r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14653
Expires: Mon, 12 Sep 2022 14:55:55 GMT
Date: Mon, 12 Sep 2022 10:51:42 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 12 Sep 2022 10:08:11 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qJWXsYb98WGawo7Qmu4Ej_fNOqIKcIpFZUB6w2l67kvs4NMThSvBKg==
Age: 2611
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 12 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PbNwV-hoo-9kfYpchNHO8SsBx0dNWCRZydtNNff4MyZgAm4QedamBA==
age: 12870
X-Firefox-Spdy: h2
ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/sms1.html
202.191.56.152200 OK 3.8 kB URL HTTP/1.1 ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/sms1.html
IP 202.191.56.152:0
ASN #38727 Ha Noi University of Technology
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (339), with CRLF line terminators
Hash aa5d055f906b1407e5179ae198b6f3ab
7b93aace98acd76c44e3bab906469ed7dc8d49d1
676936c8e1aea7efedb58b5789b01d789064a7d683ccd5b216b495372c7f3b3e
Analyzer Verdict Alert openphish DGI (French Tax Authority)
fortinet Phishing
GET /vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/sms1.html HTTP/1.1
Host: ts.hust.edu.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 12 Sep 2022 10:51:49 GMT
Content-Type: text/html
Last-Modified: Tue, 28 Jun 2022 23:51:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62bb940c-5038"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 10:51:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery.maskedinput/1.4.1/jquery.maskedinput.js
104.17.24.14200 OK 2.3 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery.maskedinput/1.4.1/jquery.maskedinput.js
IP 104.17.24.14:0
Hash 25ba6cf71f56fb6f70738a4a73257a10
95b2f9d962ad149cb94f336a69c2627e94f1eb43
907bed0c556e0dd60a67eca19c4d684445a4e3d45af5e78a1320fa35777894da
GET /ajax/libs/jquery.maskedinput/1.4.1/jquery.maskedinput.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ts.hust.edu.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 10:51:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 2306
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-284d"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 2208782
expires: Sat, 02 Sep 2023 10:51:42 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qr%2BwNp%2F%2FNfMLgtP9hFLXGvmmLTE%2FjTDz6C5WY4yI1q9kj7znVaKkcYsXcug%2BF%2BFqzTkzB2eYALORC9DiD3vFGB7qGT4en5J4dYQFQ%2BU3%2FkGVmyaBPrDgeaPrM6P%2BhGyBnTvFbUHW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 749816e6cba5b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/templates/css/autentification.css
202.191.56.152200 OK 3.9 kB URL HTTP/1.1 ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/templates/css/autentification.css
IP 202.191.56.152:0
ASN #38727 Ha Noi University of Technology
File type ASCII text, with CRLF line terminators
Hash 1b1409e902b0ba224c59f4c590f8e253
10f003e6a5c8de111781212a2eec65217f73def9
738aed6cd4108fd2d26045552a0110d9a25446b8c55e8b2a900cc137c4a755f9
GET /vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/templates/css/autentification.css HTTP/1.1
Host: ts.hust.edu.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/sms1.html
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 12 Sep 2022 10:51:49 GMT
Content-Type: text/css
Last-Modified: Tue, 28 Jun 2022 23:51:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62bb940c-44fe"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/templates/css/bootstrap-3.3.6.min.css
202.191.56.152200 OK 21 kB URL HTTP/1.1 ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/templates/css/bootstrap-3.3.6.min.css
IP 202.191.56.152:0
ASN #38727 Ha Noi University of Technology
File type ASCII text, with very long lines (391)
Hash b16c347c97c573785f413e7a556ba5c4
669ef88dc6b2c3ab02d9acae233118ef8c940a86
