Overview

URLxaydunghoangtu.com/
IP 112.78.1.150 (Vietnam)
ASN#45538 ODS Joint Stock Company
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-23 04:10:39 UTC
StatusLoading report..
IDS alerts0
Blocklist alert1
urlquery alerts No alerts detected
Tags None

Domain Summary (18)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-22 05:40:51 UTC 34.117.237.239
xaydunghoangtu.com (27) 0 2020-09-23 07:24:40 UTC 2022-11-23 00:09:36 UTC 112.78.1.150 Unknown ranking
scontent.ftbs5-2.fna.fbcdn.net (1) 276980 2019-06-18 14:37:08 UTC 2022-11-22 15:50:32 UTC 213.157.214.17
scontent-arn2-1.xx.fbcdn.net (5) 58958 2015-12-21 23:31:41 UTC 2022-11-22 07:17:15 UTC 31.13.72.12
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-22 13:57:07 UTC 142.250.74.10
ocsp.digicert.com (6) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 54.200.107.47
img-getpocket.cdn.mozilla.net (7) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
scontent-arn2-2.xx.fbcdn.net (1) 87860 2018-12-13 19:32:03 UTC 2022-11-22 07:21:16 UTC 157.240.194.27
r3.o.lencr.org (8) 344 No data No data 23.36.77.32
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-22 05:47:51 UTC 34.102.187.140
www.googl-e.top (1) 0 2020-03-16 06:14:06 UTC 2022-11-22 05:15:49 UTC 149.28.250.63 Unknown ranking
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
ocsp.pki.goog (7) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.35
i.imgur.com (1) 5110 2012-05-21 08:09:36 UTC 2018-08-28 18:45:07 UTC 151.101.84.193
fonts.gstatic.com (6) 0 2014-09-09 00:40:21 UTC 2022-11-22 13:10:15 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
static.xx.fbcdn.net (12) 661 2012-12-01 13:12:13 UTC 2020-04-26 08:40:46 UTC 157.240.200.14
video-arn2-2.xx.fbcdn.net (6) 200535 2018-12-13 19:33:18 UTC 2022-11-22 11:29:30 UTC 157.240.194.21

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-23 2 www.googl-e.top/I Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 112.78.1.150
Date UQ / IDS / BL URL IP
2023-02-04 00:14:44 +0000 0 - 0 - 11 chart.giahungtrieu.net/ 112.78.1.150
2023-02-03 04:02:24 +0000 0 - 0 - 2 api.giahungtrieu.net/ 112.78.1.150
2023-02-02 04:03:59 +0000 0 - 0 - 137 bikkviz.com/ 112.78.1.150
2023-02-01 07:36:06 +0000 0 - 0 - 3 bikkviz.com/wp-admin/NyT44HkVg/ 112.78.1.150
2023-02-01 00:58:39 +0000 0 - 0 - 3 bikkviz.com/wp-admin/NyT44HkVg/ 112.78.1.150


Last 5 reports on ASN: ODS Joint Stock Company
Date UQ / IDS / BL URL IP
2023-02-04 00:14:44 +0000 0 - 0 - 11 chart.giahungtrieu.net/ 112.78.1.150
2023-02-03 08:27:15 +0000 0 - 1 - 0 himlamnewstar.com/ 125.253.113.106
2023-02-03 04:02:24 +0000 0 - 0 - 2 api.giahungtrieu.net/ 112.78.1.150
2023-02-02 13:58:42 +0000 0 - 0 - 3 www.northernaurora.vn/media/fer/ 125.253.121.131
2023-02-02 04:03:59 +0000 0 - 0 - 137 bikkviz.com/ 112.78.1.150


Last 5 reports on domain: xaydunghoangtu.com
Date UQ / IDS / BL URL IP
2022-11-27 03:31:45 +0000 0 - 0 - 1 xaydunghoangtu.com/ 112.78.1.150
2022-11-23 04:10:39 +0000 0 - 0 - 1 xaydunghoangtu.com/ 112.78.1.150
2022-10-27 00:10:07 +0000 0 - 0 - 1 xaydunghoangtu.com/ 112.78.1.150
2022-10-10 04:11:55 +0000 0 - 0 - 1 xaydunghoangtu.com/ 112.78.1.150
2022-10-06 00:10:15 +0000 0 - 0 - 1 xaydunghoangtu.com/ 112.78.1.150


Last 2 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-10-27 00:10:07 +0000 0 - 0 - 1 xaydunghoangtu.com/ 112.78.1.150
2022-10-10 04:11:55 +0000 0 - 0 - 1 xaydunghoangtu.com/ 112.78.1.150

JavaScript

Executed Scripts (73)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (94)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16983
Expires: Wed, 23 Nov 2022 08:53:30 GMT
Date: Wed, 23 Nov 2022 04:10:27 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6282
Cache-Control: max-age=115530
Date: Wed, 23 Nov 2022 04:10:27 GMT
Etag: "637ca4f3-1d7"
Expires: Thu, 24 Nov 2022 12:15:57 GMT
Last-Modified: Tue, 22 Nov 2022 10:31:15 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12929
Expires: Wed, 23 Nov 2022 07:45:56 GMT
Date: Wed, 23 Nov 2022 04:10:27 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 23 Nov 2022 04:09:27 GMT
cache-control: public,max-age=3600
age: 60
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    4d7e4eed097b9c4e5d509419f1cfc85a
Sha1:   290bb3d428a7c6330e2e3d73a952b16f820896c8
Sha256: 0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: SFsb08kqMZSjP4EsyqlXqgIr12EUvnScyXDSUnv0MqFdjZDwz8u4LN/dNd+ZTFNT3vAQd7JzVN0=
x-amz-request-id: H9XS7T5BZX4AH5B8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 23 Nov 2022 03:39:50 GMT
age: 1837
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 23 Nov 2022 04:10:27 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET / HTTP/1.1 
Host: xaydunghoangtu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         112.78.1.150
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Server: nginx
Date: Wed, 23 Nov 2022 04:10:28 GMT
Content-Length: 303
Connection: keep-alive
Location: https://xaydunghoangtu.com/


