBvMnJ6QmtKUlhpUzd4eDFOa0xLMjAzSU1icnBRK1FHWCtpSi8rRUJEcmFBMVFtYTR1ckFCQ2ZZMFhCYzBtd2FxTEN3QWU3Um1aN0dQQTN1UWNYWmwrTHdqZUFuTmYvZmtjc1dKM2hCV0FMQWF1QjFkbENQUjRjbEgxOXdsMEs5SHlrMFp2TnIvendISDdxc0ZsUG9obER5K25PdkV0R0RESG1pT1E1S1hPVHpNenVXaWtqZ2FONjdnelhiTTVWdkZFTS93U3FRQ3dJelVrNlR5TWZzPS0tekZNYkZ6dTBmb3M0YVVDYUZPMW9jQT09--68e4e71d009bfaa0e24339255c89d891c36af420
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:09:31 GMT
content-type: application/javascript
cache-control: public, max-age=315360000
cf-bgj: minify
cf-polished: origSize=207758
expires: Mon, 06 Dec 2032 03:09:31 GMT
last-modified: Fri, 02 Dec 2022 11:23:57 GMT
cf-cache-status: HIT
age: 173059
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776a8ae0f97bb518-OSL
content-encoding: br
X-Firefox-Spdy: h2
assetscdn-wchat.freshchat.com/static/assets/vendor.d64d219ca4493f67a3970efc52d51c86.css
54.230.111.126200 OK 0 B URL HTTP/2 assetscdn-wchat.freshchat.com/static/assets/vendor.d64d219ca4493f67a3970efc52d51c86.css
IP 54.230.111.126:0
GET /static/assets/vendor.d64d219ca4493f67a3970efc52d51c86.css HTTP/1.1
Host: assetscdn-wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wchat.freshchat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 27 Oct 2022 11:43:36 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Fri, 09 Dec 2022 03:06:33 GMT
cache-control: max-age=31536000, no-transform, public
expires: Fri, 01 Dec 2023 12:27:52 GMT
etag: W/"d64d219ca4493f67a3970efc52d51c86"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JMWzfd1_PScX00VBpP41uSg4nJTEPdd0o8Wbn_d_gER9RbOvRZvOdg==
age: 182
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Charm
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Charm
IP 142.250.74.106:0
GET /css?family=Charm HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doctordong.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 03:09:31 GMT
date: Fri, 09 Dec 2022 03:09:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dev.visualwebsiteoptimizer.com/j.php?a=227657&u=https%3A%2F%2Fdoctordong.vn%2F%3Futm_source%3Dpdlprofit%26utm_medium%3Dcpa%26utm_term%3D32995%26click_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b&r=0.4103211117977108
34.96.102.137200 OK 0 B URL HTTP/2 dev.visualwebsiteoptimizer.com/j.php?a=227657&u=https%3A%2F%2Fdoctordong.vn%2F%3Futm_source%3Dpdlprofit%26utm_medium%3Dcpa%26utm_term%3D32995%26click_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b&r=0.4103211117977108
IP 34.96.102.137:0
GET /j.php?a=227657&u=https%3A%2F%2Fdoctordong.vn%2F%3Futm_source%3Dpdlprofit%26utm_medium%3Dcpa%26utm_term%3D32995%26click_id%3Dac22cf0f3fa21f455d4bb82c8121124e8f64cd8b&r=0.4103211117977108 HTTP/1.1
Host: dev.visualwebsiteoptimizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doctordong.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 03:09:32 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=0, no-cache, must-revalidate
server: gams1
timing-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2