e3a7d66e8012d7d427e1f479c5dccea4fd7abc833c690eddabb562bb13708724
GET /vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/templates/css/bootstrap-3.3.6.min.css HTTP/1.1
Host: ts.hust.edu.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/sms1.html
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 12 Sep 2022 10:51:49 GMT
Content-Type: text/css
Last-Modified: Tue, 28 Jun 2022 23:51:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62bb940c-2454c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 12 Sep 2022 09:56:07 GMT
Cache-Control: max-age=3600
Expires: Mon, 12 Sep 2022 10:45:54 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Js0mHS-j1ADZrOBx0jwgSHEy5JLAtbHTgaW2dhQUf0uJBdnulGTYvw==
Age: 3335
ts.hust.edu.vn/templates/js/jquery-1.11.3.min.js
202.191.56.152302 Found 344 B URL HTTP/1.1 ts.hust.edu.vn/templates/js/jquery-1.11.3.min.js
IP 202.191.56.152:0
ASN #38727 Ha Noi University of Technology
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9623b35db9ec999b619e55a5619f55f7
15695f7be5b73be51aec1c05d0251c01ec5c40fb
b5186c5869462edf4d615893a41f0e43db14689470f559aab5c1f1b630d0986a
GET /templates/js/jquery-1.11.3.min.js HTTP/1.1
Host: ts.hust.edu.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/sms1.html
HTTP/1.1 302 Found
Server: nginx/1.16.1
Date: Mon, 12 Sep 2022 10:51:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Cache-Control: no-cache, private
Location: http://ts.hust.edu.vn/404
ts.hust.edu.vn/templates/js/bootstrap.min.js
202.191.56.152302 Found 344 B URL HTTP/1.1 ts.hust.edu.vn/templates/js/bootstrap.min.js
IP 202.191.56.152:0
ASN #38727 Ha Noi University of Technology
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9623b35db9ec999b619e55a5619f55f7
15695f7be5b73be51aec1c05d0251c01ec5c40fb
b5186c5869462edf4d615893a41f0e43db14689470f559aab5c1f1b630d0986a
GET /templates/js/bootstrap.min.js HTTP/1.1
Host: ts.hust.edu.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/sms1.html
HTTP/1.1 302 Found
Server: nginx/1.16.1
Date: Mon, 12 Sep 2022 10:51:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Cache-Control: no-cache, private
Location: http://ts.hust.edu.vn/404
ts.hust.edu.vn/templates/js/auth.js
202.191.56.152302 Found 344 B URL HTTP/1.1 ts.hust.edu.vn/templates/js/auth.js
IP 202.191.56.152:0
ASN #38727 Ha Noi University of Technology
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9623b35db9ec999b619e55a5619f55f7
15695f7be5b73be51aec1c05d0251c01ec5c40fb
b5186c5869462edf4d615893a41f0e43db14689470f559aab5c1f1b630d0986a
GET /templates/js/auth.js HTTP/1.1
Host: ts.hust.edu.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/sms1.html
HTTP/1.1 302 Found
Server: nginx/1.16.1
Date: Mon, 12 Sep 2022 10:51:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Cache-Control: no-cache, private
Location: http://ts.hust.edu.vn/404
ts.hust.edu.vn/templates/js/urls.js
202.191.56.152302 Found 344 B URL HTTP/1.1 ts.hust.edu.vn/templates/js/urls.js
IP 202.191.56.152:0
ASN #38727 Ha Noi University of Technology
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9623b35db9ec999b619e55a5619f55f7
15695f7be5b73be51aec1c05d0251c01ec5c40fb
b5186c5869462edf4d615893a41f0e43db14689470f559aab5c1f1b630d0986a
GET /templates/js/urls.js HTTP/1.1
Host: ts.hust.edu.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/sms1.html
HTTP/1.1 302 Found
Server: nginx/1.16.1
Date: Mon, 12 Sep 2022 10:51:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Cache-Control: no-cache, private
Location: http://ts.hust.edu.vn/404
ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/templates/css/imp.css
202.191.56.152200 OK 5.2 kB URL HTTP/1.1 ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/templates/css/imp.css
IP 202.191.56.152:0
ASN #38727 Ha Noi University of Technology