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   303
Md5:    9ac948cfdc36545bd262570c6bd19a6c
Sha1:   9cfd48eab729347e588f3383b60085e3226fc80f
Sha256: 762e71a4d54872e1eb8c3400c0bb5ef82ee6edcc5bff9e1051b6935cd1727273
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 23 Nov 2022 03:11:11 GMT
cache-control: public,max-age=3600
age: 3557
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4549
Cache-Control: max-age=108736
Date: Wed, 23 Nov 2022 04:10:28 GMT
Etag: "637c912f-1d7"
Expires: Thu, 24 Nov 2022 10:22:44 GMT
Last-Modified: Tue, 22 Nov 2022 09:06:55 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4F14EEC518814EA3182DBB93C0A7FB75A540D96C1AFF0CE8F44D7700274EE9F9"
Last-Modified: Wed, 23 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21526
Expires: Wed, 23 Nov 2022 10:09:14 GMT
Date: Wed, 23 Nov 2022 04:10:28 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: w56TVpFZnR9CIxZWatm/QA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.200.107.47
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jyu7uyNNTYQw50X9EtCuX5qePyY=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16802
Expires: Wed, 23 Nov 2022 08:50:31 GMT
Date: Wed, 23 Nov 2022 04:10:29 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16802
Expires: Wed, 23 Nov 2022 08:50:31 GMT
Date: Wed, 23 Nov 2022 04:10:29 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16802
Expires: Wed, 23 Nov 2022 08:50:31 GMT
Date: Wed, 23 Nov 2022 04:10:29 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16802
Expires: Wed, 23 Nov 2022 08:50:31 GMT
Date: Wed, 23 Nov 2022 04:10:29 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc29cc891-05a6-43aa-910c-6255241c5cdb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12244
x-amzn-requestid: a01b2328-438f-4d94-94e2-77d5a44d4d65
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1jGjGqsoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63787ef6-094db925714fac2c71bc2679;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 07:00:06 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: q-ciGssIUXEi_5vn91CqzSGSBlnrszvDBewZYBdFrywPvpWHSWH0lQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 5c35539543902c678280929df206948c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:56:30 GMT
age: 18839
etag: "5404be7e1fff033a5cccc15164d77b7e96a48a81"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12244
Md5:    1387520c00b2ce57c6e49fd89afbfe83
Sha1:   5404be7e1fff033a5cccc15164d77b7e96a48a81
Sha256: 2f0fe787a2b2da38cf134a08dc4addf281e6f96761df33780b1a74d037573d58
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02321462-ee42-483c-b25f-8e011f1a5f17.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8128
x-amzn-requestid: 0ba11562-ea07-4058-8d6e-ac079ce63ab0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCNLcEtgoAMFVVg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8f15-3079e77022f090b112ae1804;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:10:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ymhH-B1HNHKAFHs6-zOa97ehcX4h1lV0ZLgVMoKNIdWfMpYQzy3g4w==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 03:26:08 GMT
age: 2661
etag: "3648297257e246e7ec4541fef1ee549523c04f02"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8128
Md5:    3aa134e9259a4f258a832e223bcd5825
Sha1:   3648297257e246e7ec4541fef1ee549523c04f02
Sha256: 3abcd9f270d477b813f145b6c6ccc6c881c705a05976627762db58c4a1f4b76a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9138
x-amzn-requestid: 524e565e-a9fb-45f9-b786-d64cf26a3cdf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcAAHG8IAMFhwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d4066-3689e70e6212e9e77dc134f4;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:34:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cwu__NPGaU0zyAG0H1yZhmjGsFzvNmzsGv6Zt9hrF5gwSysEio2MjA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:09:16 GMT
age: 21673
etag: "343a5bfba0f8fec28f9345f276b44f44c6eaf6a6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9138
Md5:    6d2c986e076309d51d199332caebb07a
Sha1:   343a5bfba0f8fec28f9345f276b44f44c6eaf6a6
Sha256: 64e6fba6a45c70c1db6040a2273472774c00257bef373cc45b6ca00cb819681a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11249
x-amzn-requestid: 65a3db77-b2e6-40b9-a776-021c2e9b56d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bubSsHbZoAMFZNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375a5aa-1286b97968cc2e4c7fe8ab29;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 03:08:26 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: _j5ykGwKHIQEFLyuJK_OMvs-CsCvkUQhZc_YD8gAtbyOECQ894zvjw==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 abbf2df97f9d83839470842dc2e68cb6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 05:19:29 GMT
age: 82260
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11249
Md5:    481c033b9ffd030ff0de6e35cf788b47
Sha1:   85d3baad9217af2b5d75c019d2ef95dbb919a788
Sha256: 02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f13f0a4-9e67-4f61-9165-83b87312d9cb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8081
x-amzn-requestid: cafd3337-7bb8-4e2d-91d4-a33439a32b80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcAMEwgoAMFl-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d4067-6074dcae15d9194513916d48;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:34:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0qleUIXFjvOqr3SeTpnFnVnhacI-ps0Fc33zsWp3eynFDhYOasUpPw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:56:48 GMT
age: 22421
etag: "dff12e88a784a954012f257d3689862c52251d01"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8081
Md5:    309227dc1b5f9193c6be8f5a010fa348
Sha1:   dff12e88a784a954012f257d3689862c52251d01
Sha256: 2d52b83ff0a58c41bf2e38abf8fce13eb87b5ecfce144ff0edc1bfadd254b452
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb450e2a1-222f-4dfe-850a-f862cd102c3e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6910
x-amzn-requestid: 0d4fa715-c66a-4bcb-985c-f2c2ea71b3a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-pvrF-xoAMFSMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c2330-67041f796d1906cc51e31b73;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 01:17:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mpgJn1_loQQQ8CMtSWPy1hYUI5IyYpb2OdU1ycqP-v6AGNlMq4PG-g==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:56:30 GMT
age: 18839
etag: "cda806d600c9e63e50d8ec42549fb107e4915068"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6910
Md5:    21fc9852ed2db17695d7038195b9283f
Sha1:   cda806d600c9e63e50d8ec42549fb107e4915068
Sha256: 55a7098369eb94f4333a1079ed6ad570121b7c76eeafb35022224b86d9b7edbb
                                        
                                            GET / HTTP/1.1 
Host: xaydunghoangtu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         112.78.1.150
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Wed, 23 Nov 2022 04:10:30 GMT
content-length: 20795
x-powered-by: PHP/7.3.5
x-pingback: https://xaydunghoangtu.com/xmlrpc.php
link: <https://xaydunghoangtu.com/wp-json/>; rel="https://api.w.org/", <https://xaydunghoangtu.com/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json", <https://xaydunghoangtu.com/>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (17311), with CRLF, LF line terminators
Size:   20795
Md5:    2296d09d5c4648afa50e9e8f8e369722
Sha1:   4153d4dece4404cd4adc9a00af77ad57029c012b
Sha256: 7b6e4f549a484306b9679a0d52dabb5329d75ff85e3a60e910d1575be4e93c6b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 23 Nov 2022 04:10:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v8TniL3.png HTTP/1.1 
Host: i.imgur.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.84.193
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Tue, 06 Sep 2016 09:27:17 GMT
etag: "4dd8a1adce2e600f1102391c34a0dbac"
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 23 Nov 2022 04:10:31 GMT
age: 4828908
x-served-by: cache-iad-kiad7000082-IAD, cache-bma1628-BMA
x-cache: HIT, HIT
x-cache-hits: 14077, 1
x-timer: S1669176631.299148,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 2847
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size:   2847
Md5:    4dd8a1adce2e600f1102391c34a0dbac
Sha1:   a148737ab4ee3cfc830a4cc57a71ad3aac5eda89
Sha256: d33e3b60894e808e93338eab672097fa142110ecdb9245628457b703da41dae4
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 23 Nov 2022 04:10:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=5.5.9 HTTP/1.1 
Host: xaydunghoangtu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.78.1.150
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Wed, 23 Nov 2022 04:10:31 GMT
content-length: 53907
last-modified: Fri, 25 Sep 2020 03:48:14 GMT
etag: "5f6d687e-d293"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (27100)
Size:   53907
Md5:    2e7e1d1c1d4d446a1b6b63295757d859
Sha1:   27a1d9dcbdc4aff486016b5c9f3ece6ad0c028c1
Sha256: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.3.2 HTTP/1.1 
Host: xaydunghoangtu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.78.1.150
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Wed, 23 Nov 2022 04:10:31 GMT
content-length: 1920
last-modified: Sun, 20 Dec 2020 03:34:01 GMT
etag: "5fdec629-780"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1920
Md5:    a2e915fb21387a23a3578cb1b2b5a724
Sha1:   c3601301dacf90fc9eede9363f2698d922c05327
Sha256: fbf8ab57db7f9981bd71d79c7daaa01a3c578ffa0aa8e9b4a9b2bfe2e9927427
                                        
                                            GET /wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.11 HTTP/1.1 
Host: xaydunghoangtu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.78.1.150
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Wed, 23 Nov 2022 04:10:31 GMT
content-length: 161
x-accel-version: 0.01
last-modified: Mon, 25 May 2020 10:27:08 GMT
etag: "148-5a6766bc55700-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (327)
Size:   161
Md5:    b99e67fe7419c667a1d0236a1823a1f6
Sha1:   6e8bf1cbcac35ea75637be52099b2de73dba7c7d
Sha256: 38be94774abf0e8cfe78738ff13d9c6323f92fc4df3acbb6423a8d44f64a66b7
                                        
