r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6203
Expires: Sun, 29 Jan 2023 15:11:36 GMT
Date: Sun, 29 Jan 2023 13:28:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5953
Expires: Sun, 29 Jan 2023 15:07:26 GMT
Date: Sun, 29 Jan 2023 13:28:13 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 12:35:37 GMT
content-type: application/json
age: 3156
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9401
Expires: Sun, 29 Jan 2023 16:04:54 GMT
Date: Sun, 29 Jan 2023 13:28:13 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: yU4aPS7748qXAzCOxiDI5UoVwBe/E6G0shNrxBuJuvi4K9xsIixmkK0iwFH0ak3HCnW1JMHTrus=
x-amz-request-id: MGQZTZXA7350YGCM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 12:50:19 GMT
age: 2275
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 13:28:14 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 12:41:41 GMT
age: 2793
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
hdcreditvn.com/
154.221.16.49200 OK 7.4 kB IP 154.221.16.49:0
ASN #133115 HK Kwaifong Group Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1401), with CRLF line terminators
Hash 705fab6e125674ea1a4c2c441fb0e7fc
33f5003c5d7f9f3e0dd413051130017daeee9689
af136c134c0aad791aee8cea12edbd4e6928df10695f2dafc0a6062fb5d18681
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: hdcreditvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 13:28:14 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Cache-control: private
X-Powered-By: ThinkPHP
Set-Cookie: PHPSESSID=eahjlqugtpg4b2j2mdt1kjn582; path=/
Upgrade: h2
Connection: Upgrade, close
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7439
Content-Type: text/html; charset=utf-8
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4479
Expires: Sun, 29 Jan 2023 14:42:53 GMT
Date: Sun, 29 Jan 2023 13:28:14 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 0845f57793f045e56230ec3d56402114
0eab8b7bf2820792fbf99902f43516650850fa49
7aa91b2f7609646683a033acb63b590c6f051335320a517f47ba04c17c10d645
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=139820
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 13:28:14 GMT
Etag: "63d5f39a-116"
Expires: Tue, 31 Jan 2023 04:18:34 GMT
Last-Modified: Sun, 29 Jan 2023 04:18:34 GMT
Server: nginx
Content-Length: 278
push.services.mozilla.com/
52.39.122.167101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.122.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jAyNOkxRBqCaPg5QfdEwHA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: BdYZrXHa5/af2jaEKuxJbDVLFaY=
hdcreditvn.com/Public/home/css2/mui.min.css
154.221.16.49200 OK 12 kB URL HTTP/1.1 hdcreditvn.com/Public/home/css2/mui.min.css
IP 154.221.16.49:0
ASN #133115 HK Kwaifong Group Limited
File type ASCII text, with very long lines (65369), with CRLF line terminators
Hash 2eb8d399f35e87caea80b10b1b3121e3
da258b81574d6b3ea9ddd7dacea13f889a686591
1feb2a9086a27ef58e5e3ef09f231cd4fe8849b30dc774d5da4a769777244a95
GET /Public/home/css2/mui.min.css HTTP/1.1
Host: hdcreditvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hdcreditvn.com/
Cookie: PHPSESSID=eahjlqugtpg4b2j2mdt1kjn582
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 13:28:14 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Sat, 27 Jul 2019 06:39:36 GMT
ETag: "11fda-58ea3ec21ba00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12357
Content-Type: text/css
hdcreditvn.com/Public/home/css2/newpay-bb7fcb5546.css
154.221.16.49200 OK 6.1 kB URL HTTP/1.1 hdcreditvn.com/Public/home/css2/newpay-bb7fcb5546.css
IP 154.221.16.49:0
ASN #133115 HK Kwaifong Group Limited
File type Unicode text, UTF-8 text, with very long lines (22296)
Hash d84ef4c1b5c681943f379937872918e9
d89e3e2acdb2af3e08b834b13c1bd01743b1ca9f
480319d82ae7ca97f846d2713fe8cf49fb964420b70f9f41f3a2c7d8ba22837b
GET /Public/home/css2/newpay-bb7fcb5546.css HTTP/1.1
Host: hdcreditvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hdcreditvn.com/
Cookie: PHPSESSID=eahjlqugtpg4b2j2mdt1kjn582
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 13:28:14 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Fri, 26 Aug 2022 09:10:52 GMT
ETag: "5721-5e7214a6abf00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6113
Content-Type: text/css
hdcreditvn.com/Public/home/css2/feiqi-ee5401a8e6.css
154.221.16.49200 OK 16 kB URL HTTP/1.1 hdcreditvn.com/Public/home/css2/feiqi-ee5401a8e6.css
IP 154.221.16.49:0
ASN #133115 HK Kwaifong Group Limited
File type ASCII text, with very long lines (65534)
Hash 57cd8102fed7d63f93c48fa699c6ee1d
055be5dac311877043f2481763f4a5c301838405
b05b23c3e74c15fc80f5e3e53f070a099017bf4059e16611a081a93e08817e0d
GET /Public/home/css2/feiqi-ee5401a8e6.css HTTP/1.1
Host: hdcreditvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hdcreditvn.com/
Cookie: PHPSESSID=eahjlqugtpg4b2j2mdt1kjn582
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 13:28:14 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Fri, 26 Aug 2022 15:06:40 GMT
ETag: "10b22-5e72642db6000-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 15926
Content-Type: text/css
hdcreditvn.com/Public/home/css2/newindex-09d04b32f3.css
154.221.16.49200 OK 2.1 kB URL HTTP/1.1 hdcreditvn.com/Public/home/css2/newindex-09d04b32f3.css
IP 154.221.16.49:0
ASN #133115 HK Kwaifong Group Limited
File type ASCII text, with very long lines (7767), with no line terminators
Hash 880f4aa72c9b6aec11bfc48f1c70eab4
9e3dc7f893f04d4b2530596f316d5e2d5affdb89
a06483275b343f6a33234aeec07b217fecab4964963f3256768db089f260dcdb
GET /Public/home/css2/newindex-09d04b32f3.css HTTP/1.1
Host: hdcreditvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hdcreditvn.com/
Cookie: PHPSESSID=eahjlqugtpg4b2j2mdt1kjn582
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 13:28:14 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Sat, 24 Aug 2019 03:05:18 GMT
ETag: "1e57-590d4314ab780-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2142
Content-Type: text/css
hdcreditvn.com/Public/home/css3/index_index.css
154.221.16.49200 OK 4.0 kB URL HTTP/1.1 hdcreditvn.com/Public/home/css3/index_index.css
IP 154.221.16.49:0
ASN #133115 HK Kwaifong Group Limited
File type Unicode text, UTF-8 text, with very long lines (3979)
Hash 46470404db6ce6eead9a2d6df8112497
09981b22a7dbaea8a6f8221f0d17f650dbe3670c
78dda025e18e7c37b078464860452a3f8ee94911be3bc7703bc59e036d3552f7
GET /Public/home/css3/index_index.css HTTP/1.1
Host: hdcreditvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hdcreditvn.com/
Cookie: PHPSESSID=eahjlqugtpg4b2j2mdt1kjn582
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 13:28:14 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Fri, 09 Sep 2022 13:00:59 GMT
ETag: "55ce-5e83e23356318-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3951
Content-Type: text/css
hdcreditvn.com/Public/layui/css/layui.css
154.221.16.49200 OK 14 kB URL HTTP/1.1 hdcreditvn.com/Public/layui/css/layui.css
IP 154.221.16.49:0
ASN #133115 HK Kwaifong Group Limited
File type ASCII text, with very long lines (65536), with no line terminators
Hash 03bd1cc1f152e94deec16586ce2ec456
3543ba161b792d5fc362545c8c1d03929e1766c8
790f9e8058378272f93b1705daa9506ae3d176937dfda1e801aa4dd69a4deb8f
GET /Public/layui/css/layui.css HTTP/1.1
Host: hdcreditvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hdcreditvn.com/
Cookie: PHPSESSID=eahjlqugtpg4b2j2mdt1kjn582
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 13:28:14 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 08 Sep 2022 16:38:13 GMT
ETag: "14153-5e82d0e3d3d20-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14438