File type ASCII text, with CRLF line terminators
Hash 9322a061b1051faa0080c36095ee2472
28d10482e43a63c2b7b6b0851c300d764c93730a
b0c7406fffd368efea139cae5d743f7959b660d0feb772c667eb6f91940cbaf9
GET /vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/templates/css/imp.css HTTP/1.1
Host: ts.hust.edu.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/sms1.html
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 12 Sep 2022 10:51:50 GMT
Content-Type: text/css
Last-Modified: Tue, 28 Jun 2022 23:51:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62bb940c-919a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/templates/jquery-3.1.0.min.js
202.191.56.152200 OK 30 kB URL HTTP/1.1 ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/templates/jquery-3.1.0.min.js
IP 202.191.56.152:0
ASN #38727 Ha Noi University of Technology
File type ASCII text, with very long lines (32014)
Hash ae9d8d4c0dec623c2576c2fb03a51cea
d48b4b306fd21b80467d5b0913ff06bc5b949bb5
261d0b1ea5b85979c59923aa544fe4bea3743882b2e02a83020befc328c2d696
Analyzer Verdict Alert fortinet Phishing
GET /vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/templates/jquery-3.1.0.min.js HTTP/1.1
Host: ts.hust.edu.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/sms1.html
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 12 Sep 2022 10:51:50 GMT
Content-Type: application/javascript
Last-Modified: Tue, 28 Jun 2022 23:51:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62bb940c-1514f"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cb674936db4af4be99c3c397eff8c6ae
de79d76bac3fae5799b0ff35ecc19360595dfb06
992b884b64f9f6fdb76a6ba91c48fed329325b95b99d8003b282879a52093c08
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5700
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 10:51:43 GMT
Last-Modified: Mon, 12 Sep 2022 09:16:43 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/templates/images/fermer.svg
202.191.56.152200 OK 778 B URL HTTP/1.1 ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/templates/images/fermer.svg
IP 202.191.56.152:0
ASN #38727 Ha Noi University of Technology
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (340)
Hash 414f563159726d51b4e055bae11a9807
4e1d495ecfc67a5b31d06315211ed72c0cd06ff7
71e61a7480e7cc0cf83c782310bfca6845c0fb5884e5791bd9bbf9a0439657bf
Analyzer Verdict Alert fortinet Phishing
GET /vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/templates/images/fermer.svg HTTP/1.1
Host: ts.hust.edu.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/sms1.html
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 12 Sep 2022 10:51:50 GMT
Content-Type: image/svg+xml
Last-Modified: Tue, 28 Jun 2022 23:51:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62bb940c-6dd"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/templates/3.jpg
202.191.56.152200 OK 7.0 kB URL HTTP/1.1 ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/templates/3.jpg
IP 202.191.56.152:0
ASN #38727 Ha Noi University of Technology
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 120x45, components 3\012- data
Hash ba40b5bc6558ae28bab303713d66aba3
16a2568e929284211d499d61284165784fe642b4
18663e074265ad94586ebd4160167e55887e265f9e37ce69bb8ea19abab0042d
GET /vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/templates/3.jpg HTTP/1.1
Host: ts.hust.edu.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/sms1.html
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 12 Sep 2022 10:51:50 GMT
Content-Type: image/jpeg
Last-Modified: Tue, 28 Jun 2022 23:51:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62bb940c-1bc6"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/templates/5.gif
202.191.56.152200 OK 1.9 kB URL HTTP/1.1 ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/templates/5.gif