                                            GET /wp-content/plugins/wp-phonering/css/style.css?ver=5.5.9 HTTP/1.1 
Host: xaydunghoangtu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.78.1.150
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Wed, 23 Nov 2022 04:10:31 GMT
content-length: 15318
last-modified: Fri, 21 Sep 2018 05:02:54 GMT
etag: "5ba47b7e-3bd6"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1358), with CRLF line terminators
Size:   15318
Md5:    74dec19089b1713e9d9467560de6bc8e
Sha1:   1c01b0589ec2b3c57bc3bf4f07448c89daf3f36d
Sha256: 9069a5b2cdcb61f6ec49c89053847735a391389e480f562daf53445073266d7b
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "ED4AEC411FD30D5459779FC073EAEA80295660F194480496DF7595DF8A3CC8BB"
Last-Modified: Mon, 21 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 23 Nov 2022 10:10:31 GMT
Date: Wed, 23 Nov 2022 04:10:31 GMT
Connection: keep-alive

                                        
                                            GET /I HTTP/1.1 
Host: www.googl-e.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.28.250.63
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
date: Wed, 23 Nov 2022 04:10:31 GMT
content-length: 17035
last-modified: Wed, 18 Aug 2021 04:41:45 GMT
etag: "611c8f89-428b"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (17035), with no line terminators
Size:   17035
Md5:    8ead1abffcb03bd2e99e87fd66d5e0f6
Sha1:   f3d6cca4696e79afac7a89770c9b522a8cc1a7f2
Sha256: d0af3b3dd25f98e931a4f45f126cc93fdef0edc92c20281d7e5b28e9419d046f

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/noi-that/style.css?ver=3.0 HTTP/1.1 
Host: xaydunghoangtu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.78.1.150
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Wed, 23 Nov 2022 04:10:31 GMT
content-length: 224
x-accel-version: 0.01
last-modified: Fri, 21 Sep 2018 05:02:54 GMT
etag: "12d-5765a8d575b80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   224
Md5:    eeeef5cab0f3ab11703e783a4b38f6e3
Sha1:   ca35a26565914c43e71fd88dff98018676b2bb7d
Sha256: 555e047b9efcdde1271be3083141cabe42c805e471f4c9d96be3289afe854a06
                                        
                                            GET /wp-content/plugins/contentprotector/js/jquery.watermark.js?ver=5.5.9 HTTP/1.1 
Host: xaydunghoangtu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.78.1.150
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Wed, 23 Nov 2022 04:10:31 GMT
content-length: 9332
last-modified: Fri, 21 Sep 2018 05:02:54 GMT
etag: "5ba47b7e-2474"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   9332
Md5:    f9d4fee139f7f3d213f2fd6347358d48
Sha1:   34d7d930f0384edd1f59dcf5a967e7b316c0bb9a
Sha256: bddc0dc58f470d12ff00cd65e0ed9a5a2ccd6704a796649fa5f2784f6fe61c75
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3.2 HTTP/1.1 
Host: xaydunghoangtu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.78.1.150
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Wed, 23 Nov 2022 04:10:31 GMT
content-length: 14280
last-modified: Sun, 20 Dec 2020 03:34:01 GMT
etag: "5fdec629-37c8"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   14280
Md5:    f89263c0c2f24398a1df52eead69f5f8
Sha1:   850e9cfb1680eb1df4365889724e69f38df7bb9e
Sha256: 125ec330f66081e7dc9f2814e9ec18f4e2d0baa1936d497375eedfda7ac12e5c
                                        
                                            GET /wp-includes/js/hoverIntent.min.js?ver=1.8.1 HTTP/1.1 
Host: xaydunghoangtu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.78.1.150
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Wed, 23 Nov 2022 04:10:31 GMT
content-length: 1122
last-modified: Fri, 16 Apr 2021 21:52:24 GMT
etag: "607a0718-462"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1087)
Size:   1122
Md5:    1cb41e780b9b6dbbf6ea0a3882da09de
Sha1:   9603305218e09c3c10be9a95b0ef8c7eaa5245ed
Sha256: 495d2f8c8b7f1bbd664c2c10c086a644e63e4934b9734813b27956a34709eea4
                                        
                                            GET /wp-content/uploads/logo.png HTTP/1.1 
Host: xaydunghoangtu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.78.1.150
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Wed, 23 Nov 2022 04:10:31 GMT
content-length: 5148
last-modified: Wed, 21 Oct 2020 03:22:52 GMT
etag: "5f8fa98c-141c"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 286 x 75, 8-bit colormap, non-interlaced\012- data
Size:   5148
Md5:    74a76fb801c01822da2c350d432b5b11
Sha1:   4a7f041177b1850fc275c9d8472ccc2331517d9c
Sha256: ec844cdf7af0406e55951ed981a8f3823d343cc2bbfb1e516ced0f2012d31e2c
                                        
                                            GET /wp-content/themes/flatsome/inc/extensions/flatsome-lazy-load/flatsome-lazy-load.js?ver=3.11.3 HTTP/1.1 
Host: xaydunghoangtu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.78.1.150
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Wed, 23 Nov 2022 04:10:31 GMT
content-length: 2355
last-modified: Mon, 25 May 2020 10:27:08 GMT
etag: "5ecb9d7c-933"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   2355
Md5:    30bef76f6c5678740a4b7c4b1e0ca3b5
Sha1:   df55c00da88a6345d1b91bf64eb6fd3d144120c0
Sha256: ef8fea302c93f5619c53b4b7f8435c3d7dbaf5a4296593fb9f353e574c9b34d4
                                        
                                            GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1 
Host: xaydunghoangtu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.78.1.150
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Wed, 23 Nov 2022 04:10:31 GMT
content-length: 96873
last-modified: Sun, 24 May 2020 14:24:14 GMT
etag: "5eca838e-17a69"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (31997)
Size:   96873
Md5:    49edccea2e7ba985cadc9ba0531cbed1
Sha1:   f8747f8ee704d9af31d0950015e01d3f9635b070
Sha256: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
                                        
                                            GET /wp-includes/js/wp-embed.min.js?ver=5.5.9 HTTP/1.1 
Host: xaydunghoangtu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.78.1.150
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Wed, 23 Nov 2022 04:10:31 GMT
content-length: 1426
last-modified: Fri, 16 Apr 2021 21:52:24 GMT
etag: "607a0718-592"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1391)
Size:   1426
Md5:    905225d5711b559d3092387d5ffbedbd
Sha1:   6f6c39075263bafb9e8c10f1b34a1a0f7ee03c9d
Sha256: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=5.5.9 HTTP/1.1 
Host: xaydunghoangtu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.78.1.150
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Wed, 23 Nov 2022 04:10:31 GMT
content-length: 14229
last-modified: Fri, 16 Apr 2021 21:52:24 GMT
etag: "607a0718-3795"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11272)
Size:   14229
Md5:    878184c5d285d4d52d926d36ef19b718
Sha1:   dd260ffe0f8e3f38f58efd23cac8a1e5c788dad9
Sha256: 07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847
                                        