Content-Type: text/css
hdcreditvn.com/Public/home/js2/jquery.slider-min.js
154.221.16.49200 OK 4.5 kB URL HTTP/1.1 hdcreditvn.com/Public/home/js2/jquery.slider-min.js
IP 154.221.16.49:0
ASN #133115 HK Kwaifong Group Limited
File type ASCII text, with very long lines (14583), with no line terminators
Hash 63928e51f791a7ff4237e3e27fbcc112
af5b1d8a1d5e839d65d135bec551184232e8536c
c82cd33059afb45350f7a35953cd0814cfcf887fe96e2547890a2ef0c5ef1502
Analyzer Verdict Alert fortinet Phishing
GET /Public/home/js2/jquery.slider-min.js HTTP/1.1
Host: hdcreditvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hdcreditvn.com/
Cookie: PHPSESSID=eahjlqugtpg4b2j2mdt1kjn582
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 13:28:14 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 11 Oct 2018 04:41:18 GMT
ETag: "38f7-577ec94eb7780-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4450
Content-Type: application/javascript
hdcreditvn.com/Public/home/js2/jquery.dependClass.js
154.221.16.49200 OK 231 B URL HTTP/1.1 hdcreditvn.com/Public/home/js2/jquery.dependClass.js
IP 154.221.16.49:0
ASN #133115 HK Kwaifong Group Limited
File type ASCII text, with very long lines (636), with no line terminators
Hash 1b1ea312e7522e2d52af11575c3a9c30
c0fb7c5f9ff264820398aa0c2fe5592f5dd4432d
51e91677b0d0622e3cd4a9f9a064c1cd0a7cf2e98b1390cdd4757757daca4fa6
Analyzer Verdict Alert fortinet Phishing
GET /Public/home/js2/jquery.dependClass.js HTTP/1.1
Host: hdcreditvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hdcreditvn.com/
Cookie: PHPSESSID=eahjlqugtpg4b2j2mdt1kjn582
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 13:28:14 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Sat, 27 Jul 2019 06:40:08 GMT
ETag: "27c-58ea3ee0a0200-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 231
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 0845f57793f045e56230ec3d56402114
0eab8b7bf2820792fbf99902f43516650850fa49
7aa91b2f7609646683a033acb63b590c6f051335320a517f47ba04c17c10d645
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=139820
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 13:28:15 GMT
Etag: "63d5f39a-116"
Expires: Tue, 31 Jan 2023 04:18:35 GMT
Last-Modified: Sun, 29 Jan 2023 04:18:34 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278
hdcreditvn.com/Public/home/appjs/Index.js
154.221.16.49200 OK 1.7 kB URL HTTP/1.1 hdcreditvn.com/Public/home/appjs/Index.js
IP 154.221.16.49:0
ASN #133115 HK Kwaifong Group Limited
Hash c79e1f6bb633bd13acde0a2e6358ce02
9b278fe52feb709dea680c584e3e1af627396b5e
dfabf7010ae541566731e5024755a390efb88801ff8093ff04b4a37ca71524bb
Analyzer Verdict Alert fortinet Phishing
GET /Public/home/appjs/Index.js HTTP/1.1
Host: hdcreditvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hdcreditvn.com/
Cookie: PHPSESSID=eahjlqugtpg4b2j2mdt1kjn582
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 13:28:15 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 11 Oct 2018 04:41:18 GMT
ETag: "1828-577ec94eb7780-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1704
Content-Type: application/javascript
hdcreditvn.com/Public/home/js2/jquery.js
154.221.16.49200 OK 24 kB URL HTTP/1.1 hdcreditvn.com/Public/home/js2/jquery.js
IP 154.221.16.49:0
ASN #133115 HK Kwaifong Group Limited
File type ASCII text, with very long lines (32020)
Hash 5343b50e3ac926a9bc3324a89be477c3
3f1a9b650812a3ce4679b6d4627189da5c32b25a
c35dc61d056482643cca5c0bef41199d9a85ad216ff138820b90859373adc818
Analyzer Verdict Alert fortinet Phishing
GET /Public/home/js2/jquery.js HTTP/1.1
Host: hdcreditvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hdcreditvn.com/
Cookie: PHPSESSID=eahjlqugtpg4b2j2mdt1kjn582
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 13:28:14 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Sat, 27 Jul 2019 06:40:08 GMT
ETag: "11468-58ea3ee0a0200-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 23997
Content-Type: application/javascript
hdcreditvn.com/Public/layui/layui.js
154.221.16.49200 OK 94 kB URL HTTP/1.1 hdcreditvn.com/Public/layui/layui.js
IP 154.221.16.49:0
ASN #133115 HK Kwaifong Group Limited
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1fbad96fa1287470970f9c69e8559194
1ee7349e915eedbf6417645fb33d54b78031c5e2
98594ac2b6a9914bd326e683fc82cbded7e99db5d6526ef2dee958992465c634
Analyzer Verdict Alert fortinet Phishing
GET /Public/layui/layui.js HTTP/1.1
Host: hdcreditvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hdcreditvn.com/
Cookie: PHPSESSID=eahjlqugtpg4b2j2mdt1kjn582
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 13:28:14 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 08 Sep 2022 16:38:13 GMT
ETag: "4714a-5e82d0e35bf28-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript
tcredit-h5.b3ynxd.com/TCREDIT-h5/static/index.a5c69d49.css
172.67.153.125200 OK 25 kB URL HTTP/2 tcredit-h5.b3ynxd.com/TCREDIT-h5/static/index.a5c69d49.css
IP 172.67.153.125:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash cd7198c46c6ee16dd4cb09ee8cc186d2
ea7ada4db008d34b2f3ad4e777a65943fe3e12be
3a75b96550d9e978bd205a3d6f07f50ff9b041c7a322610b9fdd5c0cb57440ec
GET /TCREDIT-h5/static/index.a5c69d49.css HTTP/1.1
Host: tcredit-h5.b3ynxd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hdcreditvn.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:28:15 GMT
content-type: text/css
last-modified: Mon, 16 May 2022 10:23:11 GMT
vary: Accept-Encoding
etag: W/"6282260f-16ff2"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MMpudriUlaRVc1zdJUSoltApWXqcOMdvBMMs7TH%2FU6vz1x1049MDiBOb3JrmC9m%2B7VcLCIe2YbfkgQq%2BG3ltBEgdHN7L5nrTPq9OLCefOKUqk92dkrsh4BcqTgH5hua3uy55j6TWxKI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79124f5569961c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9396
Expires: Sun, 29 Jan 2023 16:04:52 GMT
Date: Sun, 29 Jan 2023 13:28:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4jPbm4WufkUKm7ljLvpHrJUFhr-JQ_nl3iYfI5S8nTqEszFdUtz9EQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 05:24:09 GMT
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
age: 29047
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: e6e0789c-a4a9-4ffa-a0ae-691770d1035b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPF9YEBmIAMF0kQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8388-01d2093432d3959903671a69;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: awfNeaKbFw2bjiTGwUrwUTxU-qbVS2eTjn948H8kn1hy7pi_DwLMlQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 17:35:56 GMT
age: 71540
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10a6491e2c1dfde68c7cd7297e70700f
d0f195319825a6d3e5e50ad15b2fcab27cb65896
4d9353d5874e5ea03c25e1562db5f479c222a48db526fdd10ede7c2e6a4dd874
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11470
x-amzn-requestid: 62d61967-9380-4ca9-b11a-531425dbd2ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIf6WFgAIAMF6gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce042-6d9fe51029094b7f37c0a648;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:05:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rUIvvkZQ028ey3klplI-x9oZFugon5HsAWT-SN2GQo5hBeBJWqoMAg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 23:12:28 GMT
age: 51348
etag: "d0f195319825a6d3e5e50ad15b2fcab27cb65896"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9396
Expires: Sun, 29 Jan 2023 16:04:52 GMT
Date: Sun, 29 Jan 2023 13:28:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd9499d0-2a81-41ee-b328-0d82ea64b349.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd9499d0-2a81-41ee-b328-0d82ea64b349.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57ff6665d99a17d06b75c8fe64c90ab3
05648eed6830a794aa7e30ba4da526ed4c45b0ca
728b809756a0faff1a55bb03f13f33e31518f321e50dd944a0267d585c09264c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd9499d0-2a81-41ee-b328-0d82ea64b349.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5198
x-amzn-requestid: 8117f45b-926a-4cbe-b152-dae983bc3526
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fOYdlG6XIAMF_vA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf3abd-7ce531f65f66ac3a73970841;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 01:56:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9qRYwsM8g7XZPY2E-9puCMAp7VKUvdIiK8jA0wr0XSpnMScoQYCwGw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 21:46:47 GMT
age: 56489
etag: "05648eed6830a794aa7e30ba4da526ed4c45b0ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9396
Expires: Sun, 29 Jan 2023 16:04:52 GMT
Date: Sun, 29 Jan 2023 13:28:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9396
Expires: Sun, 29 Jan 2023 16:04:52 GMT
Date: Sun, 29 Jan 2023 13:28:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c77437e3a7361861aed8bfecbfe6bd6
fefd238c13c0fdfb7d964c90fcc8a8cbbf953034
282d15c443cb6232ae0a30046a0dc24360617355a4651cdba59b11e6f7313d8a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5594
x-amzn-requestid: d56c9b84-dc1f-4d5c-91bf-7db55058bf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLyeEGOloAMFpzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce3126-5013a6b971d6800c5c85a4eb;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:03:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: D2ZAelkDgsd0wjoOSoPRwTzhozs84_aIcgwU-QmbDrTnHztVD0VL_A==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 14:57:16 GMT
age: 81060
etag: "fefd238c13c0fdfb7d964c90fcc8a8cbbf953034"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dcfee7f-f43c-4828-8113-8ba8eb26f727.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dcfee7f-f43c-4828-8113-8ba8eb26f727.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d5ed99a9aed6f367efc5c9498ce87ff1
3123eb6f550c51fe17fc62eff943b3739e239a9b
536f45bf2eb41f7056df8b34964538005d6a0a4c6157def3fbdd9487f8c79027
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dcfee7f-f43c-4828-8113-8ba8eb26f727.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10168
x-amzn-requestid: fe58fe3c-dd23-4614-b5a2-e91ef68c2ab7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fFOD7H-NIAMFcxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb907f-687fc51741d7ff97182d1955;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 07:13:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GEghrk0LlbdfqVAHey-W84Zk9XHT2PD268Vfxf85HEvil0Ra27YgPA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 03:43:37 GMT
age: 35079
etag: "3123eb6f550c51fe17fc62eff943b3739e239a9b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hdcreditvn.com/Public/home/imgs2/home.png
154.221.16.49200 OK 1.6 kB URL HTTP/1.1 hdcreditvn.com/Public/home/imgs2/home.png
IP 154.221.16.49:0
ASN #133115 HK Kwaifong Group Limited
File type PNG image data, 38 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash b1825caba8e3b7a01ca80249bd07b605
3ac9e49708db491494b34ce4cb26aeb69d67b14b
4b672f5798a95950b73acfb33e42f5d16ac7dfb5dab4423b31c3b3c0605e1d51
GET /Public/home/imgs2/home.png HTTP/1.1
Host: hdcreditvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hdcreditvn.com/
Cookie: PHPSESSID=eahjlqugtpg4b2j2mdt1kjn582
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 13:28:15 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Fri, 24 May 2019 05:51:54 GMT
ETag: "641-5899bcbb31280"
Accept-Ranges: bytes
Content-Length: 1601
Content-Type: image/png
ocsp2.globalsign.com/gsorganizationvalsha2g2
151.101.2.133200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 151.101.2.133:0
Hash 6f59094c74df7914b1c1a2d7b9d79d2b
bb8a2d92491a7917f554c818c7f5a70994ca133e
c88cd68581f82c1838d66407072b2f98c94ed802b0ea36128afe283e0b89bf86
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1459
Server: nginx
Content-Type: application/ocsp-response
Expires: Thu, 02 Feb 2023 12:00:39 GMT
ETag: "bb8a2d92491a7917f554c818c7f5a70994ca133e"
Last-Modified: Sun, 29 Jan 2023 12:00:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 29 Jan 2023 13:28:16 GMT
Age: 2644
X-Served-By: cache-qpg1252-QPG, cache-bma1667-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 9, 15
X-Timer: S1674998896.223275,VS0,VE0
hdcreditvn.com/Public/home/imgs3/wallets05.574e47de.png
154.221.16.49200 OK 8.4 kB URL HTTP/1.1 hdcreditvn.com/Public/home/imgs3/wallets05.574e47de.png
IP 154.221.16.49:0
ASN #133115 HK Kwaifong Group Limited
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash 574e47de9fb9937a459999d5463f75c6
a0db820084b4ea51803318161286d340ecdab381
ac50ee744410d4c90f221d99cfe2774df9555f19f74322a7ed126b2738457972
GET /Public/home/imgs3/wallets05.574e47de.png HTTP/1.1
Host: hdcreditvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hdcreditvn.com/
Cookie: PHPSESSID=eahjlqugtpg4b2j2mdt1kjn582
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 13:28:15 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 25 Aug 2022 13:55:34 GMT
ETag: "20ce-5e71126be0180"
Accept-Ranges: bytes
Content-Length: 8398
Content-Type: image/png
at.alicdn.com/t/font_2553192_tf84js8wu1a.woff2?t=1647348545141
47.246.44.251200 OK 16 kB URL HTTP/2 at.alicdn.com/t/font_2553192_tf84js8wu1a.woff2?t=1647348545141
IP 47.246.44.251:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type Web Open Font Format (Version 2), TrueType, length 16280, version 1.0\012- data
Hash 8368a329cec487e978ea5ac218c5e4b9
6c62b1d5558477ba8bff00171ce6d4e7f36bf0d4
dd149ad5bd6cfec76dc60935a969a0eb2287f4e1e3b26ead7d53e8a265615487
GET /t/font_2553192_tf84js8wu1a.woff2?t=1647348545141 HTTP/1.1
Host: at.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hdcreditvn.com
Connection: keep-alive
Referer: http://hdcreditvn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: font/woff2
content-length: 16280
date: Thu, 15 Sep 2022 07:56:07 GMT
x-oss-request-id: 6322DA9714A30E3730E9AE45
vary: Origin
accept-ranges: bytes
etag: "8368A329CEC487E978EA5AC218C5E4B9"
last-modified: Tue, 15 Mar 2022 12:49:05 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13175626373211212033
x-oss-storage-class: Standard
cache-control: max-age=63072000
content-md5: g2ijKc7Eh+l46lrCGMXkuQ==
x-oss-server-time: 47
ali-swift-global-savetime: 1663228568
via: cache4.l2us1[0,19,200-0,H], cache34.l2us1[21,0], cache2.se1[119,118,200-0,M], cache1.se1[120,0]
age: 0
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Sun, 29 Jan 2023 13:28:16 GMT
x-swift-cachetime: 19333672
access-control-allow-origin: *
timing-allow-origin: *
eagleid: 2ff62c9516749988962196386e
X-Firefox-Spdy: h2
hdcreditvn.com/Public/layui/css/modules/laydate/default/laydate.css?v=5.3.1
154.221.16.49200 OK 1.8 kB URL HTTP/1.1 hdcreditvn.com/Public/layui/css/modules/laydate/default/laydate.css?v=5.3.1
IP 154.221.16.49:0
ASN #133115 HK Kwaifong Group Limited
File type ASCII text, with very long lines (7787), with no line terminators
Hash 4b063779464daa5d66fbae97ef818e4e
c0b7e9d4a4da4b0e65ef027f4247c6f6dda23afe
4312a1068353f5c1cdc65c244bc071cf8c03c7e214864d73c9ca758946b719c7
Analyzer Verdict Alert fortinet Phishing
GET /Public/layui/css/modules/laydate/default/laydate.css?v=5.3.1 HTTP/1.1
Host: hdcreditvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hdcreditvn.com/
Cookie: PHPSESSID=eahjlqugtpg4b2j2mdt1kjn582
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 13:28:16 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 08 Sep 2022 16:38:18 GMT
ETag: "1e6b-5e82d0e87ee38-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1773
Content-Type: text/css
hdcreditvn.com/Public/layui/css/modules/layer/default/layer.css?v=3.5.1
154.221.16.49200 OK 2.8 kB URL HTTP/1.1 hdcreditvn.com/Public/layui/css/modules/layer/default/layer.css?v=3.5.1
IP 154.221.16.49:0
ASN #133115 HK Kwaifong Group Limited
File type ASCII text, with very long lines (14323), with no line terminators
Hash 6db068d299ed980593adcc1a02d26744
5dee0f37949a270fe46154bfcd96427bb5c58ee2
1e84c20a87436a3590381ed116e1d866a6033b2ec55c5326d845b20097043512
Analyzer Verdict Alert fortinet Phishing
GET /Public/layui/css/modules/layer/default/layer.css?v=3.5.1 HTTP/1.1
Host: hdcreditvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hdcreditvn.com/
Cookie: PHPSESSID=eahjlqugtpg4b2j2mdt1kjn582
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 13:28:16 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 08 Sep 2022 16:38:18 GMT
ETag: "37f3-5e82d0e83a0a8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2780
Content-Type: text/css
hdcreditvn.com/Public/lunbo1.jpg
154.221.16.49200 OK 58 kB URL HTTP/1.1 hdcreditvn.com/Public/lunbo1.jpg
IP 154.221.16.49:0
ASN #133115 HK Kwaifong Group Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, baseline, precision 8, 1280x680, components 3\012- data
Hash 1f4d06e00403e00680b37168ddbadc93
9282de6af1423f886cee2a1ce5e00df4776cbcf2
f02f9ca364cf972bf9f984312c4b125c0dbc6d337ce998ff7e28ca7bd96d7390
GET /Public/lunbo1.jpg HTTP/1.1
Host: hdcreditvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hdcreditvn.com/
Cookie: PHPSESSID=eahjlqugtpg4b2j2mdt1kjn582
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 13:28:15 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 08 Sep 2022 16:29:40 GMT
ETag: "e17f-5e82cefaf4358"
Accept-Ranges: bytes
Content-Length: 57727
Content-Type: image/jpeg
hdcreditvn.com/Public/layui/css/modules/code.css?v=3
154.221.16.49200 OK 545 B URL HTTP/1.1 hdcreditvn.com/Public/layui/css/modules/code.css?v=3
IP 154.221.16.49:0
ASN #133115 HK Kwaifong Group Limited
File type ASCII text, with very long lines (1738), with no line terminators
Hash dd6d7744b2c9a8188f23065e1d041ffe
b619c21f03c0ccd1fe75d2ad60005de6128add76
68b798cebdc284ccb8760fbf2ae40b57f8adf3427ec3b528ebe43d6257797e06
Analyzer Verdict Alert fortinet Phishing
GET /Public/layui/css/modules/code.css?v=3 HTTP/1.1
Host: hdcreditvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hdcreditvn.com/
Cookie: PHPSESSID=eahjlqugtpg4b2j2mdt1kjn582
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 13:28:16 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 08 Sep 2022 16:38:15 GMT
ETag: "6ca-5e82d0e5c90a8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 545
Content-Type: text/css
hdcreditvn.com/Public/lunbo2.jpg
154.221.16.49200 OK 81 kB URL HTTP/1.1 hdcreditvn.com/Public/lunbo2.jpg
IP 154.221.16.49:0
ASN #133115 HK Kwaifong Group Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, baseline, precision 8, 1280x783, components 3\012- data
Hash 72191a36118a58dd95ee3e5ad754fae4
06d980d180d7a3275f64ef5e02679bb446484f45
d67f5d2406e2159259809ed4e9cff4919ecff5b377938b18f7dfea53c613e040
GET /Public/lunbo2.jpg HTTP/1.1
Host: hdcreditvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hdcreditvn.com/
Cookie: PHPSESSID=eahjlqugtpg4b2j2mdt1kjn582
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 13:28:15 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 08 Sep 2022 16:29:41 GMT
ETag: "13c9b-5e82cefb4a258"
Accept-Ranges: bytes
Content-Length: 81051
Content-Type: image/jpeg
hdcreditvn.com/Public/lunbo3.jpg
154.221.16.49200 OK 110 kB URL HTTP/1.1 hdcreditvn.com/Public/lunbo3.jpg
IP 154.221.16.49:0
ASN #133115 HK Kwaifong Group Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, baseline, precision 8, 1280x749, components 3\012- data
Size 110 kB (109466 bytes)
Hash ba1ac453e82d654bee571cc89a3e405e
0edc15f9bac7a02613d7c4b332b6349afbe6903f
8dd506ea7a1e7df7d2a282e29c37d94614a88f0266602c4398dd2a42b040b31a
GET /Public/lunbo3.jpg HTTP/1.1
Host: hdcreditvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hdcreditvn.com/
Cookie: PHPSESSID=eahjlqugtpg4b2j2mdt1kjn582
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 13:28:15 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 08 Sep 2022 16:29:41 GMT
ETag: "1ab9a-5e82cefb9de30"
Accept-Ranges: bytes
Content-Length: 109466
Content-Type: image/jpeg
hdcreditvn.com/Public/home/imgs3/home_yn4.png
154.221.16.49200 OK 244 kB URL HTTP/1.1 hdcreditvn.com/Public/home/imgs3/home_yn4.png
IP 154.221.16.49:0
ASN #133115 HK Kwaifong Group Limited
File type PNG image data, 1280 x 310, 8-bit/color RGBA, non-interlaced\012- data
Size 244 kB (244075 bytes)
Hash d41faec9dea414150b5cf65435ce52b5
94bb6a4736995d17b86b76639d9945fd5d45438b
ac1cd98c040e3ee84268d3e0396096cf16ccf888e060ea3d0c013d61e8a0d0a4
GET /Public/home/imgs3/home_yn4.png HTTP/1.1
Host: hdcreditvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hdcreditvn.com/
Cookie: PHPSESSID=eahjlqugtpg4b2j2mdt1kjn582
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 13:28:15 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Fri, 26 Aug 2022 16:54:48 GMT
ETag: "3b96b-5e727c5926600"
Accept-Ranges: bytes
Content-Length: 244075
Content-Type: image/png
hdcreditvn.com/Public/layui/font/iconfont.woff2?v=256
154.221.16.49200 OK 26 kB URL HTTP/1.1 hdcreditvn.com/Public/layui/font/iconfont.woff2?v=256
IP 154.221.16.49:0
ASN #133115 HK Kwaifong Group Limited
File type Web Open Font Format (Version 2), TrueType, length 25964, version 1.0\012- data
Hash d8c214c89e33a7bea93d656bd865e869
c188dbfc6951b7c305940ac3a279227aeb5617f4
bef73f87b8a3972427dcece922ed8f59d1d01c4a3fd572316efa70de9aec9c09
GET /Public/layui/font/iconfont.woff2?v=256 HTTP/1.1
Host: hdcreditvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://hdcreditvn.com/Public/layui/css/layui.css
Cookie: PHPSESSID=eahjlqugtpg4b2j2mdt1kjn582
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 13:28:16 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 08 Sep 2022 16:38:14 GMT
ETag: "656c-5e82d0e4f4e20"
Accept-Ranges: bytes
Content-Length: 25964
Vary: Accept-Encoding
Content-Type: font/woff2
hdcreditvn.com/Public/home/fonts/mui.ttf
154.221.16.49200 OK 18 kB URL HTTP/1.1 hdcreditvn.com/Public/home/fonts/mui.ttf
IP 154.221.16.49:0
ASN #133115 HK Kwaifong Group Limited
File type TrueType Font data, 15 tables, 1st "FFTM", 12 names, Macintosh, type 1 string, iconfontMediumFontForge 2.0 : iconfont : 13-11-2015iconfontVersion 1.0 ; ttfautohint (v0.94) -l \012- data
Hash 5e42d5c35239d4c5f4054680fefdc929
b9b4f9a83ff58df17304a9c47e236f1aa122d263
1022fbf666188c953fc5134eeb8028e3a8446a3a5971ca234ff7db9ab8d48b2f
Analyzer Verdict Alert fortinet Phishing
GET /Public/home/fonts/mui.ttf HTTP/1.1
Host: hdcreditvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hdcreditvn.com/Public/home/css2/mui.min.css
Cookie: PHPSESSID=eahjlqugtpg4b2j2mdt1kjn582
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 13:28:16 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 25 Sep 2017 04:02:36 GMT
ETag: "74bc-559fba0faaf00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 18027
Content-Type: font/ttf
hdcreditvn.com/Public/home/imgs2/ico_foot22.png
154.221.16.49200 OK 934 B URL HTTP/1.1 hdcreditvn.com/Public/home/imgs2/ico_foot22.png
IP 154.221.16.49:0
ASN #133115 HK Kwaifong Group Limited
File type PNG image data, 25 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash c15f45cbf1b659256064a47ffb1ebfc2
1816afa4a0ca2906cc33a3d088b7acddfb54d32f
c71c5dd93076e6cf60dcb60908a90ef3bb6b8e29582b793217d93c863172affa
GET /Public/home/imgs2/ico_foot22.png HTTP/1.1
Host: hdcreditvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hdcreditvn.com/
Cookie: PHPSESSID=eahjlqugtpg4b2j2mdt1kjn582
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 13:28:17 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Thu, 01 Nov 2018 08:46:44 GMT
ETag: "3a6-5799675534500"
Accept-Ranges: bytes
Content-Length: 934
Content-Type: image/png
hdcreditvn.com/Public/home/imgs2/me2.png
154.221.16.49200 OK 751 B URL HTTP/1.1 hdcreditvn.com/Public/home/imgs2/me2.png
IP 154.221.16.49:0
ASN #133115 HK Kwaifong Group Limited
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 1368d37be1d628b72448e7aaab9ec8b4
42b65a5be97c4b481f21f609615a0c82c3af8e4d
412e82c64aa0bfd1f59704a1e636cbf9b4ae452350398267036c978d643d9613
GET /Public/home/imgs2/me2.png HTTP/1.1
Host: hdcreditvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hdcreditvn.com/
Cookie: PHPSESSID=eahjlqugtpg4b2j2mdt1kjn582
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 13:28:17 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Fri, 24 May 2019 05:51:56 GMT
ETag: "2ef-5899bcbd19700"
Accept-Ranges: bytes
Content-Length: 751
Content-Type: image/png
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash a0fc2996c00e28ee233c644967e7de6c
49410a8a35bde43c3852135917f6b315c18fb862
cf8ee000785d97db56a6b6127d11697666728d8f334e7a43b419a963323befa0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 13:28:18 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 01:40:21 GMT
Expires: Sat, 04 Feb 2023 01:40:20 GMT
Etag: "49410a8a35bde43c3852135917f6b315c18fb862"
Cache-Control: max-age=475322,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79124f670ebb0b61-OSL
hdcreditvn.com/Public/home/imgs/pico.png?a=a
154.221.16.49200 OK 28 kB URL HTTP/1.1 hdcreditvn.com/Public/home/imgs/pico.png?a=a
IP 154.221.16.49:0
ASN #133115 HK Kwaifong Group Limited
File type PNG image data, 100 x 1500, 8-bit/color RGBA, non-interlaced\012- data
Hash c0b413628675e99f1ebaddeda09f0842
c081ad3f02a8cb7a586f5d0f28873b27754e5d37
aad453765a5b49e9008766c4499e45ae50f05417dab82eea300584a24a107ff3
Analyzer Verdict Alert fortinet Phishing
GET /Public/home/imgs/pico.png?a=a HTTP/1.1
Host: hdcreditvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hdcreditvn.com/Public/home/css2/newpay-bb7fcb5546.css
Cookie: PHPSESSID=eahjlqugtpg4b2j2mdt1kjn582
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 13:28:17 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 25 Sep 2017 04:02:36 GMT
ETag: "6bb8-559fba0faaf00"
Accept-Ranges: bytes
Content-Length: 27576
Content-Type: image/png
hdcreditvn.com/Public/favicon.ico
154.221.16.49200 OK 5.6 kB URL HTTP/1.1 hdcreditvn.com/Public/favicon.ico
IP 154.221.16.49:0
ASN #133115 HK Kwaifong Group Limited
File type MS Windows icon resource - 1 icon, -128x-128, 32 bits/pixel\012- data
Hash 38c18b1149e3c518fa449b9d2926ac4c
58f4055cba3b15752a1b53c30260b0ef3e7d9873
662f69ee36ce5eb2c015d916f786112ce756c89a564c14187536e436b641e108
GET /Public/favicon.ico HTTP/1.1
Host: hdcreditvn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hdcreditvn.com/
Cookie: PHPSESSID=eahjlqugtpg4b2j2mdt1kjn582
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 13:28:17 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Wed, 26 Sep 2018 06:35:22 GMT
ETag: "1083e-576c06d3bfe80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5600
Content-Type: image/x-icon
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 13:28:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 13:28:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 13:28:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 13:28:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 13:28:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Inter:wght@400;500;600&display=swap
142.250.74.106200 OK 39 kB URL HTTP/2 fonts.googleapis.com/css2?family=Inter:wght@400;500;600&display=swap
IP 142.250.74.106:0
Hash ee163e1736260a4727cefd10de3cfc46
bedbf8425430f66cfdbb7cc2f411dfa2cd88d7d5
dcdfc0b9d53b377a7624a11e37c11f460c2572b632fa4f763e06577aec60c60d
GET /css2?family=Inter:wght@400;500;600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hdcreditvn.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 13:28:19 GMT
date: Sun, 29 Jan 2023 13:28:19 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2
216.58.207.227200 OK 57 kB URL HTTP/2 fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 56968, version 1.0\012- data
Hash 6256ef56b938ba30869c7a60d12e9600
2740fa67137026e4fae386baa827129dbd8b8490
45606f837ab8530c01f3602592ed7a118450be4ef3f629ca644d0543099e5c6b
GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hdcreditvn.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 56968
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 10:20:31 GMT
expires: Sun, 28 Jan 2024 10:20:31 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 21:29:14 GMT
content-type: font/woff2
age: 97668
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 13:28:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 13:28:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa2pL7SUc.woff2
216.58.207.227200 OK 8.6 kB URL HTTP/2 fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa2pL7SUc.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 8640, version 1.0\012- data
Hash 4f3fbd90d9fab7e1e66a90b2a2db0756
6e8a3798f5017a3f10f6c0969f24eb26fe7da44e
ac4e131ca9a592d8d092e617c759bc5ac35d411a11fdf1610ba834330ab94d91
GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa2pL7SUc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hdcreditvn.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8640
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 12:00:48 GMT
expires: Fri, 26 Jan 2024 12:00:48 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 20:53:46 GMT
content-type: font/woff2
age: 264451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 58df9d4857c8a2866994130769fd4919
01598a9283904c26ae08146057b4e2f762c06d69
c17acbb6f7a79469373a3a3c572315d9b5174232c90d036427fa1f549cd7f167
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 13:28:19 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 26 Jan 2023 08:56:41 GMT
Expires: Thu, 02 Feb 2023 08:56:40 GMT
Etag: "01598a9283904c26ae08146057b4e2f762c06d69"
Cache-Control: max-age=328700,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79124f72fb5c0b61-OSL
api.sbz.vn/4.0/accounts/acridpmqoqfwshibwkus/users/hbphrreuqinwyouskqcnicpnuyudiglraawmrccl?v=6&x-user-ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl
35.213.167.91200 OK 233 B URL HTTP/2 api.sbz.vn/4.0/accounts/acridpmqoqfwshibwkus/users/hbphrreuqinwyouskqcnicpnuyudiglraawmrccl?v=6&x-user-ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl
IP 35.213.167.91:0
File type JSON data\012- , ASCII text, with very long lines (425), with no line terminators
Hash 836e10773e5d7ecd81fdb6ceed03f863
7c6251ba60d2698e43fab4706db16bf35add9a41
7c006e024e55602fe568a15f93180f32f41680a7aa1b59aba32a58a42c772ebb
GET /4.0/accounts/acridpmqoqfwshibwkus/users/hbphrreuqinwyouskqcnicpnuyudiglraawmrccl?v=6&x-user-ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl HTTP/1.1
Host: api.sbz.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hdcreditvn.com
Connection: keep-alive
Referer: http://hdcreditvn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: http://hdcreditvn.com
cache-control: no-cache, max-age=0, must-revalidate
content-encoding: gzip
content-encoding2: gzip2
content-type: application/json; charset=utf-8
expires: -1
last-modified: Sun, 29 Jan 2023 13:28:19 GMT
vary: Accept-Encoding
x-api-host: api-7695f4d96-862t6
x-api-time: 12.5324ms
date: Sun, 29 Jan 2023 13:28:19 GMT
content-length: 233
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 1322e3b8bb364662cd595d1ec98889eb
4dc72dae7efb7d94f0ddad949d0865b185841e0b
d1a3d1fd0b86b5082325a71bf0f44eaa4342b4538307467c78621a6ff6994046
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=530
Date: Sun, 29 Jan 2023 13:28:20 GMT
Connection: keep-alive
X-N: S
api.sbz.vn/4.0/accounts/acridpmqoqfwshibwkus/is_online?v=6&x-user-ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl
35.213.167.91200 OK 71 B URL HTTP/2 api.sbz.vn/4.0/accounts/acridpmqoqfwshibwkus/is_online?v=6&x-user-ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl
IP 35.213.167.91:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7037bcff97cddb95ad321132b0b38ecb
3e177ba56e706c1244ee29096c563d07c0a4de21
284a7e23f7410c426dad32112accf61adde101710fa9d0eecc5e13a760b7e280
GET /4.0/accounts/acridpmqoqfwshibwkus/is_online?v=6&x-user-ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl HTTP/1.1
Host: api.sbz.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: http://hdcreditvn.com
Connection: keep-alive
Referer: http://hdcreditvn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: http://hdcreditvn.com
content-encoding: gzip
content-encoding2: gzip2
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-api-host: api-7695f4d96-spl8p
x-api-time: 9.240329ms
date: Sun, 29 Jan 2023 13:28:20 GMT
content-length: 71
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.sbz.vn/4.0/accounts/acridpmqoqfwshibwkus/users/usrojjlsiyimyswjjkfry?v=6&x-user-ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl
35.213.167.91200 OK 233 B URL HTTP/2 api.sbz.vn/4.0/accounts/acridpmqoqfwshibwkus/users/usrojjlsiyimyswjjkfry?v=6&x-user-ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl
IP 35.213.167.91:0
File type JSON data\012- , ASCII text, with very long lines (425), with no line terminators
Hash 836e10773e5d7ecd81fdb6ceed03f863
7c6251ba60d2698e43fab4706db16bf35add9a41
7c006e024e55602fe568a15f93180f32f41680a7aa1b59aba32a58a42c772ebb
GET /4.0/accounts/acridpmqoqfwshibwkus/users/usrojjlsiyimyswjjkfry?v=6&x-user-ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl HTTP/1.1
Host: api.sbz.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: http://hdcreditvn.com
Connection: keep-alive
Referer: http://hdcreditvn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: http://hdcreditvn.com
cache-control: no-cache, max-age=0, must-revalidate
content-encoding: gzip
content-encoding2: gzip2
content-type: application/json; charset=utf-8
expires: -1
last-modified: Sun, 29 Jan 2023 13:28:19 GMT
vary: Accept-Encoding
x-api-host: api-7695f4d96-2t8xz
x-api-time: 11.534216ms
date: Sun, 29 Jan 2023 13:28:20 GMT
content-length: 233
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 3737a5be3ddc8197dda4159c393ef4e5
36b646c6e39f79f7442172006e488e217c2b0d67
e0ca37119ae51a778b615a6da25cda5cf4f8796c71b63d1c5d520eff6966fe61
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 13:28:20 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 26 Jan 2023 12:08:15 GMT
Expires: Thu, 02 Feb 2023 12:08:14 GMT
Etag: "36b646c6e39f79f7442172006e488e217c2b0d67"
Cache-Control: max-age=340193,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79124f762ea50b61-OSL
cdn.dcloud.net.cn/img/shadow-grey.png
47.96.94.32200 OK 136 B URL HTTP/1.1 cdn.dcloud.net.cn/img/shadow-grey.png
IP 47.96.94.32:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 1 x 6, 4-bit colormap, non-interlaced\012- data
Hash 5a962adf74d92ae702467b3f47976547
36f74049375584e3fa69b5ef87e9572336ff9e7a
ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f
GET /img/shadow-grey.png HTTP/1.1
Host: cdn.dcloud.net.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tcredit-h5.b3ynxd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 13:28:20 GMT
Content-Type: image/png
Content-Length: 136
Last-Modified: Thu, 06 Jun 2019 06:42:07 GMT
Connection: close
ETag: "5cf8b5bf-88"
Expires: Sun, 29 Jan 2023 15:28:20 GMT
Cache-Control: max-age=7200
Set-Cookie: __uni__uid=CgIBX2PWdHRqsQVsPrz2Ag==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dcloud.net.cn; path=/; secure; httponly; samesite=none
Accept-Ranges: bytes
api.sbz.vn/4.0/accounts/acridpmqoqfwshibwkus/conversations?v=6&user_id=usrojjlsiyimyswjjkfry&integration_id=acridpmqoqfwshibwkus.subizv4.subikon&x-user-ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl
35.213.167.91200 OK 47 B URL HTTP/2 api.sbz.vn/4.0/accounts/acridpmqoqfwshibwkus/conversations?v=6&user_id=usrojjlsiyimyswjjkfry&integration_id=acridpmqoqfwshibwkus.subizv4.subikon&x-user-ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl
IP 35.213.167.91:0
File type JSON data\012- , ASCII text, with no line terminators
Hash fb876cc4c8ce5eeb15796533a6ee5ea1
1662c9599fefe4d17299f53f1d79435577e16209
4ed7b04a415cec83796f8f1572cc89fd16ac387ea0575b1a1b69e5764e645bd4
GET /4.0/accounts/acridpmqoqfwshibwkus/conversations?v=6&user_id=usrojjlsiyimyswjjkfry&integration_id=acridpmqoqfwshibwkus.subizv4.subikon&x-user-ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl HTTP/1.1
Host: api.sbz.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: http://hdcreditvn.com
Connection: keep-alive
Referer: http://hdcreditvn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: http://hdcreditvn.com
cache-control: no-cache, max-age=0, must-revalidate
content-encoding: gzip
content-encoding2: gzip2
content-type: application/json; charset=utf-8
expires: -1
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
vary: Accept-Encoding
x-api-host: api-7695f4d96-spl8p
x-api-time: 27.391012ms
date: Sun, 29 Jan 2023 13:28:20 GMT
content-length: 47
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.sbz.vn/4.0/accounts/acridpmqoqfwshibwkus/users/usrojjlsiyimyswjjkfry/events?v=6&x-user-ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl
35.213.167.91200 OK 404 B URL HTTP/2 api.sbz.vn/4.0/accounts/acridpmqoqfwshibwkus/users/usrojjlsiyimyswjjkfry/events?v=6&x-user-ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl
IP 35.213.167.91:0
File type JSON data\012- , ASCII text, with very long lines (615), with no line terminators
Hash d0d98f08be78ca5b7636f9316dd29d42
bb19e7a4c374e5921fa44a135ba6c496805ed510
6a3aae73dcbe2e59208897bcdaccd107b8a206084109223c409307d150062b23
POST /4.0/accounts/acridpmqoqfwshibwkus/users/usrojjlsiyimyswjjkfry/events?v=6&x-user-ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl HTTP/1.1
Host: api.sbz.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 471
Origin: http://hdcreditvn.com
Connection: keep-alive
Referer: http://hdcreditvn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: http://hdcreditvn.com
content-encoding: gzip
content-encoding2: gzip2
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-api-host: api-7695f4d96-bb8w5
x-api-time: 17.12601ms
date: Sun, 29 Jan 2023 13:28:20 GMT
content-length: 404
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.sbz.vn/4.0/accounts/acridpmqoqfwshibwkus/users/usrojjlsiyimyswjjkfry/events?v=6&x-user-ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl
35.213.167.91200 OK 405 B URL HTTP/2 api.sbz.vn/4.0/accounts/acridpmqoqfwshibwkus/users/usrojjlsiyimyswjjkfry/events?v=6&x-user-ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl
IP 35.213.167.91:0
File type JSON data\012- , ASCII text, with very long lines (615), with no line terminators
Hash 41253acf78a273431f80d262fa2ff2af
9e992e89acb4d135ec8193cd237a17d2e2fa2f23
a3e821560e7b810b296f455a2e64a7d2ee5d144010dcbf9d9e7cce2973c22049
POST /4.0/accounts/acridpmqoqfwshibwkus/users/usrojjlsiyimyswjjkfry/events?v=6&x-user-ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl HTTP/1.1
Host: api.sbz.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 471
Origin: http://hdcreditvn.com
Connection: keep-alive
Referer: http://hdcreditvn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: http://hdcreditvn.com
content-encoding: gzip
content-encoding2: gzip2
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-api-host: api-7695f4d96-862t6
x-api-time: 15.249457ms
date: Sun, 29 Jan 2023 13:28:20 GMT
content-length: 405
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.sbz.vn/rt/0/subs?token=&user_ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl&account_id=acridpmqoqfwshibwkus
35.213.167.91200 OK 875 B URL HTTP/2 api.sbz.vn/rt/0/subs?token=&user_ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl&account_id=acridpmqoqfwshibwkus
IP 35.213.167.91:0
File type JSON data\012- , ASCII text, with very long lines (875), with no line terminators
Hash e302627ddb5465b98fdfa0eed932129d
2382309df2a78821037a35e8c753c95e2b5abb83
9f543942ee451b0b59357f9d6fe54e343b1010ff28fe2e07f82eb90a9f384757
POST /rt/0/subs?token=&user_ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl&account_id=acridpmqoqfwshibwkus HTTP/1.1
Host: api.sbz.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 715
Origin: http://hdcreditvn.com
Connection: keep-alive
Referer: http://hdcreditvn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: http://hdcreditvn.com
content-length: 875
content-type: application/json; charset=utf-8
date: Sun, 29 Jan 2023 13:28:20 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.sbz.vn/4.0/accounts/acridpmqoqfwshibwkus/is_online?v=6&x-user-ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl
35.213.167.91200 OK 71 B URL HTTP/2 api.sbz.vn/4.0/accounts/acridpmqoqfwshibwkus/is_online?v=6&x-user-ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl
IP 35.213.167.91:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7037bcff97cddb95ad321132b0b38ecb
3e177ba56e706c1244ee29096c563d07c0a4de21
284a7e23f7410c426dad32112accf61adde101710fa9d0eecc5e13a760b7e280
GET /4.0/accounts/acridpmqoqfwshibwkus/is_online?v=6&x-user-ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl HTTP/1.1
Host: api.sbz.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: http://hdcreditvn.com
Connection: keep-alive
Referer: http://hdcreditvn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: http://hdcreditvn.com
content-encoding: gzip
content-encoding2: gzip2
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-api-host: api-7695f4d96-5mght
x-api-time: 2.189603ms
date: Sun, 29 Jan 2023 13:28:21 GMT
content-length: 71
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.sbz.vn/4.0/accounts/acridpmqoqfwshibwkus/users/usrojjlsiyimyswjjkfry?v=6&x-user-ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl
35.213.167.91200 OK 281 B URL HTTP/2 api.sbz.vn/4.0/accounts/acridpmqoqfwshibwkus/users/usrojjlsiyimyswjjkfry?v=6&x-user-ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl
IP 35.213.167.91:0
File type JSON data\012- , ASCII text, with very long lines (499), with no line terminators
Hash 6038bd1b678da0e700a2a28c5c3c0357
73141b71bf3ae4571501ea8bab09ffa61dd2d645
19dee58f3d3d9eaa1ed2518f297781c5df234193075131019521274eaa16a316
GET /4.0/accounts/acridpmqoqfwshibwkus/users/usrojjlsiyimyswjjkfry?v=6&x-user-ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl HTTP/1.1
Host: api.sbz.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: http://hdcreditvn.com
Connection: keep-alive
Referer: http://hdcreditvn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Sun, 29 Jan 2023 13:28:19 GMT
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: http://hdcreditvn.com
cache-control: no-cache, max-age=0, must-revalidate
content-encoding: gzip
content-encoding2: gzip2
content-type: application/json; charset=utf-8
expires: -1
last-modified: Sun, 29 Jan 2023 13:28:20 GMT
vary: Accept-Encoding
x-api-host: api-7695f4d96-q62kr
x-api-time: 8.216486ms
date: Sun, 29 Jan 2023 13:28:21 GMT
content-length: 281
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.sbz.vn/4.0/accounts/acridpmqoqfwshibwkus/locales/vi-VN?v=6&x-user-ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl
35.213.167.91200 OK 2.7 kB URL HTTP/2 api.sbz.vn/4.0/accounts/acridpmqoqfwshibwkus/locales/vi-VN?v=6&x-user-ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl
IP 35.213.167.91:0
Hash fe36fee6e09acdf1cebfef5d62968428
a3d10d8bc9390e2cb26995baed355a70499a3a60
d072d162ec2224c945a69034f7c940e066a8526c1433566cbc0fb8933409e99a
GET /4.0/accounts/acridpmqoqfwshibwkus/locales/vi-VN?v=6&x-user-ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl HTTP/1.1
Host: api.sbz.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: http://hdcreditvn.com
Connection: keep-alive
Referer: http://hdcreditvn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: http://hdcreditvn.com
cache-control: no-cache, max-age=0, must-revalidate
content-encoding: gzip
content-encoding2: gzip2
content-type: application/json; charset=utf-8
expires: -1
last-modified: Thu, 01 Dec 2022 06:38:25 GMT
vary: Accept-Encoding
x-api-host: api-7695f4d96-5mght
x-api-time: 1.132179ms
date: Sun, 29 Jan 2023 13:28:20 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.sbz.vn/4.0/accounts/acridpmqoqfwshibwkus/settings?v=6&x-user-ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl
35.213.167.91304 Not Modified 0 B URL HTTP/2 api.sbz.vn/4.0/accounts/acridpmqoqfwshibwkus/settings?v=6&x-user-ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl
IP 35.213.167.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /4.0/accounts/acridpmqoqfwshibwkus/settings?v=6&x-user-ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl HTTP/1.1
Host: api.sbz.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: http://hdcreditvn.com
Connection: keep-alive
Referer: http://hdcreditvn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Wed, 30 Nov 2022 10:23:42 GMT
TE: trailers
HTTP/2 304 Not Modified
access-control-allow-credentials: true
access-control-allow-origin: http://hdcreditvn.com
cache-control: no-cache, max-age=0, must-revalidate
content-encoding: gzip
content-encoding2: gzip2
expires: -1
last-modified: Wed, 30 Nov 2022 10:23:42 GMT
vary: Accept-Encoding
x-304: true
x-api-host: api-7695f4d96-q62kr
x-api-time: 10.633982ms
date: Sun, 29 Jan 2023 13:28:21 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.sbz.vn/4.0/accounts/acridpmqoqfwshibwkus/conversations?v=6&user_id=usrojjlsiyimyswjjkfry&integration_id=acridpmqoqfwshibwkus.subizv4.subikon&x-user-ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl
35.213.167.91304 Not Modified 0 B URL HTTP/2 api.sbz.vn/4.0/accounts/acridpmqoqfwshibwkus/conversations?v=6&user_id=usrojjlsiyimyswjjkfry&integration_id=acridpmqoqfwshibwkus.subizv4.subikon&x-user-ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl
IP 35.213.167.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /4.0/accounts/acridpmqoqfwshibwkus/conversations?v=6&user_id=usrojjlsiyimyswjjkfry&integration_id=acridpmqoqfwshibwkus.subizv4.subikon&x-user-ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl HTTP/1.1
Host: api.sbz.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: http://hdcreditvn.com
Connection: keep-alive
Referer: http://hdcreditvn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 01 Jan 1970 00:00:01 GMT
TE: trailers
HTTP/2 304 Not Modified
access-control-allow-credentials: true
access-control-allow-origin: http://hdcreditvn.com
cache-control: no-cache, max-age=0, must-revalidate
content-encoding: gzip
content-encoding2: gzip2
expires: -1
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
vary: Accept-Encoding
x-304: true
x-api-host: api-7695f4d96-5qpb2
x-api-time: 15.518608ms
date: Sun, 29 Jan 2023 13:28:21 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hdcreditvn.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 19:33:54 GMT
expires: Thu, 25 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 323668
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
216.58.207.227200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11872, version 1.0\012- data
Hash 87ace20058325aa069320aa4af875dff
b743548770c46d905ae1ba06310bc001c587fe8e
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hdcreditvn.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 14:50:08 GMT
expires: Wed, 24 Jan 2024 14:50:08 GMT
cache-control: public, max-age=31536000
age: 427094
last-modified: Wed, 11 May 2022 19:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type gzip compressed data, max compression\012- data
Hash d93f9bb4a2ff271fd5c4d5f0b7847caa
7446bc01120f1c3bb933601ac1696ceb5b3f5421
37d18c58874b6e5c0a1efaa364f922338efac01b014923e11210f179ac7cb428
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hdcreditvn.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 07:51:59 GMT
expires: Thu, 25 Jan 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 365783
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
216.58.207.227200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11800, version 1.0\012- data
Hash e36fccd06262bef92e7a9841e2202225
b907dd02819497b3942220e0aa160c167195506b
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hdcreditvn.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11800
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 00:55:59 GMT
expires: Mon, 29 Jan 2024 00:55:59 GMT
cache-control: public, max-age=31536000
age: 45143
last-modified: Wed, 11 May 2022 19:25:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.sbz.vn/4.0/accounts/acridpmqoqfwshibwkus/settings?v=6&x-user-ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl
35.213.167.91200 OK 0 B URL HTTP/2 api.sbz.vn/4.0/accounts/acridpmqoqfwshibwkus/settings?v=6&x-user-ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl
IP 35.213.167.91:0
GET /4.0/accounts/acridpmqoqfwshibwkus/settings?v=6&x-user-ref=hbphrreuqinwyouskqcnicpnuyudiglraawmrccl HTTP/1.1
Host: api.sbz.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: http://hdcreditvn.com
Connection: keep-alive
Referer: http://hdcreditvn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: http://hdcreditvn.com
cache-control: no-cache, max-age=0, must-revalidate
content-encoding: gzip
content-encoding2: gzip2
content-type: application/json; charset=utf-8
expires: -1
last-modified: Wed, 30 Nov 2022 10:23:42 GMT
vary: Accept-Encoding
x-api-host: api-7695f4d96-5mght
x-api-time: 8.770911ms
date: Sun, 29 Jan 2023 13:28:20 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
vcdn.subiz-cdn.com/widget-v4/public/18586085852.132.js
118.69.83.90200 OK 0 B URL HTTP/2 vcdn.subiz-cdn.com/widget-v4/public/18586085852.132.js
IP 118.69.83.90:0
ASN #18403 FPT Telecom Company
GET /widget-v4/public/18586085852.132.js HTTP/1.1
Host: vcdn.subiz-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hdcreditvn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:28:21 GMT
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=946080000
content-language: en
expires: Fri, 26 Jan 2024 07:43:30 GMT
last-modified: Fri, 06 Jan 2023 07:43:08 GMT
x-goog-generation: 1672990988900847
x-goog-hash: crc32c=Ml0CdQ==, md5=CFqN7k6MlvfA8GJl5+WerA==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 30478
x-guploader-uploadid: ADPycdubhbQifNUeoW4HuCiLq-A5DoWi7fv7uZq3i2Rqfzy_PMJJEJUkEXVmgsVN9kNt5Qx01n3SeqRtQPrgLrtQbBytfU_gyxY1
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-html-optimize: true
x-js-min: true
x-css-min: true
x-https-rewrite: false
content-encoding: gzip
strict-transport-security: max-age=946080000;includeSubDomains;preload
x-content-type-options: nosniff
x-cache: HIT
x-cache-version: 0
x-request-time: 0.000
X-Firefox-Spdy: h2
vcdn.subiz-cdn.com/widget-v4/public/18586085852.441.js
118.69.83.90200 OK 0 B URL HTTP/2 vcdn.subiz-cdn.com/widget-v4/public/18586085852.441.js
IP 118.69.83.90:0
ASN #18403 FPT Telecom Company
GET /widget-v4/public/18586085852.441.js HTTP/1.1
Host: vcdn.subiz-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hdcreditvn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:28:22 GMT
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=946080000
content-language: en
expires: Sat, 06 Jan 2024 07:43:26 GMT
last-modified: Fri, 06 Jan 2023 07:43:08 GMT
x-goog-generation: 1672990988923153
x-goog-hash: crc32c=B1MdZw==, md5=UrmH8PWpv8EuXX8ihkmDtA==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 11648
x-guploader-uploadid: ADPycdsy5AtvR8iW4T_VUqvn0ExZzYBm66cNczpNA_Pl7U4qPpRFU67PWn_buIlLGzL1ex7GhAMLiQXPktpwA9gW7fItvQ
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-html-optimize: true
x-js-min: true
x-css-min: true
x-https-rewrite: false
content-encoding: gzip
strict-transport-security: max-age=946080000;includeSubDomains;preload
x-content-type-options: nosniff
x-cache: HIT
x-cache-version: 0
x-request-time: 0.000
X-Firefox-Spdy: h2
vcdn.subiz-cdn.com/widget-v4/public/18586085852.app.js
118.69.83.90200 OK 0 B URL HTTP/2 vcdn.subiz-cdn.com/widget-v4/public/18586085852.app.js
IP 118.69.83.90:0
ASN #18403 FPT Telecom Company
GET /widget-v4/public/18586085852.app.js HTTP/1.1
Host: vcdn.subiz-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hdcreditvn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:28:18 GMT
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=946080000
content-language: en
expires: Sat, 06 Jan 2024 07:43:25 GMT
last-modified: Fri, 06 Jan 2023 07:43:08 GMT
x-goog-generation: 1672990988936393
x-goog-hash: crc32c=8g5QBg==, md5=lgXUbKIJgH030s7DHuxJKw==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 34173
x-guploader-uploadid: ADPycdtsDJEj-Vcse4XQdB4-BGlAgzfL_Eewdk5Jfd-7kdvmSMzw-1BUgp_hhpHzQoS5g17a7DpERt77stCXVGIWvawArQ
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-html-optimize: true
x-js-min: true
x-css-min: true
x-https-rewrite: false
content-encoding: gzip
strict-transport-security: max-age=946080000;includeSubDomains;preload
x-content-type-options: nosniff
x-cache: HIT
x-cache-version: 0
x-request-time: 0.000
X-Firefox-Spdy: h2
widget.subiz.net/sbz/app.js?accid=acridpmqoqfwshibwkus
104.26.13.46200 OK 0 B URL HTTP/2 widget.subiz.net/sbz/app.js?accid=acridpmqoqfwshibwkus
IP 104.26.13.46:0
GET /sbz/app.js?accid=acridpmqoqfwshibwkus HTTP/1.1
Host: widget.subiz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hdcreditvn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 13:28:16 GMT
content-type: text/javascript
via: 1.1 google
cache-control: max-age=300
cf-cache-status: MISS
last-modified: Sun, 29 Jan 2023 13:28:16 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vm8ZAEYEZkP6x1ybh4GcJfaFuHsaBcMuK2m4Z45YhVJKyiREgZDkbmeHbGgQhhFup2jDTymN9e1m%2FDQF7x3WyuvVJopjJaTl02m0CMQS%2Bj9jX86vpWVb94TkxK2sdfsnSBo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79124f5cbb6cb4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2