IP 202.191.56.152:0
ASN #38727 Ha Noi University of Technology
File type GIF image data, version 89a, 118 x 40\012- data
Hash a80f762f2768fa3f5a8e2b432f77d97b
5e39341f051a2c3fc238bf1eba51fe0c76e28ea5
8c6157aeb6b7a3ac5abae2ba8c584a2c4de04f602f79b3c5980a38b958ac5ec8
GET /vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/templates/5.gif HTTP/1.1
Host: ts.hust.edu.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/sms1.html
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 12 Sep 2022 10:51:50 GMT
Content-Type: image/gif
Last-Modified: Tue, 28 Jun 2022 23:51:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62bb940c-733"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/templates/4.gif
202.191.56.152200 OK 3.2 kB URL HTTP/1.1 ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/templates/4.gif
IP 202.191.56.152:0
ASN #38727 Ha Noi University of Technology
File type GIF image data, version 89a, 143 x 45\012- data
Hash b4274999a7ae51e76dc96bd4de359c99
dc4448578af98d4a6d819a24483d77af27b96b30
8b57b82f3b6631bb7f3b5f7c3d595910352ed657ff6deaab020438b6ba5d0f9f
GET /vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/templates/4.gif HTTP/1.1
Host: ts.hust.edu.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/sms1.html
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 12 Sep 2022 10:51:50 GMT
Content-Type: image/gif
Last-Modified: Tue, 28 Jun 2022 23:51:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62bb940c-d23"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
ocsp.usertrust.com/
172.64.155.188200 OK 2.2 kB IP 172.64.155.188:0
Hash d0be2992c1a67ebe0bcb421ab14bb761
66cecbfb0a17a03f5b0b51269ac03ac3f590e91b
b6ff2f83e086ca46fd42382f0d256d259651545c6026b2b769aaf2843de722f0
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 10:51:43 GMT
Content-Type: application/ocsp-response
Content-Length: 2236
Connection: keep-alive
Last-Modified: Sat, 10 Sep 2022 22:12:16 GMT
Expires: Sat, 17 Sep 2022 22:12:15 GMT
Etag: "66cecbfb0a17a03f5b0b51269ac03ac3f590e91b"
Cache-Control: max-age=600975,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1523
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749816ebe8b50b69-OSL
push.services.mozilla.com/
34.216.192.228101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.216.192.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: lgmvELXszVk/hUjQeBHp3A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: E9ESpNFkuWl2ggXycOkVDUm38fU=
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 1665056e95362811b8face0716feff31
42ed2dc9b5ee9d78abe3e917f585a85a9241d67e
67b1894f1123cdbecd3c9fa7d4ece3d1bf953e4e93b1d9b7a57b11948eaa1680
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 10:51:43 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 06:59:04 GMT
Expires: Fri, 16 Sep 2022 06:59:03 GMT
Etag: "42ed2dc9b5ee9d78abe3e917f585a85a9241d67e"
Cache-Control: max-age=331039,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 749816ebf9a8b50c-OSL
cfspart.impots.gouv.fr/templates/images/Cadenas.svg
145.242.11.27404 Not Found 2.9 kB URL HTTP/1.1 cfspart.impots.gouv.fr/templates/images/Cadenas.svg
IP 145.242.11.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (323)
Hash 31c8c7c86c2a6814948044e8714acddb
49cf9783f5f57a2a843a141c27bed79f54a5c2aa
8254c9ce56497ac4e9e296b9b8d35cccde8872e5961de17b7b7bb65d8c2cf1db
GET /templates/images/Cadenas.svg HTTP/1.1
Host: cfspart.impots.gouv.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ts.hust.edu.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Date: Mon, 12 Sep 2022 10:51:43 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Last-Modified: Tue, 19 Mar 2019 06:51:48 GMT
ETag: "23107-b72-5846cf068a2a8"
Accept-Ranges: bytes
Content-Length: 2930