                                            GET /wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.11.3 HTTP/1.1 
Host: xaydunghoangtu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.78.1.150
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Wed, 23 Nov 2022 04:10:31 GMT
content-length: 137381
last-modified: Mon, 25 May 2020 10:27:08 GMT
etag: "5ecb9d7c-218a5"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   137381
Md5:    6a2aef4f091830213dce3fb463577396
Sha1:   6a8513f28a8d4667a4ccb18d339d99675eaae256
Sha256: 46f0b12040dc9b4012bab1dfb8e021276c3abd1508ebfd7bbe117eb4e4842147
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 23 Nov 2022 04:10:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1720
Cache-Control: max-age=103745
Date: Wed, 23 Nov 2022 04:10:32 GMT
Etag: "637c88c1-1d7"
Expires: Thu, 24 Nov 2022 08:59:37 GMT
Last-Modified: Tue, 22 Nov 2022 08:30:57 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xaydunghoangtu.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:34:08 GMT
expires: Thu, 16 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 549384
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 23 Nov 2022 04:10:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xaydunghoangtu.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5560
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:36:26 GMT
expires: Thu, 16 Nov 2023 19:36:26 GMT
cache-control: public, max-age=31536000
age: 549246
last-modified: Wed, 11 May 2022 19:24:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 5560, version 1.0\012- data
Size:   5560
Md5:    ca3b09b62fda648a4511700413313fd0
Sha1:   109cd4c5435bd6614391bb8722c47c287c96b2ec
Sha256: 77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 23 Nov 2022 04:10:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 23 Nov 2022 04:10:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/pattaya/v12/ea8ZadcqV_zkHY-XBdmt9lZE.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xaydunghoangtu.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Nov 2022 23:23:08 GMT
expires: Sat, 18 Nov 2023 23:23:08 GMT
cache-control: public, max-age=31536000
age: 362844
last-modified: Mon, 09 May 2022 18:41:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 27628, version 1.0\012- data
Size:   27628
Md5:    642a3c33ce6ce8e988fa22bec8080a4e
Sha1:   1086d0d895f42f92803fc0dc9291e18ded02cbd7
Sha256: df374f09dc3ab5a1e6946b5008a073c15893325e9389c694d2aeb3707645f5a6
                                        
                                            GET /s/pattaya/v12/ea8ZadcqV_zkHY-XBdet9g.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xaydunghoangtu.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28456
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 17:04:27 GMT
expires: Fri, 17 Nov 2023 17:04:27 GMT
cache-control: public, max-age=31536000
age: 471965
last-modified: Mon, 09 May 2022 18:41:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 28456, version 1.0\012- data
Size:   28456
Md5:    34cc6407abc92c582808c68d94a42789
Sha1:   1943f3e519da0b48e4b3d9db8b0717dad14d34bf
Sha256: f0faa7c8751a05b3c5db21846b5385fc3f3539b606019544da361422b3a8cf33
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xaydunghoangtu.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:35:48 GMT
expires: Thu, 16 Nov 2023 19:35:48 GMT
cache-control: public, max-age=31536000
age: 549284
last-modified: Wed, 11 May 2022 19:25:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 11872, version 1.0\012- data
Size:   11872
Md5:    87ace20058325aa069320aa4af875dff
Sha1:   b743548770c46d905ae1ba06310bc001c587fe8e
Sha256: 3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 23 Nov 2022 04:10:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1720
Cache-Control: max-age=103745
Date: Wed, 23 Nov 2022 04:10:32 GMT
Etag: "637c88c1-1d7"
Expires: Thu, 24 Nov 2022 08:59:37 GMT
Last-Modified: Tue, 22 Nov 2022 08:30:57 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2 HTTP/1.1 
Host: xaydunghoangtu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://xaydunghoangtu.com/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.11
Cookie: HssSb3942757=6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.78.1.150
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
date: Wed, 23 Nov 2022 04:10:32 GMT
content-length: 6324
last-modified: Mon, 25 May 2020 10:27:08 GMT
etag: "5ecb9d7c-18b4"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 6324, version 1.0\012- data
Size:   6324
Md5:    d9356327d9a0b9b2e0b6463bf4de84fc
Sha1:   299377cf02818146da634c8a3bec142e070d365c
Sha256: c668ae222955eab81e26e7ce6293f4b7a7cd1f9febe475038cac0af6d11975e1
                                        
                                            GET /s/pattaya/v12/ea8ZadcqV_zkHY-XBdit9lZE.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xaydunghoangtu.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13132
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Nov 2022 07:47:37 GMT
expires: Sat, 18 Nov 2023 07:47:37 GMT
cache-control: public, max-age=31536000
age: 418976
last-modified: Mon, 09 May 2022 18:40:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 13132, version 1.0\012- data
Size:   13132
Md5:    9841cdb373efb391dbf2255e8c36f5a8
Sha1:   df7986195c674ac305701758e98b557760417cbc
Sha256: 783bf68cbf16c5cac123c2f17ff7d11f263b04be308bebae13977db8fda7f6d7
                                        
                                            GET /rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         157.240.200.14
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
content-encoding: br
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 13 Nov 2023 04:19:34 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: FvCDsjtWXbnS8g0a11kzwQ==
x-fb-debug: Q4SZcgQTAabjDzD2+gKJKr6ziyQ06wHv6vn8mmXB0+kuQdjy3wTVMUID0BmzHL5OAwJkzyKxHBk01s8b/V0KbA==
content-length: 1657
x-fb-trip-id: 1679558926
date: Wed, 23 Nov 2022 04:10:33 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1984)
Size:   1657
Md5:    16f083b23b565db9d2f20d1ad75933c1
Sha1:   6d74ad139c96b1e3fc9d541419788b5b4893ec9a
Sha256: 36b909cd9132a8996a1bbb221d05217c31506a6951bb408deeea6aa612dc4200
                                        
                                            GET /rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         157.240.200.14
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
content-encoding: br
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 13 Nov 2023 03:18:10 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: B2XXbXRnFhVtU9Nu5vgINg==
x-fb-debug: m+BQtPjWNbih3NkPDP8aeJSIVnefnV7FgVfmHv1ottnMxuFQ7O9P70HznPCRDJbEWaZVpMfMOPytg5/OtxyEfQ==
priority: u=3,i
content-length: 12369
x-fb-trip-id: 1679558926
date: Wed, 23 Nov 2022 04:10:33 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5542)
Size:   12369
Md5:    0765d76d746716156d53d36ee6f80836
Sha1:   17e1546f87cc6417615caa10dcbbcb699c59471a
Sha256: f1e6af63ae9ff0385126b72a492b0d34709514dd4c00074a1be28272c253d4f8
                                        
                                            GET /rsrc.php/v3iLl54/yh/l/en_US/m3C9wUm7Rze.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         157.240.200.14
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
content-encoding: br
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 13 Nov 2023 01:47:54 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: dzRxGBVHgZIJak35Crv6AQ==
x-fb-debug: mYoF2e1P7ghRejAJM02fWCgsd/dKefl60w4VqfDDrjYuscIKYr1aETRoBdkiOe/ue4siFzhXwZHQTDNWyiHklg==
priority: u=3,i
content-length: 8360
x-fb-trip-id: 1679558926
date: Wed, 23 Nov 2022 04:10:33 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2905)
Size:   8360
Md5:    7734711815478192096a4df90abbfa01
Sha1:   ea16129c6f54227d9d01bf3421e68863e75ffd7a
Sha256: 22cf4b88ca3b9208f44974e02dc6f784021871877121c7d03b310d7264ced0e3
                                        
                                            GET /rsrc.php/v3/y-/r/y841rZ2iNa0.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         157.240.200.14
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
content-encoding: br
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 12 Nov 2023 16:49:53 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: cejpO15V8gEAE7CBT0465Q==
x-fb-debug: K+vakdudtTdQF+msD/lkaUE6a2YRi6isCJuPTc0LNd9e9IlBt8LCzbYYbinXlIPe0wHMqStwCkhFMju4cwxNKQ==
content-length: 8748
x-fb-trip-id: 1679558926
date: Wed, 23 Nov 2022 04:10:33 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9885)
Size:   8748
Md5:    71e8e93b5e55f2010013b0814f4e3ae5
Sha1:   4732ba3acc539a0e9ff12d08c1b5a16f535bd594
Sha256: b710ea52f812ac39c5195f0c170142bfcfcc274aa6b250a29a1ed1c59ea58556
                                        