Via: dpapusx041
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/templates/2.gif
202.191.56.152200 OK 2.9 kB URL HTTP/1.1 ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/templates/2.gif
IP 202.191.56.152:0
ASN #38727 Ha Noi University of Technology
File type GIF image data, version 89a, 138 x 25\012- data
Hash b9363117057844b4d4df68840ac836c5
edacc659123f8f10cc8e1142b32c8eb479a89aca
90c6cafd16686949db04068e896ed28ad5a7d04219184cdeca2c1f0c9954ddf3
GET /vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/templates/2.gif HTTP/1.1
Host: ts.hust.edu.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/sms1.html
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 12 Sep 2022 10:51:50 GMT
Content-Type: image/gif
Last-Modified: Tue, 28 Jun 2022 23:51:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62bb940c-b32"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/templates/1.gif
202.191.56.152200 OK 2.8 kB URL HTTP/1.1 ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/templates/1.gif
IP 202.191.56.152:0
ASN #38727 Ha Noi University of Technology
File type GIF image data, version 89a, 124 x 28\012- data
Hash d23a7a551c4f41da8f63558ff800badb
107d8d01b8f1ebeda638eda3f6f9521babe5b136
8a47b98fb782f38188433d8e3ba526d7dcf2c91e30c322219530700ae5b26472
GET /vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/templates/1.gif HTTP/1.1
Host: ts.hust.edu.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/sms1.html
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 12 Sep 2022 10:51:50 GMT
Content-Type: image/gif
Last-Modified: Tue, 28 Jun 2022 23:51:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62bb940c-afc"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/templates/css/Logo-Marianne_impots-gouv-fr.svg
202.191.56.152200 OK 23 kB URL HTTP/1.1 ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/templates/css/Logo-Marianne_impots-gouv-fr.svg
IP 202.191.56.152:0
ASN #38727 Ha Noi University of Technology
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (1263)
Hash 0369d85cd8ed14ce5be2744ee2eb52d2
d78644594cb8c29bf7ab61209fcea528b6d1aff7
c608999ad33b3f1e7df1b0e00638b1f821f3002e4ea2d27a6bd9aec400b6756a
Analyzer Verdict Alert fortinet Phishing
GET /vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/templates/css/Logo-Marianne_impots-gouv-fr.svg HTTP/1.1
Host: ts.hust.edu.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/templates/css/autentification.css
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 12 Sep 2022 10:51:50 GMT
Content-Type: image/svg+xml
Last-Modified: Tue, 28 Jun 2022 23:51:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62bb940c-13d96"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/templates/11.png
202.191.56.152200 OK 2.7 kB URL HTTP/1.1 ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/templates/11.png
IP 202.191.56.152:0
ASN #38727 Ha Noi University of Technology
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 551bf11f4a2b46fa26ebe97eb29364f6
b7ddf259df5840d59e46b111d2cf77d2787f015a
22ff38ce84d220afbfb3c1577fbac963d1d53b8a49123a2583fb66f4d67eb176
GET /vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/templates/11.png HTTP/1.1
Host: ts.hust.edu.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/sms1.html
Cookie: XSRF-TOKEN=eyJpdiI6IlFHZUFEcE1lVUozTDhZR3k5SnNGbEE9PSIsInZhbHVlIjoiN2pJM3B3bitWNEZXTlhBWVp5ZXJPaWlHK3FjMUQ3QlE4dDd3eEJ6XC90bDBRR1pPakhJZkVnMEV1SUhEZGxHaDl5RGF6QzVmcXJoZ3d0TkMyOG1lRHRnPT0iLCJtYWMiOiJkYThlNzg5MmZmODhlNjNjMzcyMTRiNGY3OGI0ZmZhOGVlMDA1Y2ZmZWZlMzZhNGU3NDNlNDkyZWU1ZGE1Zjk3In0%3D; laravel_session=eyJpdiI6IjhiQjFOUWFVK21WRVwvRytFUVEzKyt3PT0iLCJ2YWx1ZSI6IlwvVEI2d0ZxeHZPVmQ4WlAxNGhmWTVmR0x5VTVQVzlVc0l2WlF0TmZuK25oRHNRcmN1NVZaTlZSRnF4VkRDSGNwTXkwYzZ3OFFEZkhrVXpobUVmKzRWUT09IiwibWFjIjoiODNhZmVkOWE4NDIyNjUxY2JhYmQ5ZWZkNTQzY2Y2NWVjYWYxMDgzYjU1YTQxZDlhMGYyNTQyYTVlMGI4M2ZmYSJ9