                                            GET /rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         157.240.200.14
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
content-encoding: br
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 13 Nov 2023 04:19:38 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 37KShYF/ynsGi6DsmKojkg==
x-fb-debug: 7xJriGHNsmB5/T1Cwg2g4hhrlkKi0N3SIxzE4Uhhymx2s/s5WJwHZaYdliFwpRkCZST+OzT4OECl4om6NStC4w==
priority: u=3,i
content-length: 16262
x-fb-trip-id: 1679558926
date: Wed, 23 Nov 2022 04:10:33 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  C source, ASCII text, with very long lines (8741)
Size:   16262
Md5:    dfb29285817fca7b068ba0ec98aa2392
Sha1:   78cd49585da28a245a096781c8e0fada59cf2b72
Sha256: 2c4a3a46d7dfaf97bbc16a2b93470d1b3382c0da3f44dca0c987a3384cee43d3
                                        
                                            GET /rsrc.php/v3/yN/l/0,cross/rpeMW_reP7a.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         157.240.200.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
content-encoding: br
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 21 Nov 2023 16:56:20 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: shQ7D8/kml/ss900FNzuvQ==
x-fb-debug: oJH5Z9GK1hwo8ptkgSnLyGB4CPpuZSKkTRzWVNZuqiu96Vv+KxNQ9gGDVeJAnAYkFehVeJVkov93xkZ8ws7LQw==
content-length: 4323
x-fb-trip-id: 1679558926
date: Wed, 23 Nov 2022 04:10:33 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4431)
Size:   4323
Md5:    b2143b0fcfe49a5fecb3dd3414dceebd
Sha1:   2126f221b98f84ced41561752c42fa1ce809610f
Sha256: d282d9db4fd4faddbdc947b13c3f34173b3efceeeaec3ca47a9a112037a6c7ef
                                        
                                            GET /rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         157.240.200.14
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
content-encoding: br
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 10 Nov 2023 14:53:19 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: dvWT6EJnf3PNCgYjKHSyww==
x-fb-debug: Zp1wPiIBW0tAEDCzIG+C15SNLQZuFBAuL7eGPEZ2EcUv1w5gNg/KYnLzpL+Ik9U2mzu8iznakPOFiuJ0CwtpxA==
content-length: 338
x-fb-trip-id: 1679558926
date: Wed, 23 Nov 2022 04:10:33 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (327)
Size:   338
Md5:    76f593e842677f73cd0a06232874b2c3
Sha1:   25a13f79478d5a0e286a2299dca2f3b296463079
Sha256: 74dcbe026002f10b703960a500b50dabe518862e568a9e689dec7afa243fa44d
                                        
                                            GET /rsrc.php/v3iEpO4/yt/l/en_US/JGSM2yXjSKh.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         157.240.200.14
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
content-encoding: br
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 12 Nov 2023 16:53:15 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: MFGQDQOmV927ya+orBHNvQ==
x-fb-debug: 9DqJHAPrdMDmypf/NoQ+1HoYyKVzMkLtJvbIXR4QOJOOPFwO/mdx3WsOTc4adiwZRn2JRwyloMqLbifzUc1b+g==
content-length: 23455
x-fb-trip-id: 1679558926
date: Wed, 23 Nov 2022 04:10:33 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (42048)
Size:   23455
Md5:    3051900d03a657ddbbc9afa8ac11cdbd
Sha1:   557f26734897e137a6678f6d2a81672fc6a34ad2
Sha256: 038035ce01be57324c7e251c8834229b4910f27e3a042912fd7276947e5750df
                                        
                                            GET /rsrc.php/v3/yW/r/0aTHA2C1d6g.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         157.240.200.14
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
content-encoding: br
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 14 Nov 2023 06:04:49 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: VxcAtaHo24jV15AHqRC5Yg==
x-fb-debug: NT+M5oXO8pwkIMnEqGwapf+WVRORcDdI9fHky/3paBQ/wwz6CTFWuVr8ViFofTrTwDWDAUG1I14mocRnBu+xzA==
content-length: 7238
x-fb-trip-id: 1679558926
date: Wed, 23 Nov 2022 04:10:33 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4057)
Size:   7238
Md5:    571700b5a1e8db88d5d79007a910b962
Sha1:   07102cc5f2b19f190830664e1ec6718efb33c011
Sha256: ecccefedaf39e094079b22880aba987993015fbf1b70fd3c63bc57dc10685f11
                                        
                                            GET /rsrc.php/v3/yw/l/0,cross/_RgpdkW75Wy.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         157.240.200.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
content-encoding: br
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 22 Nov 2023 18:06:25 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: VRMR0djlrYmjm6nlouL93g==
x-fb-debug: bTysicilASjDDgG1doKr8u0jPc3z4lDl9nIO6R0cT7UX5QriUXaqp4nMZgWvvDiCANaNDvI8qfoc5Qoh6FSyvA==
priority: u=2
content-length: 3699
x-fb-trip-id: 1679558926
date: Wed, 23 Nov 2022 04:10:33 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3040)
Size:   3699
Md5:    551311d1d8e5ad89a39ba9e5a2e2fdde
Sha1:   b85188f8308705e9eeedd256a6a42623acf47d63
Sha256: f353f63c8d988fb52108e44527a79f10e05e00340f794c9629ba7e835c6f4099
                                        
                                            GET /rsrc.php/v3/y1/l/0,cross/b9TGs_-VwbF.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         157.240.200.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
content-encoding: br
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 22 Nov 2023 18:06:25 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: XV2NRSeeBVmUPW2a97kwtw==
x-fb-debug: X4ROC8NP25Ic54F5XX3l9ytzvy0DfEZ3HrvzLsDaG0UugrnVtP2tuMoB7c+oCpPskpXMRV6rx6gufa1GeFInpQ==
priority: u=2
content-length: 1165
x-fb-trip-id: 1679558926
date: Wed, 23 Nov 2022 04:10:33 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1407)
Size:   1165
Md5:    5d5d8d45279e0559943d6d9af7b930b7
Sha1:   6fd2a6064fd3513425b99ac744410f28d7ba81f6
Sha256: 6eee9c5e3da3e81d758a23614caaf9078776ef4ef73346275d879aa1f945fbf6
                                        
                                            GET /wp-content/uploads/fav.png HTTP/1.1 
Host: xaydunghoangtu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6; wordpress_651d65323a405=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.78.1.150
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Wed, 23 Nov 2022 04:10:33 GMT
content-length: 2835
last-modified: Wed, 21 Oct 2020 10:05:26 GMT
etag: "5f9007e6-b13"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 75 x 75, 8-bit colormap, non-interlaced\012- data
Size:   2835
Md5:    cc0335581d977159824ba2e696868b74
Sha1:   b0998364cd299ffaeea5d071b311237556d25615
Sha256: addc6391fa097b5725125948606dd6ef7bc9f1e9eccf94ce756f5e45eb057919
                                        
                                            GET /rsrc.php/v3/y8/r/qc0dVyw0ZD0.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         157.240.200.14
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
content-encoding: br
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 17 Nov 2023 16:54:49 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: FR6H049PQl5E2chRya7PBQ==
x-fb-debug: XKYCuFqqNH0kZrgnBK9d939R6pWs+fcIzk26id8p6lRkOvr6n2vQtYYz0yMcJoZ8xMvN0Ztyy0Cqwk+0Rwgf4Q==
content-length: 91088
x-fb-trip-id: 1679558926
date: Wed, 23 Nov 2022 04:10:33 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (18622)
Size:   91088
Md5:    151e87d38f4f425e44d9c851c9aecf05
Sha1:   762111e5095f5354be95b98ad476f6e7161ce6b1
Sha256: f236f289f38c8081b496e0537ed3b2c66822e7a743f5d9d4959f955c64b0b2b0
                                        
                                            GET /wp-content/uploads/sl1.jpg HTTP/1.1 
Host: xaydunghoangtu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6; wordpress_651d65323a405=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.78.1.150
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 23 Nov 2022 04:10:33 GMT
content-length: 26738
last-modified: Thu, 29 Oct 2020 04:26:47 GMT
etag: "5f9a4487-6872"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 870x321, components 3\012- data
Size:   26738
Md5:    41f08d6539bf24181a0054886abe3eb0
Sha1:   018b5649e61fbe0cffc16b3569ad5eae55a82d0b
Sha256: ef0a0030a21b99bdce44582a005fd94d239e6c4bee89a19a21e6f0e9a22eeb84
                                        
                                            GET /wp-content/uploads/mong.jpg HTTP/1.1 
Host: xaydunghoangtu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6; wordpress_651d65323a405=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.78.1.150
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 23 Nov 2022 04:10:33 GMT
content-length: 284832
last-modified: Thu, 29 Oct 2020 04:10:51 GMT
etag: "5f9a40cb-458a0"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x622, components 3\012- data
Size:   284832
Md5:    39ce25fdf7dbf46dcbc60d8e5ff7f723
Sha1:   c2ce3a878d8a54a1199330074c29785443a47ff3
Sha256: 3de1db9522d2eef5b0759dd0f19bf54ca8183f3aff6ea5429b8c7a2de0c5117d
                                        
                                            GET /wp-content/uploads/img1-1536x1090.jpg HTTP/1.1 
Host: xaydunghoangtu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6; wordpress_651d65323a405=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.78.1.150
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 23 Nov 2022 04:10:33 GMT
content-length: 251515
last-modified: Thu, 29 Oct 2020 04:27:17 GMT
etag: "5f9a44a5-3d67b"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1536x1090, components 3\012- data
Size:   251515
Md5:    5ea5d899fad2f92b2ec09b073f717c7a
Sha1:   99e01a0a550bde6203063aa7647f896dc26c94ba
Sha256: 305ef9385a102f6b60335cb3f5cb67d83fa0cc82f193deb4ded7c3065506eb4d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3571
Cache-Control: 'max-age=158059'
Date: Wed, 23 Nov 2022 04:10:33 GMT
Etag: "637d0e67-1d7"
Last-Modified: Wed, 23 Nov 2022 03:11:02 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /wp-content/uploads/ONG-ICH-KHIEM-1536x2048.jpg HTTP/1.1 
Host: xaydunghoangtu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6; wordpress_651d65323a405=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.78.1.150
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 23 Nov 2022 04:10:33 GMT
content-length: 582259
last-modified: Fri, 11 Dec 2020 02:40:15 GMT
etag: "5fd2dc0f-8e273"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 1536x2048, components 3\012- data
Size:   582259
Md5:    2393a6b95ef490ed32bf08f52855985f
Sha1:   ec163fff4f83fa15ecfb32b0b4f36aa5f30cac85
Sha256: ea84029b6dbf4dd86e3fab1b6ab2ab119aef397db55c0c27402c630f3763c9f7
                                        
                                            GET /wp-content/uploads/dang-thi-cong-1.jpg HTTP/1.1 
Host: xaydunghoangtu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6; wordpress_651d65323a405=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.78.1.150
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 23 Nov 2022 04:10:33 GMT
content-length: 270558
last-modified: Thu, 29 Oct 2020 04:00:24 GMT
etag: "5f9a3e58-420de"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x622, components 3\012- data
Size:   270558
Md5:    6831a40cf5afc12f3d0a8c0c360c81e1
Sha1:   15be4e34e2e4c2cf3fe083f2a7db623ce2a3a079
Sha256: 9a17c5a27dbe6d6c757f578bf6236b5b801fcdd6db2e529928baa7b09e2e7824
                                        
                                            GET /wp-content/uploads/NAM-hotel.jpg HTTP/1.1 
Host: xaydunghoangtu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6; wordpress_651d65323a405=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.78.1.150
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 23 Nov 2022 04:10:33 GMT
content-length: 223329
last-modified: Thu, 29 Oct 2020 03:40:10 GMT
etag: "5f9a399a-36861"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 991x1200, components 3\012- data
Size:   223329
Md5:    7455f0490ef9025a66119e9309f05090
Sha1:   6cf4a09d49090d828799a71866f60e826337bd23
Sha256: c12831e0184d37e3cb44bb2a182696f60d02237ca500c24abf0d5735d053f98c
                                        
                                            GET /wp-content/uploads/img1.jpg HTTP/1.1 
Host: xaydunghoangtu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6; wordpress_651d65323a405=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.78.1.150
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 23 Nov 2022 04:10:33 GMT
content-length: 229306
last-modified: Thu, 29 Oct 2020 04:27:09 GMT
etag: "5f9a449d-37fba"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1919x1362, components 3\012- data
Size:   229306
Md5:    7a1d51c4cb62091145dc16cccff6f6cc
Sha1:   ce04bc2b15aacb16db0057be8c7726557435e547
Sha256: e0743be91f0eb52969e92c5d94c81bd8a3f2026b16b1719f68fa3bde26004255
                                        
                                            GET /v/t39.30808-1/248663389_10158541204178553_8011492100387814626_n.png?stp=cp0_dst-png_p50x50&_nc_cat=103&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=MICSe4lglV8AX85x1Q2&_nc_ht=scontent.ftbs5-2.fna&edm=ANSO7JkEAAAA&oh=00_AfCLMm4vzDjZtvYcK3uWUhWt11rFmzovvMnSlFHs4qNRVg&oe=638272A6 HTTP/1.1 
Host: scontent.ftbs5-2.fna.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         213.157.214.17
HTTP/2 200 OK
content-type: image/png
                                        
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Thu, 28 Oct 2021 21:41:42 GMT
x-haystack-needlechecksum: 2830878616
x-needle-checksum: 109046106
content-digest: adler32=2101318160
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 1861
date: Wed, 23 Nov 2022 04:10:33 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 50 x 50, 8-bit/color RGB, non-interlaced\012- data
Size:   1861
Md5:    eed6cb6d77d71369f4a8f956e56d9203
Sha1:   bb3ea70519b3686001b32c166023a6131b3525b3
Sha256: 13f1102c83bf42ca9444b1349d0df813fa28d22f74ee7d7fa0bc9fcb553dbe33
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3571
Cache-Control: 'max-age=158059'
Date: Wed, 23 Nov 2022 04:10:33 GMT
Etag: "637d0e67-1d7"
Last-Modified: Wed, 23 Nov 2022 03:11:02 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /wp-content/uploads/ONG-ICH-KHIEM.jpg HTTP/1.1 
Host: xaydunghoangtu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6; wordpress_651d65323a405=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.78.1.150
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 23 Nov 2022 04:10:33 GMT
content-length: 1349938
last-modified: Fri, 11 Dec 2020 02:40:14 GMT
etag: "5fd2dc0e-149932"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x2560, components 3\012- data
Size:   1349938
Md5:    6a5464b262e77a720d42922e60c12774
Sha1:   851ca251014a0a42b6a5b7350b9ac45678e654c8
Sha256: 384d2b213a336190e1ffdeaa42ec1b5f2e242db81ba4b0b3f6de7315745a680b
                                        
                                            GET /v/t39.30808-6/314890194_487568293403511_5506635707078463768_n.jpg?stp=dst-jpg_p75x225&_nc_cat=107&ccb=1-7&_nc_sid=8024bb&_nc_ohc=iX2F7sqBT5wAX8z6Stb&_nc_ht=scontent-arn2-1.xx&oh=00_AfDdKpNUiZqps-xiiQmB2BlvTYR57Ly2B-QuWzYUxr0_Zw&oe=63819618 HTTP/1.1 
Host: scontent-arn2-1.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: image/jpeg
                                        