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 12 Sep 2022 10:51:51 GMT
Content-Type: image/png
Last-Modified: Tue, 28 Jun 2022 23:51:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"62bb940c-a9f"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12522
Expires: Mon, 12 Sep 2022 14:20:26 GMT
Date: Mon, 12 Sep 2022 10:51:44 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12522
Expires: Mon, 12 Sep 2022 14:20:26 GMT
Date: Mon, 12 Sep 2022 10:51:44 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12522
Expires: Mon, 12 Sep 2022 14:20:26 GMT
Date: Mon, 12 Sep 2022 10:51:44 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12522
Expires: Mon, 12 Sep 2022 14:20:26 GMT
Date: Mon, 12 Sep 2022 10:51:44 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12522
Expires: Mon, 12 Sep 2022 14:20:26 GMT
Date: Mon, 12 Sep 2022 10:51:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7ccc33ae0c85a906f2c17db281ec790
1904722d70348235d5472c54f888d2b4b991e2aa
f48edc03624f582b05b596694b76bd784f85eb9f2ca5dd025bbea9cc2ff1f096
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6999
x-amzn-requestid: 61e3e817-fb62-47c7-b938-2dfc6a134622
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YO1mlG3XIAMFo5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c3629-37c2c8982c4ccf891875c59a;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 07:00:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: S2TR552YpZeEbhTSAn4vdXexYpvR4Lrr-LaJmfNd7LnO0L4QM8w-Dg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 03:38:55 GMT
age: 25969
etag: "1904722d70348235d5472c54f888d2b4b991e2aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c14088c4ca0d576e087feed41b7f1565
172b23f2ef39b6c3fdebb5441b10a95712206d0a
2699efa811ceac5420f5bd26c35a6f48b51854e29cbce7cbb62efb613db7d6b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8799
x-amzn-requestid: 1bcdf387-9ad2-449a-861e-3352b1744d23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUI-0G6vIAMFgbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e552b-42aa46af6315148106c4fdee;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:37:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: g2mxKK8L5T4YkeD8JqNUuV_KfsIq8ypRMvxhsyzSZSEIP4gDl4zLVQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:41:51 GMT
age: 47393
etag: "172b23f2ef39b6c3fdebb5441b10a95712206d0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8625e0707046e7a3715a8dbb40b1cae2
0f44ee871ad9d0a0ddd07d0c87d54f7e72b56f78
abc4c12561be08897341d9c8104c30a289357c0907e55c46895f7fb6afb2f75d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13568
x-amzn-requestid: ad06f499-3e04-414a-8a3f-6daa9e0124ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3yN1F2BIAMFoqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312fd8b-3a17f11440d2f37b23ac7f6a;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 07:08:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iNRnq8nMhoTo9oY379Ynb6uPW0vNyf3dNufU_HpXNfzxvhrAEKEzJQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 14:06:07 GMT
age: 74737
etag: "0f44ee871ad9d0a0ddd07d0c87d54f7e72b56f78"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f86a13b-1b13-4298-8397-2a35d951a8f4.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f86a13b-1b13-4298-8397-2a35d951a8f4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7407173746b961cba0f774536bdc5406
7c8363a01b498ae9299a9205d779499f00a477b4
4dc901dfa6637f4e2205813f7b62938a6c1c45577bb1eff8b22bc2c391d54759
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f86a13b-1b13-4298-8397-2a35d951a8f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8461