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Mon, 07 Nov 2022 20:37:59 GMT
x-haystack-needlechecksum: 4219831774
x-needle-checksum: 2763380916
content-digest: adler32=2169749691
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 9795
x-fb-trip-id: 2050670934
date: Wed, 23 Nov 2022 04:10:34 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 349x225, components 3\012- data
Size:   9795
Md5:    c3904e10477edcd93c0c9f847cc76afd
Sha1:   8e6cc6d88249c5c7463b7139e0c7de63c2a5f7f6
Sha256: 46421b01ae7d4d1c07243709f09800f32264f2c7e36b4ab79f47d67014988bf1
                                        
                                            GET /v/t39.30808-6/315756746_493935039433503_1580501792517664426_n.jpg?stp=dst-jpg_p235x350&_nc_cat=103&ccb=1-7&_nc_sid=8024bb&_nc_ohc=r1uN1MCfnD8AX-51F84&_nc_ht=scontent-arn2-1.xx&oh=00_AfA5V4jRWEehQHVv0Ayai73Zvl_fkiprsv-6aoru3GSdGQ&oe=6382BFC0 HTTP/1.1 
Host: scontent-arn2-1.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: image/jpeg
                                        
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Wed, 16 Nov 2022 18:57:44 GMT
x-haystack-needlechecksum: 1267590077
x-needle-checksum: 3476616996
content-digest: adler32=3590548135
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 11724
x-fb-trip-id: 2050670934
date: Wed, 23 Nov 2022 04:10:34 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x350, components 3\012- data
Size:   11724
Md5:    710146e592c45f8fec75359f2dbf03f4
Sha1:   0cbd11ba99529c9b4e3c2215c9d4fddc333c04ac
Sha256: e608f90409f2b149bae45fc506085f3e10bd69123449ef5fe26bc478163daefd
                                        
                                            GET /v/t39.30808-6/315601592_492388656254808_6925285830766631534_n.jpg?stp=dst-jpg_p235x350&_nc_cat=104&ccb=1-7&_nc_sid=8024bb&_nc_ohc=wbNrLwWnuq8AX8t4peN&_nc_ht=scontent-arn2-1.xx&oh=00_AfBvXUMp5_v4PQZ9KuFStj6JuZqcMCxG_B0Zj_5UZ3D0MQ&oe=63820AAF HTTP/1.1 
Host: scontent-arn2-1.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: image/jpeg
                                        
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Mon, 14 Nov 2022 17:09:45 GMT
x-haystack-needlechecksum: 2138646377
x-needle-checksum: 3104704882
content-digest: adler32=257247698
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 24954
x-fb-trip-id: 2050670934
date: Wed, 23 Nov 2022 04:10:34 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x350, components 3\012- data
Size:   24954
Md5:    457832d85e206931987f1324891414c8
Sha1:   e5c29bfb1b3afe96d42ee791d26da1bc9a922e45
Sha256: 7ade0bbb55bb1ed836fda1430aa420a17cfd5eb392db2798ac3972e8afe44bd8
                                        
                                            GET /v/t15.5256-10/316608472_1505968503239775_5156894989005011548_n.jpg?stp=dst-jpg_s350x350&_nc_cat=104&ccb=1-7&_nc_sid=08861d&_nc_ohc=n-GsGkYG2I4AX97S33W&_nc_ht=scontent-arn2-1.xx&oh=00_AfDK5U1Y7W3aYPjkSyy0a-cZnW0DC3yN7ztydazSydyWdA&oe=6381BB84 HTTP/1.1 
Host: scontent-arn2-1.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: image/jpeg
                                        
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 22 Nov 2022 15:01:59 GMT
x-haystack-needlechecksum: 3046911788
x-needle-checksum: 810877521
content-digest: adler32=3906005205
content-length: 9806
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-trip-id: 2050670934
date: Wed, 23 Nov 2022 04:10:34 GMT
x-fb-edge-debug: G5iHgZIAAGQrc9IJYgBiq7TZYYtweYkI8iZdN02gnUVcD5RvvtLYbQBufzt7DNoSt1dEFC7TAqRTt05PSfEMvONUsG3fM6l_izlJeRes9kA
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x197, components 3\012- data
Size:   9806
Md5:    ecd6e1d82cfe052160ecc0aa58867893
Sha1:   1a35efcff053581a1c723c61618aee2a47127a68
Sha256: ca428396d48c4ba0f0d5aa5232da3ce937e5442de9756133577b7ff194dbfaa9
                                        
                                            GET /v/t39.30808-6/315843460_493080806185593_8217138244123855244_n.jpg?stp=dst-jpg_p173x172&_nc_cat=102&ccb=1-7&_nc_sid=8024bb&_nc_ohc=FuLItmcJRkAAX_3vbZI&_nc_ht=scontent-arn2-1.xx&oh=00_AfCtiBf--4C8IBl2Y_5bYj2C2KI1CstJQZJSOaGL5OsMLQ&oe=63824D19 HTTP/1.1 
Host: scontent-arn2-1.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: image/jpeg
                                        
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 15 Nov 2022 16:59:50 GMT
x-haystack-needlechecksum: 1671115695
x-needle-checksum: 4210007317
content-digest: adler32=188126775
content-length: 7019
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-trip-id: 2050670934
date: Wed, 23 Nov 2022 04:10:34 GMT
x-fb-edge-debug: JleyWsjgadmoaTT7ZVE8Vpx3PqGRzadHJZqVq4_Gqjl7brjHxambZYC9q6ps88hfZSnCVrVUPZXif4ZGmbvcPmEP3rtECgZNUKcCavwNKR4
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 328x172, components 3\012- data
Size:   7019
Md5:    5ac55751b4e23606c9be562bb382504f
Sha1:   c13dfa8dc987bed8117bf65d0974034206885c12
Sha256: faaa60013c2c8e54b99fc0244c9a210711febeb17fc77bd3f1a925ced95c8f2f
                                        
                                            GET /v/t39.25447-2/316314680_1032596657699583_5113769031817252280_n.mp4?_nc_cat=100&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfaTRsaXRlYmFzaWNfNXNlY2dvcF9ocTJfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=qSPBUEmBDSEAX_6WQGy&_nc_ht=video-arn2-2.xx&oh=00_AfBA8XvRn6Rtd3DdX13h6RxcqLzTR4jE9nNSG2F_FtT45A&oe=6383220D&bytestart=0&byteend=838 HTTP/1.1 
Host: video-arn2-2.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         157.240.194.21
HTTP/2 200 OK
content-type: video/mp4
                                        
x-storage-error-category: dfs:none;hs_p:206:HS_ERANGE_SUCCESS
last-modified: Tue, 22 Nov 2022 15:01:56 GMT
x-haystack-needlechecksum: 0
x-needle-checksum: 1532965953
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=1532965953
content-length: 839
accept-ranges: bytes
x-fb-trip-id: 436667874
date: Wed, 23 Nov 2022 04:10:34 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ISO Media, MP4 Base Media v5 \012- data
Size:   839
Md5:    0b85a03442ecc6b0e1c015b99ece85f7
Sha1:   79f94ae161e90a3768668f6b8b4fc8b95418a344
Sha256: 1f4d4e0f9b10a6505cf9d72e3fd86f94e70b22ec33e1a8e1eeca5cffec757235
                                        
                                            GET /v/t42.1790-2/316744112_799849194421586_6998189324204669477_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=bqVdD3XYozMAX9pTZsb&_nc_ht=video-arn2-2.xx&oh=00_AfDwhpRivOJheQ48OwUrNjwMTkNDh2A69fpU6Qv7pEvQCQ&oe=637DC725&bytestart=0&byteend=782 HTTP/1.1 
Host: video-arn2-2.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         157.240.194.21
HTTP/2 200 OK
content-type: video/mp4
                                        
x-storage-error-category: dfs:none;hs_p:206:HS_ERANGE_SUCCESS
last-modified: Tue, 22 Nov 2022 15:02:40 GMT
x-haystack-needlechecksum: 0
x-needle-checksum: 272321244
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=272321244
content-length: 783
accept-ranges: bytes
x-fb-trip-id: 436667874
date: Wed, 23 Nov 2022 04:10:34 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ISO Media, MP4 Base Media v5 \012- data
Size:   783
Md5:    9731e131852488c4d429cfe261a7be5f
Sha1:   1b65abcadd1433bb518a6080076c4bbe993d0829
Sha256: b165cc34f2368dd13bd99c1a73a776340c6c8b7d7a6df49116ea547fc4255f95
                                        
                                            GET /v/t42.1790-2/316744112_799849194421586_6998189324204669477_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=bqVdD3XYozMAX9pTZsb&_nc_ht=video-arn2-2.xx&oh=00_AfDwhpRivOJheQ48OwUrNjwMTkNDh2A69fpU6Qv7pEvQCQ&oe=637DC725&bytestart=783&byteend=1990 HTTP/1.1 
Host: video-arn2-2.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         157.240.194.21
HTTP/2 200 OK
content-type: video/mp4
                                        
x-storage-error-category: dfs:none;hs_p:206:HS_ERANGE_SUCCESS
last-modified: Tue, 22 Nov 2022 15:02:40 GMT
x-haystack-needlechecksum: 0
x-needle-checksum: 272321244
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=272321244
content-length: 1208
accept-ranges: bytes
x-fb-trip-id: 436667874
date: Wed, 23 Nov 2022 04:10:34 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1208
Md5:    6bd07906be2de217417eceb4cbaa9c5f
Sha1:   bdf570da5d7c5ca12cb5bcdd9ae97fcfb0629d2b
Sha256: cbe09e57bb10352dcd2aa2912bcc782e427077c1450ae78cae59371947c68260
                                        
                                            GET /v/t39.25447-2/316314680_1032596657699583_5113769031817252280_n.mp4?_nc_cat=100&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfaTRsaXRlYmFzaWNfNXNlY2dvcF9ocTJfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=qSPBUEmBDSEAX_6WQGy&_nc_ht=video-arn2-2.xx&oh=00_AfBA8XvRn6Rtd3DdX13h6RxcqLzTR4jE9nNSG2F_FtT45A&oe=6383220D&bytestart=839&byteend=1338 HTTP/1.1 
Host: video-arn2-2.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         157.240.194.21
HTTP/2 200 OK
content-type: video/mp4
                                        
x-storage-error-category: dfs:none;hs_p:206:HS_ERANGE_SUCCESS
last-modified: Tue, 22 Nov 2022 15:01:56 GMT
x-haystack-needlechecksum: 0
x-needle-checksum: 1532965953
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=1532965953
content-length: 500
accept-ranges: bytes
x-fb-trip-id: 436667874
date: Wed, 23 Nov 2022 04:10:34 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /v/t42.1790-2/316744112_799849194421586_6998189324204669477_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=bqVdD3XYozMAX9pTZsb&_nc_ht=video-arn2-2.xx&oh=00_AfDwhpRivOJheQ48OwUrNjwMTkNDh2A69fpU6Qv7pEvQCQ&oe=637DC725&bytestart=1991&byteend=18610 HTTP/1.1 
Host: video-arn2-2.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         157.240.194.21
HTTP/2 200 OK
content-type: video/mp4
                                        
x-storage-error-category: dfs:none;hs_p:206:HS_ERANGE_SUCCESS
last-modified: Tue, 22 Nov 2022 15:02:40 GMT
x-haystack-needlechecksum: 0
x-needle-checksum: 272321244
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=272321244
content-length: 16620
accept-ranges: bytes
x-fb-trip-id: 436667874
date: Wed, 23 Nov 2022 04:10:34 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Maple something\012- data
Size:   16620
Md5:    1d0378818837b558c0a4e50bff9b5fc5
Sha1:   381fbaae9ba02130bb36950ef505ebd33b88773d
Sha256: 55162240d9af4ee3e8fbcbe3e0dabcad877a660a5566825eb29361cb77b4e934
                                        
                                            GET /v/t39.25447-2/316314680_1032596657699583_5113769031817252280_n.mp4?_nc_cat=100&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfaTRsaXRlYmFzaWNfNXNlY2dvcF9ocTJfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=qSPBUEmBDSEAX_6WQGy&_nc_ht=video-arn2-2.xx&oh=00_AfBA8XvRn6Rtd3DdX13h6RxcqLzTR4jE9nNSG2F_FtT45A&oe=6383220D&bytestart=1339&byteend=646623 HTTP/1.1 
Host: video-arn2-2.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         157.240.194.21
HTTP/2 200 OK
content-type: video/mp4
                                        
x-storage-error-category: dfs:none;hs_p:206:HS_ERANGE_SUCCESS
last-modified: Tue, 22 Nov 2022 15:01:56 GMT
x-haystack-needlechecksum: 0
x-needle-checksum: 1532965953
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=1532965953
content-length: 645285
accept-ranges: bytes
x-fb-trip-id: 436667874
date: Wed, 23 Nov 2022 04:10:34 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   645285
Md5:    7efb956b143d9cc5ebe0f9ebc922ee91
Sha1:   26beee5bd53280b1f10deb4972337b25a8e0e199
Sha256: 0b2f7ac8af005be0c004fd6f4adf2d9ac88cccc145f1e2803fdee52225a39208
                                        
                                            GET /v/t39.2093-6/316540121_810899923318003_8692231635028652731_n.srt?_nc_cat=105&ccb=1-7&_nc_sid=8d539b&_nc_ohc=ASqBybF-hYIAX-3Jb3H&_nc_ht=scontent-arn2-2.xx&oh=00_AfD2kZxHOevef-pezon20hI91lg4-VPoeePmNM7EJ6uI5w&oe=63822FC3 HTTP/1.1 
Host: scontent-arn2-2.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         157.240.194.27
HTTP/2 200 OK
content-type: text/srt
                                        
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 22 Nov 2022 15:01:19 GMT
x-haystack-needlechecksum: 3193521733
x-needle-checksum: 675278387
content-digest: adler32=675278387
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: max-age=1209600, no-transform
content-length: 5171
x-fb-trip-id: 1904183273
date: Wed, 23 Nov 2022 04:10:34 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   5171
Md5:    d534904782c04eaa77b96f673e0cecec
Sha1:   eabc4f44bc2e0abc1e9a2c863d93992713668f1f
Sha256: 0faaff606028491b473cf6feb23e750d7b9f6cf5cdf530911b228264b3e497b8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9766
x-amzn-requestid: ca8b7a9f-3c1a-419d-953e-2944bf820e5e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcR_Hd4IAMFWUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d40d9-4ca5e9b2476a47cd199b9cba;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:36:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RZqqB_Aaam7hYpdAB2fbx-i3iQth9M-OgA25IgCB5Uz0swqVi3-bVg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:48:19 GMT
age: 22937
etag: "663cace8681891ad55943dd0273493aa9474d102"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9766
Md5:    3e8d7af3a5d030774447a0f71c7824f0
Sha1:   663cace8681891ad55943dd0273493aa9474d102
Sha256: 22068df04672281e392caa485259df103d591ab247c3eb5e0ccba10ffd8a9ef0
                                        
                                            GET /wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.11.3 HTTP/1.1 
Host: xaydunghoangtu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.78.1.150
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Wed, 23 Nov 2022 04:10:31 GMT
content-length: 171232
last-modified: Mon, 25 May 2020 10:27:08 GMT
etag: "5ecb9d7c-29ce0"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Roboto%3Aregular%2Cregular%2Cregular%2Cregular%7CPattaya%3Aregular%2Cregular&display=swap&ver=3.9 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Nov 2022 04:10:31 GMT
date: Wed, 23 Nov 2022 04:10:31 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---