x-amzn-requestid: 8f7492c7-ae65-4dd5-8ee9-85a2e2fc80dc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLVAaEt3oAMFcnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631acecf-2db2074c53de3db23380767b;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 05:27:43 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: m0cnQ1kABQEYadt_zivtyeY8Uow9N1S8kDio2jooE9h7u1oh6u_ANg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 3c974a460e97e56c6eb1e6a30797d9d6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 16:51:54 GMT
age: 64790
etag: "7c8363a01b498ae9299a9205d779499f00a477b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 239262b6ab17cb19414c35cd4f761092
48eddcf9838e980e67cc8f9cbb05b475df2f0331
cd27cbce632d769288d9c33c5c8e887ba02df5677f10f7a6d03139b590ba24b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9815
x-amzn-requestid: 89243e57-94eb-4c6b-903f-aa01df030ecc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxnEAjoAMF_Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d6-199403e2695b214711f5117f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: NKM6RRhJ5AuRF4NKSyBO6-KMkd1UGaw3DuZBkBao_8fzzpkMeDrn0w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:55:40 GMT
etag: "48eddcf9838e980e67cc8f9cbb05b475df2f0331"
content-type: image/jpeg
age: 46564
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bb54538-5f31-44e8-8743-582e31d384e4.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bb54538-5f31-44e8-8743-582e31d384e4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 63d953ea7dce676e8b1c6fcab9f8eab7
5a359aed379e554c5c9885cc8f7a3bff7447d246
428029d6b65a52758df9fd8cb284df83ca4685031126b0ab5b60764a3e2d1a27
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bb54538-5f31-44e8-8743-582e31d384e4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5709
x-amzn-requestid: 747b7be7-356b-4a9e-9869-4b8f71e66f53
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YMl6sHaoIAMF2lA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631b5044-0c6b0f57046b79cf56ecbf39;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 14:40:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: WbzMgteMd5CxXXK6sARu-n39xAWcZiYHgkR2TCg2aNbzEXcaxS-TZQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 23:26:14 GMT
age: 41130
etag: "5a359aed379e554c5c9885cc8f7a3bff7447d246"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ts.hust.edu.vn/404
202.191.56.152200 OK 0 B IP 202.191.56.152:0
ASN #38727 Ha Noi University of Technology
GET /404 HTTP/1.1
Host: ts.hust.edu.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/sms1.html
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 12 Sep 2022 10:51:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Cache-Control: private, must-revalidate
pragma: no-cache
expires: -1
Set-Cookie: XSRF-TOKEN=eyJpdiI6IjZ2RXdITmZ3MGJUaStYb2tjSzlTMEE9PSIsInZhbHVlIjoiRXB3cVZCN0M3MFAxVWRoWUMrckpLTzJZeU5CRlhXa3hEbHFcL25YZkRDeVBtZVNFVXNQdE5Wd2xSRzd5YVA4VlZKaE1KZmk5aStMYWs1REZKZTdTVlZBPT0iLCJtYWMiOiI5Y2I2ZmJhMTVmNzgxMTliNzNhYWMwN2QzY2M5NzZlMDc5ZmU4N2RmMDg2ZmM3ZTQzN2JhYzQ3MWZmMDU2YTk5In0%3D; expires=Wed, 12-Oct-2022 10:51:51 GMT; Max-Age=2592000; path=/
laravel_session=eyJpdiI6IkZiWlhUU3RnWTRvd0J2MCtOS3FrZXc9PSIsInZhbHVlIjoiZTVqdnc2T05WbjJMRXJoUkdEUnpUT3k4a282Y3J5QkNybnphcXlcL1RlSzlpeEk0SUlCRmd3d0k4WEFuVmY5MER2MXdxWUVHR1pnNzVMRVpySlwvVDQ5dz09IiwibWFjIjoiZjJlMTI0NDVkMGQ2Y2RlZWI0ZWY3Zjc4NzRkMTk3ZTJkNzJlODM5MjY5YTFiNDU4NDlkNDVhMTEyYzQ0MjJkMyJ9; path=/; HttpOnly
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
ts.hust.edu.vn/404
202.191.56.152200 OK 0 B IP 202.191.56.152:0
ASN #38727 Ha Noi University of Technology
GET /404 HTTP/1.1
Host: ts.hust.edu.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/sms1.html
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 12 Sep 2022 10:51:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Cache-Control: private, must-revalidate
pragma: no-cache
expires: -1
Set-Cookie: XSRF-TOKEN=eyJpdiI6ImJvMFQxSzhcL1JkbzlLWkcxWXpEUjRBPT0iLCJ2YWx1ZSI6Ik5od0pVNWtrcXVpOG9aR01rNndvM1E2TVIyZGlQRVdUbXNMU2l0Ulh2VkJcLzhiVDB1UVpYeVAxXC9VeWgyd3ZsM1wvMEF3U2JDRFwvNFNsTEZMZWNiVnBtUT09IiwibWFjIjoiNGNhZTI2NGEwMzhkYTQ3MWQ2NWU5ZDQ2YTEyODAzOWQ1MWFiNWFiMDBhNzc4OWQ2NmY2YzRjZTYwMDJiMzZkNyJ9; expires=Wed, 12-Oct-2022 10:51:51 GMT; Max-Age=2592000; path=/
laravel_session=eyJpdiI6Im8xQ0dSRjJlV3Zlakc4U2ZcL0I2cFd3PT0iLCJ2YWx1ZSI6IjZkS2dMMk1vSGlMT2c1NllnRFBvRkY1QlNNRnd0RlBsaFlGNWs5XC9IYUNXSUJMWkdGRFBOejAybFB2Y1ExeVZyVXNLVGpCdUNodzdCZFBtQTRSYnVGQT09IiwibWFjIjoiZTUyY2UyYjgzNjU2MjE4OGIyZjkyNThjZGNkMjY3MTIxZjBiYTNiOWQwZjBkMzJhNmUxYjU0ZDYzMmJjMTQ1YSJ9; path=/; HttpOnly
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
ts.hust.edu.vn/404
202.191.56.152200 OK 0 B IP 202.191.56.152:0
ASN #38727 Ha Noi University of Technology
GET /404 HTTP/1.1
Host: ts.hust.edu.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/sms1.html
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 12 Sep 2022 10:51:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Cache-Control: private, must-revalidate
pragma: no-cache
expires: -1
Set-Cookie: XSRF-TOKEN=eyJpdiI6IkRPRTU5dkJEVnV6RE9EcVFWMkNsK0E9PSIsInZhbHVlIjoia2RcL1dweG5tT1FtZmdYTTQ4TjkrUGdOdVdva1pXK042UVNsVDdRQ21EdHBUc1ZIZzUzd2ljQ0tXZnlJa3hXTEMzeDRwZ2xlOXJ0MmpXS0xKeVVzM0F3PT0iLCJtYWMiOiJhYjJjMDIwYWFhYmIxN2IyMjJiZThmOWRiY2FjZWU2YjgyMWMyZDNmZGUyM2JlZWI5ODAxNGZmMzIwNzdmZWJjIn0%3D; expires=Wed, 12-Oct-2022 10:51:51 GMT; Max-Age=2592000; path=/
laravel_session=eyJpdiI6Ijl4MjVzRks4NFFKUEhoUXltUUp1MUE9PSIsInZhbHVlIjoiaEJOaEI1Y3JuOU0ycmJHZVhsTHdQUUhwTzdPR3hzem9nc3ptb1BPM29HYkg3eUdzWDBPQnp1VUt0THdCNDREOGFsazNzZDNpeno0MkxqZ1dla2xYUkE9PSIsIm1hYyI6IjNiODBmYWNkMGYyMzIwOTc2MzVkZWZlMmM4YTBjODM0NTUwNjlmZDJlNDk2NTBiMzhhOGZjY2EzY2QzMThhZDYifQ%3D%3D; path=/; HttpOnly
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
ts.hust.edu.vn/templates/images/Miniballs.gif
202.191.56.152302 Found 0 B URL HTTP/1.1 ts.hust.edu.vn/templates/images/Miniballs.gif
IP 202.191.56.152:0
ASN #38727 Ha Noi University of Technology
GET /templates/images/Miniballs.gif HTTP/1.1
Host: ts.hust.edu.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/sms1.html
HTTP/1.1 302 Found
Server: nginx/1.16.1
Date: Mon, 12 Sep 2022 10:51:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Cache-Control: no-cache, private
Location: http://ts.hust.edu.vn/404
ts.hust.edu.vn/404
202.191.56.152200 OK 0 B IP 202.191.56.152:0
ASN #38727 Ha Noi University of Technology
GET /404 HTTP/1.1
Host: ts.hust.edu.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ts.hust.edu.vn/vendor/jeremeamia/ts/fonction/009874-8575756-7565746-875646001/impot-bnq/f7ccb5cf014b6690e7d5/sms1.html
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Mon, 12 Sep 2022 10:51:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Cache-Control: private, must-revalidate
pragma: no-cache
expires: -1
Set-Cookie: XSRF-TOKEN=eyJpdiI6IitTY1VLNGFTV0ZUVTM3OGlzYU9BQ2c9PSIsInZhbHVlIjoiYWVZM0lJYmlQRFpsSW05ZmpTam9KMk1OeExVbG1DK0ZEYUZ5OEdLZGlaSkxVXC81ZFh2VFFhQWtHVG1GYXNXVmswdGo3REljVXJQK2dKV21mUE85SlFRPT0iLCJtYWMiOiIxZjA0ZjZjOGZlODUwNTQ1MmI1ZWYwMzNiMjVhZTZkZDYzYzNhNWFhNmY4NzZmMzRiZjE2YWMzZDQ4YWI4ZTJmIn0%3D; expires=Wed, 12-Oct-2022 10:51:50 GMT; Max-Age=2592000; path=/
laravel_session=eyJpdiI6IlVNRnNFZkRQNlZJOTdCT09TOFR6Vnc9PSIsInZhbHVlIjoieHljd3NOV1VGUGVzSCt1RHdMSEVHUlBUaWFoT1dkVXBNSzZhZGpVbjVOZmRHeUt5T1VDQmxKRjVrNllJY0FheUJjRDUrYzltcGxFcXIzemRWWE5Ic0E9PSIsIm1hYyI6IjE2NTYzOWVhMDliOTkzMDkyN2FiMjA3ODE2YWM4NDgwOWJhZjI3MjY5MjkxN2ZlMGM5MmRjNTg0NTdhZjAzMTEifQ%3D%3D; path=/; HttpOnly
X-Cache: HIT from Backend
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip