r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16983
Expires: Wed, 23 Nov 2022 08:53:30 GMT
Date: Wed, 23 Nov 2022 04:10:27 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b59d95402dfb464c176610284ba13f65
1a6c62fb0d48654dd204b66161bb03fefe60f71a
40cfd59b890ec5a3570603d28d90bd7e5c506babd52c2ece93e09f1c7b2a6880
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6282
Cache-Control: max-age=115530
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:10:27 GMT
Etag: "637ca4f3-1d7"
Expires: Thu, 24 Nov 2022 12:15:57 GMT
Last-Modified: Tue, 22 Nov 2022 10:31:15 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12929
Expires: Wed, 23 Nov 2022 07:45:56 GMT
Date: Wed, 23 Nov 2022 04:10:27 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 23 Nov 2022 04:09:27 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 60
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: SFsb08kqMZSjP4EsyqlXqgIr12EUvnScyXDSUnv0MqFdjZDwz8u4LN/dNd+ZTFNT3vAQd7JzVN0=
x-amz-request-id: H9XS7T5BZX4AH5B8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 23 Nov 2022 03:39:50 GMT
age: 1837
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:10:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
xaydunghoangtu.com/
112.78.1.150301 Moved Permanently 303 B IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9ac948cfdc36545bd262570c6bd19a6c
9cfd48eab729347e588f3383b60085e3226fc80f
762e71a4d54872e1eb8c3400c0bb5ef82ee6edcc5bff9e1051b6935cd1727273
GET / HTTP/1.1
Host: xaydunghoangtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 23 Nov 2022 04:10:28 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 303
Connection: keep-alive
Location: https://xaydunghoangtu.com/
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 23 Nov 2022 03:11:11 GMT
cache-control: public,max-age=3600
age: 3557
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8a181d95550cfdf3b1fc4deb71631e40
37866f7293c41fbfb817e321754cae5c5bf59f93
6aa3d2763181cc48d2ad0ce7d227f3cb3324045c3f7858ccdbae675768dcec55
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4549
Cache-Control: max-age=108736
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:10:28 GMT
Etag: "637c912f-1d7"
Expires: Thu, 24 Nov 2022 10:22:44 GMT
Last-Modified: Tue, 22 Nov 2022 09:06:55 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6971e15ce18485b9ee682f2e43116b8c
e1f41860f0d307eba3737e18f4c3e1f3ab77b8ea
4f14eec518814ea3182dbb93c0a7fb75a540d96c1aff0ce8f44d7700274ee9f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F14EEC518814EA3182DBB93C0A7FB75A540D96C1AFF0CE8F44D7700274EE9F9"
Last-Modified: Wed, 23 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21526
Expires: Wed, 23 Nov 2022 10:09:14 GMT
Date: Wed, 23 Nov 2022 04:10:28 GMT
Connection: keep-alive
push.services.mozilla.com/
54.200.107.47101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.200.107.47:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: w56TVpFZnR9CIxZWatm/QA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jyu7uyNNTYQw50X9EtCuX5qePyY=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16802
Expires: Wed, 23 Nov 2022 08:50:31 GMT
Date: Wed, 23 Nov 2022 04:10:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16802
Expires: Wed, 23 Nov 2022 08:50:31 GMT
Date: Wed, 23 Nov 2022 04:10:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16802
Expires: Wed, 23 Nov 2022 08:50:31 GMT
Date: Wed, 23 Nov 2022 04:10:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16802
Expires: Wed, 23 Nov 2022 08:50:31 GMT
Date: Wed, 23 Nov 2022 04:10:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc29cc891-05a6-43aa-910c-6255241c5cdb.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc29cc891-05a6-43aa-910c-6255241c5cdb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1387520c00b2ce57c6e49fd89afbfe83
5404be7e1fff033a5cccc15164d77b7e96a48a81
2f0fe787a2b2da38cf134a08dc4addf281e6f96761df33780b1a74d037573d58
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc29cc891-05a6-43aa-910c-6255241c5cdb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12244
x-amzn-requestid: a01b2328-438f-4d94-94e2-77d5a44d4d65
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1jGjGqsoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63787ef6-094db925714fac2c71bc2679;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 07:00:06 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: q-ciGssIUXEi_5vn91CqzSGSBlnrszvDBewZYBdFrywPvpWHSWH0lQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 5c35539543902c678280929df206948c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:56:30 GMT
age: 18839
etag: "5404be7e1fff033a5cccc15164d77b7e96a48a81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02321462-ee42-483c-b25f-8e011f1a5f17.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02321462-ee42-483c-b25f-8e011f1a5f17.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3aa134e9259a4f258a832e223bcd5825
3648297257e246e7ec4541fef1ee549523c04f02
3abcd9f270d477b813f145b6c6ccc6c881c705a05976627762db58c4a1f4b76a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02321462-ee42-483c-b25f-8e011f1a5f17.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8128
x-amzn-requestid: 0ba11562-ea07-4058-8d6e-ac079ce63ab0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCNLcEtgoAMFVVg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8f15-3079e77022f090b112ae1804;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:10:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ymhH-B1HNHKAFHs6-zOa97ehcX4h1lV0ZLgVMoKNIdWfMpYQzy3g4w==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 03:26:08 GMT
age: 2661
etag: "3648297257e246e7ec4541fef1ee549523c04f02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6d2c986e076309d51d199332caebb07a
343a5bfba0f8fec28f9345f276b44f44c6eaf6a6
64e6fba6a45c70c1db6040a2273472774c00257bef373cc45b6ca00cb819681a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9138
x-amzn-requestid: 524e565e-a9fb-45f9-b786-d64cf26a3cdf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcAAHG8IAMFhwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d4066-3689e70e6212e9e77dc134f4;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:34:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cwu__NPGaU0zyAG0H1yZhmjGsFzvNmzsGv6Zt9hrF5gwSysEio2MjA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:09:16 GMT
age: 21673
etag: "343a5bfba0f8fec28f9345f276b44f44c6eaf6a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 481c033b9ffd030ff0de6e35cf788b47
85d3baad9217af2b5d75c019d2ef95dbb919a788
02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 65a3db77-b2e6-40b9-a776-021c2e9b56d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bubSsHbZoAMFZNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375a5aa-1286b97968cc2e4c7fe8ab29;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 03:08:26 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: _j5ykGwKHIQEFLyuJK_OMvs-CsCvkUQhZc_YD8gAtbyOECQ894zvjw==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 abbf2df97f9d83839470842dc2e68cb6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 05:19:29 GMT
age: 82260
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f13f0a4-9e67-4f61-9165-83b87312d9cb.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f13f0a4-9e67-4f61-9165-83b87312d9cb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 309227dc1b5f9193c6be8f5a010fa348
dff12e88a784a954012f257d3689862c52251d01
2d52b83ff0a58c41bf2e38abf8fce13eb87b5ecfce144ff0edc1bfadd254b452
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f13f0a4-9e67-4f61-9165-83b87312d9cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8081
x-amzn-requestid: cafd3337-7bb8-4e2d-91d4-a33439a32b80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcAMEwgoAMFl-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d4067-6074dcae15d9194513916d48;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:34:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0qleUIXFjvOqr3SeTpnFnVnhacI-ps0Fc33zsWp3eynFDhYOasUpPw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:56:48 GMT
age: 22421
etag: "dff12e88a784a954012f257d3689862c52251d01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb450e2a1-222f-4dfe-850a-f862cd102c3e.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb450e2a1-222f-4dfe-850a-f862cd102c3e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 21fc9852ed2db17695d7038195b9283f
cda806d600c9e63e50d8ec42549fb107e4915068
55a7098369eb94f4333a1079ed6ad570121b7c76eeafb35022224b86d9b7edbb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb450e2a1-222f-4dfe-850a-f862cd102c3e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6910
x-amzn-requestid: 0d4fa715-c66a-4bcb-985c-f2c2ea71b3a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-pvrF-xoAMFSMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c2330-67041f796d1906cc51e31b73;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 01:17:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mpgJn1_loQQQ8CMtSWPy1hYUI5IyYpb2OdU1ycqP-v6AGNlMq4PG-g==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:56:30 GMT
age: 18839
etag: "cda806d600c9e63e50d8ec42549fb107e4915068"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
xaydunghoangtu.com/
112.78.1.150200 OK 21 kB IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (17311), with CRLF, LF line terminators
Hash 2296d09d5c4648afa50e9e8f8e369722
4153d4dece4404cd4adc9a00af77ad57029c012b
7b6e4f549a484306b9679a0d52dabb5329d75ff85e3a60e910d1575be4e93c6b
GET / HTTP/1.1
Host: xaydunghoangtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:10:30 GMT
content-type: text/html; charset=UTF-8
content-length: 20795
x-powered-by: PHP/7.3.5
x-pingback: https://xaydunghoangtu.com/xmlrpc.php
link: <https://xaydunghoangtu.com/wp-json/>; rel="https://api.w.org/", <https://xaydunghoangtu.com/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json", <https://xaydunghoangtu.com/>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash eb526d16fc4a304286cf261dc5d8abea
0aed946d28abc21cb11657e6f864b561a0c68fba
551520b0344d58c1b4ddc9dfb452da2acf43080871a7037f4530eec48fb86362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:10:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.imgur.com/v8TniL3.png
151.101.84.193200 OK 2.8 kB IP 151.101.84.193:0
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 4dd8a1adce2e600f1102391c34a0dbac
a148737ab4ee3cfc830a4cc57a71ad3aac5eda89
d33e3b60894e808e93338eab672097fa142110ecdb9245628457b703da41dae4
GET /v8TniL3.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 06 Sep 2016 09:27:17 GMT
etag: "4dd8a1adce2e600f1102391c34a0dbac"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 23 Nov 2022 04:10:31 GMT
age: 4828908
x-served-by: cache-iad-kiad7000082-IAD, cache-bma1628-BMA
x-cache: HIT, HIT
x-cache-hits: 14077, 1
x-timer: S1669176631.299148,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 2847
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash eb526d16fc4a304286cf261dc5d8abea
0aed946d28abc21cb11657e6f864b561a0c68fba
551520b0344d58c1b4ddc9dfb452da2acf43080871a7037f4530eec48fb86362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:10:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
xaydunghoangtu.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.9
112.78.1.150200 OK 54 kB URL HTTP/2 xaydunghoangtu.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.9
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (27100)
Hash 2e7e1d1c1d4d446a1b6b63295757d859
27a1d9dcbdc4aff486016b5c9f3ece6ad0c028c1
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.5.9 HTTP/1.1
Host: xaydunghoangtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:10:31 GMT
content-type: text/css
content-length: 53907
last-modified: Fri, 25 Sep 2020 03:48:14 GMT
etag: "5f6d687e-d293"
accept-ranges: bytes
X-Firefox-Spdy: h2
xaydunghoangtu.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.3.2
112.78.1.150200 OK 1.9 kB URL HTTP/2 xaydunghoangtu.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.3.2
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
Hash a2e915fb21387a23a3578cb1b2b5a724
c3601301dacf90fc9eede9363f2698d922c05327
fbf8ab57db7f9981bd71d79c7daaa01a3c578ffa0aa8e9b4a9b2bfe2e9927427
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.3.2 HTTP/1.1
Host: xaydunghoangtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:10:31 GMT
content-type: text/css
content-length: 1920
last-modified: Sun, 20 Dec 2020 03:34:01 GMT
etag: "5fdec629-780"
accept-ranges: bytes
X-Firefox-Spdy: h2
xaydunghoangtu.com/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.11
112.78.1.150200 OK 161 B URL HTTP/2 xaydunghoangtu.com/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.11
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (327)
Hash b99e67fe7419c667a1d0236a1823a1f6
6e8bf1cbcac35ea75637be52099b2de73dba7c7d
38be94774abf0e8cfe78738ff13d9c6323f92fc4df3acbb6423a8d44f64a66b7
GET /wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.11 HTTP/1.1
Host: xaydunghoangtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:10:31 GMT
content-type: text/css
content-length: 161
x-accel-version: 0.01
last-modified: Mon, 25 May 2020 10:27:08 GMT
etag: "148-5a6766bc55700-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
xaydunghoangtu.com/wp-content/plugins/wp-phonering/css/style.css?ver=5.5.9
112.78.1.150200 OK 15 kB URL HTTP/2 xaydunghoangtu.com/wp-content/plugins/wp-phonering/css/style.css?ver=5.5.9
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (1358), with CRLF line terminators
Hash 74dec19089b1713e9d9467560de6bc8e
1c01b0589ec2b3c57bc3bf4f07448c89daf3f36d
9069a5b2cdcb61f6ec49c89053847735a391389e480f562daf53445073266d7b
GET /wp-content/plugins/wp-phonering/css/style.css?ver=5.5.9 HTTP/1.1
Host: xaydunghoangtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:10:31 GMT
content-type: text/css
content-length: 15318
last-modified: Fri, 21 Sep 2018 05:02:54 GMT
etag: "5ba47b7e-3bd6"
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d69a1c0b850cd97271c4d9ccf071e754
5af2caa238f91da826871ab1197ce2100ae4fbe9
ed4aec411fd30d5459779fc073eaea80295660f194480496df7595df8a3cc8bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ED4AEC411FD30D5459779FC073EAEA80295660F194480496DF7595DF8A3CC8BB"
Last-Modified: Mon, 21 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 23 Nov 2022 10:10:31 GMT
Date: Wed, 23 Nov 2022 04:10:31 GMT
Connection: keep-alive
www.googl-e.top/I
149.28.250.63200 OK 17 kB IP 149.28.250.63:0
File type ASCII text, with very long lines (17035), with no line terminators
Hash 8ead1abffcb03bd2e99e87fd66d5e0f6
f3d6cca4696e79afac7a89770c9b522a8cc1a7f2
d0af3b3dd25f98e931a4f45f126cc93fdef0edc92c20281d7e5b28e9419d046f
Analyzer Verdict Alert fortinet Malware
GET /I HTTP/1.1
Host: www.googl-e.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:10:31 GMT
content-type: application/octet-stream
content-length: 17035
last-modified: Wed, 18 Aug 2021 04:41:45 GMT
etag: "611c8f89-428b"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
xaydunghoangtu.com/wp-content/themes/noi-that/style.css?ver=3.0
112.78.1.150200 OK 224 B URL HTTP/2 xaydunghoangtu.com/wp-content/themes/noi-that/style.css?ver=3.0
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
Hash eeeef5cab0f3ab11703e783a4b38f6e3
ca35a26565914c43e71fd88dff98018676b2bb7d
555e047b9efcdde1271be3083141cabe42c805e471f4c9d96be3289afe854a06
GET /wp-content/themes/noi-that/style.css?ver=3.0 HTTP/1.1
Host: xaydunghoangtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:10:31 GMT
content-type: text/css
content-length: 224
x-accel-version: 0.01
last-modified: Fri, 21 Sep 2018 05:02:54 GMT
etag: "12d-5765a8d575b80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
xaydunghoangtu.com/wp-content/plugins/contentprotector/js/jquery.watermark.js?ver=5.5.9
112.78.1.150200 OK 9.3 kB URL HTTP/2 xaydunghoangtu.com/wp-content/plugins/contentprotector/js/jquery.watermark.js?ver=5.5.9
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
Hash f9d4fee139f7f3d213f2fd6347358d48
34d7d930f0384edd1f59dcf5a967e7b316c0bb9a
bddc0dc58f470d12ff00cd65e0ed9a5a2ccd6704a796649fa5f2784f6fe61c75
GET /wp-content/plugins/contentprotector/js/jquery.watermark.js?ver=5.5.9 HTTP/1.1
Host: xaydunghoangtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:10:31 GMT
content-type: application/javascript
content-length: 9332
last-modified: Fri, 21 Sep 2018 05:02:54 GMT
etag: "5ba47b7e-2474"
accept-ranges: bytes
X-Firefox-Spdy: h2
xaydunghoangtu.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3.2
112.78.1.150200 OK 14 kB URL HTTP/2 xaydunghoangtu.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3.2
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
Hash f89263c0c2f24398a1df52eead69f5f8
850e9cfb1680eb1df4365889724e69f38df7bb9e
125ec330f66081e7dc9f2814e9ec18f4e2d0baa1936d497375eedfda7ac12e5c
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3.2 HTTP/1.1
Host: xaydunghoangtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:10:31 GMT
content-type: application/javascript
content-length: 14280
last-modified: Sun, 20 Dec 2020 03:34:01 GMT
etag: "5fdec629-37c8"
accept-ranges: bytes
X-Firefox-Spdy: h2
xaydunghoangtu.com/wp-includes/js/hoverIntent.min.js?ver=1.8.1
112.78.1.150200 OK 1.1 kB URL HTTP/2 xaydunghoangtu.com/wp-includes/js/hoverIntent.min.js?ver=1.8.1
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (1087)
Hash 1cb41e780b9b6dbbf6ea0a3882da09de
9603305218e09c3c10be9a95b0ef8c7eaa5245ed
495d2f8c8b7f1bbd664c2c10c086a644e63e4934b9734813b27956a34709eea4
GET /wp-includes/js/hoverIntent.min.js?ver=1.8.1 HTTP/1.1
Host: xaydunghoangtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:10:31 GMT
content-type: application/javascript
content-length: 1122
last-modified: Fri, 16 Apr 2021 21:52:24 GMT
etag: "607a0718-462"
accept-ranges: bytes
X-Firefox-Spdy: h2
xaydunghoangtu.com/wp-content/uploads/logo.png
112.78.1.150200 OK 5.1 kB URL HTTP/2 xaydunghoangtu.com/wp-content/uploads/logo.png
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type PNG image data, 286 x 75, 8-bit colormap, non-interlaced\012- data
Hash 74a76fb801c01822da2c350d432b5b11
4a7f041177b1850fc275c9d8472ccc2331517d9c
ec844cdf7af0406e55951ed981a8f3823d343cc2bbfb1e516ced0f2012d31e2c
GET /wp-content/uploads/logo.png HTTP/1.1
Host: xaydunghoangtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:10:31 GMT
content-type: image/png
content-length: 5148
last-modified: Wed, 21 Oct 2020 03:22:52 GMT
etag: "5f8fa98c-141c"
accept-ranges: bytes
X-Firefox-Spdy: h2
xaydunghoangtu.com/wp-content/themes/flatsome/inc/extensions/flatsome-lazy-load/flatsome-lazy-load.js?ver=3.11.3
112.78.1.150200 OK 2.4 kB URL HTTP/2 xaydunghoangtu.com/wp-content/themes/flatsome/inc/extensions/flatsome-lazy-load/flatsome-lazy-load.js?ver=3.11.3
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
Hash 30bef76f6c5678740a4b7c4b1e0ca3b5
df55c00da88a6345d1b91bf64eb6fd3d144120c0
ef8fea302c93f5619c53b4b7f8435c3d7dbaf5a4296593fb9f353e574c9b34d4
GET /wp-content/themes/flatsome/inc/extensions/flatsome-lazy-load/flatsome-lazy-load.js?ver=3.11.3 HTTP/1.1
Host: xaydunghoangtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:10:31 GMT
content-type: application/javascript
content-length: 2355
last-modified: Mon, 25 May 2020 10:27:08 GMT
etag: "5ecb9d7c-933"
accept-ranges: bytes
X-Firefox-Spdy: h2
xaydunghoangtu.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
112.78.1.150200 OK 97 kB URL HTTP/2 xaydunghoangtu.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (31997)
Hash 49edccea2e7ba985cadc9ba0531cbed1
f8747f8ee704d9af31d0950015e01d3f9635b070
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: xaydunghoangtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:10:31 GMT
content-type: application/javascript
content-length: 96873
last-modified: Sun, 24 May 2020 14:24:14 GMT
etag: "5eca838e-17a69"
accept-ranges: bytes
X-Firefox-Spdy: h2
xaydunghoangtu.com/wp-includes/js/wp-embed.min.js?ver=5.5.9
112.78.1.150200 OK 1.4 kB URL HTTP/2 xaydunghoangtu.com/wp-includes/js/wp-embed.min.js?ver=5.5.9
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (1391)
Hash 905225d5711b559d3092387d5ffbedbd
6f6c39075263bafb9e8c10f1b34a1a0f7ee03c9d
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
GET /wp-includes/js/wp-embed.min.js?ver=5.5.9 HTTP/1.1
Host: xaydunghoangtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:10:31 GMT
content-type: application/javascript
content-length: 1426
last-modified: Fri, 16 Apr 2021 21:52:24 GMT
etag: "607a0718-592"
accept-ranges: bytes
X-Firefox-Spdy: h2
xaydunghoangtu.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.9
112.78.1.150200 OK 14 kB URL HTTP/2 xaydunghoangtu.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.9
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (11272)
Hash 878184c5d285d4d52d926d36ef19b718
dd260ffe0f8e3f38f58efd23cac8a1e5c788dad9
07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.5.9 HTTP/1.1
Host: xaydunghoangtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:10:31 GMT
content-type: application/javascript
content-length: 14229
last-modified: Fri, 16 Apr 2021 21:52:24 GMT
etag: "607a0718-3795"
accept-ranges: bytes
X-Firefox-Spdy: h2
xaydunghoangtu.com/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.11.3
112.78.1.150200 OK 137 kB URL HTTP/2 xaydunghoangtu.com/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.11.3
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (65536), with no line terminators
Size 137 kB (137381 bytes)
Hash 6a2aef4f091830213dce3fb463577396
6a8513f28a8d4667a4ccb18d339d99675eaae256
46f0b12040dc9b4012bab1dfb8e021276c3abd1508ebfd7bbe117eb4e4842147
GET /wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.11.3 HTTP/1.1
Host: xaydunghoangtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:10:31 GMT
content-type: text/css
content-length: 137381
last-modified: Mon, 25 May 2020 10:27:08 GMT
etag: "5ecb9d7c-218a5"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ed3ae8e878b9c8c9c5fc3ab22d8547d6
e4d08dc74fa84a3bcc9d442e225e8f7a6c124822
e135b6fb23500cb2edbf836719ed450cdb6b1e86b7c8491289cb4e1ccbd9ce84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:10:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0be3e3b6a55789993d7a1a175bb8e335
70e1b2ef23731397872aa67d3da9f97d40e4fad4
155e55bec061fd76dc2a73b570ebbac9ad17f22e95394c7bf96094a0729a7a54
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1720
Cache-Control: max-age=103745
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:10:32 GMT
Etag: "637c88c1-1d7"
Expires: Thu, 24 Nov 2022 08:59:37 GMT
Last-Modified: Tue, 22 Nov 2022 08:30:57 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xaydunghoangtu.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:34:08 GMT
expires: Thu, 16 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 549384
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:10:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
216.58.207.195200 OK 5.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 5560, version 1.0\012- data
Hash ca3b09b62fda648a4511700413313fd0
109cd4c5435bd6614391bb8722c47c287c96b2ec
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xaydunghoangtu.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5560
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:36:26 GMT
expires: Thu, 16 Nov 2023 19:36:26 GMT
cache-control: public, max-age=31536000
age: 549246
last-modified: Wed, 11 May 2022 19:24:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:10:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ed3ae8e878b9c8c9c5fc3ab22d8547d6
e4d08dc74fa84a3bcc9d442e225e8f7a6c124822
e135b6fb23500cb2edbf836719ed450cdb6b1e86b7c8491289cb4e1ccbd9ce84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:10:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/pattaya/v12/ea8ZadcqV_zkHY-XBdmt9lZE.woff2
216.58.207.195200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/pattaya/v12/ea8ZadcqV_zkHY-XBdmt9lZE.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 27628, version 1.0\012- data
Hash 642a3c33ce6ce8e988fa22bec8080a4e
1086d0d895f42f92803fc0dc9291e18ded02cbd7
df374f09dc3ab5a1e6946b5008a073c15893325e9389c694d2aeb3707645f5a6
GET /s/pattaya/v12/ea8ZadcqV_zkHY-XBdmt9lZE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xaydunghoangtu.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Nov 2022 23:23:08 GMT
expires: Sat, 18 Nov 2023 23:23:08 GMT
cache-control: public, max-age=31536000
age: 362844
last-modified: Mon, 09 May 2022 18:41:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/pattaya/v12/ea8ZadcqV_zkHY-XBdet9g.woff2
216.58.207.195200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/pattaya/v12/ea8ZadcqV_zkHY-XBdet9g.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 28456, version 1.0\012- data
Hash 34cc6407abc92c582808c68d94a42789
1943f3e519da0b48e4b3d9db8b0717dad14d34bf
f0faa7c8751a05b3c5db21846b5385fc3f3539b606019544da361422b3a8cf33
GET /s/pattaya/v12/ea8ZadcqV_zkHY-XBdet9g.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xaydunghoangtu.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28456
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 17:04:27 GMT
expires: Fri, 17 Nov 2023 17:04:27 GMT
cache-control: public, max-age=31536000
age: 471965
last-modified: Mon, 09 May 2022 18:41:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
216.58.207.195200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 11872, version 1.0\012- data
Hash 87ace20058325aa069320aa4af875dff
b743548770c46d905ae1ba06310bc001c587fe8e
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xaydunghoangtu.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:35:48 GMT
expires: Thu, 16 Nov 2023 19:35:48 GMT
cache-control: public, max-age=31536000
age: 549284
last-modified: Wed, 11 May 2022 19:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:10:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0be3e3b6a55789993d7a1a175bb8e335
70e1b2ef23731397872aa67d3da9f97d40e4fad4
155e55bec061fd76dc2a73b570ebbac9ad17f22e95394c7bf96094a0729a7a54
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1720
Cache-Control: max-age=103745
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:10:32 GMT
Etag: "637c88c1-1d7"
Expires: Thu, 24 Nov 2022 08:59:37 GMT
Last-Modified: Tue, 22 Nov 2022 08:30:57 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
xaydunghoangtu.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2
112.78.1.150200 OK 6.3 kB URL HTTP/2 xaydunghoangtu.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type Web Open Font Format (Version 2), TrueType, length 6324, version 1.0\012- data
Hash d9356327d9a0b9b2e0b6463bf4de84fc
299377cf02818146da634c8a3bec142e070d365c
c668ae222955eab81e26e7ce6293f4b7a7cd1f9febe475038cac0af6d11975e1
GET /wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2 HTTP/1.1
Host: xaydunghoangtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://xaydunghoangtu.com/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.11
Cookie: HssSb3942757=6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:10:32 GMT
content-type: application/octet-stream
content-length: 6324
last-modified: Mon, 25 May 2020 10:27:08 GMT
etag: "5ecb9d7c-18b4"
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/pattaya/v12/ea8ZadcqV_zkHY-XBdit9lZE.woff2
216.58.207.195200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/pattaya/v12/ea8ZadcqV_zkHY-XBdit9lZE.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 13132, version 1.0\012- data
Hash 9841cdb373efb391dbf2255e8c36f5a8
df7986195c674ac305701758e98b557760417cbc
783bf68cbf16c5cac123c2f17ff7d11f263b04be308bebae13977db8fda7f6d7
GET /s/pattaya/v12/ea8ZadcqV_zkHY-XBdit9lZE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xaydunghoangtu.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13132
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Nov 2022 07:47:37 GMT
expires: Sat, 18 Nov 2023 07:47:37 GMT
cache-control: public, max-age=31536000
age: 418976
last-modified: Mon, 09 May 2022 18:40:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 1.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (1984)
Hash 16f083b23b565db9d2f20d1ad75933c1
6d74ad139c96b1e3fc9d541419788b5b4893ec9a
36b909cd9132a8996a1bbb221d05217c31506a6951bb408deeea6aa612dc4200
GET /rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 13 Nov 2023 04:19:34 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: FvCDsjtWXbnS8g0a11kzwQ==
x-fb-debug: Q4SZcgQTAabjDzD2+gKJKr6ziyQ06wHv6vn8mmXB0+kuQdjy3wTVMUID0BmzHL5OAwJkzyKxHBk01s8b/V0KbA==
content-length: 1657
x-fb-trip-id: 1679558926
date: Wed, 23 Nov 2022 04:10:33 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 12 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (5542)
Hash 0765d76d746716156d53d36ee6f80836
17e1546f87cc6417615caa10dcbbcb699c59471a
f1e6af63ae9ff0385126b72a492b0d34709514dd4c00074a1be28272c253d4f8
GET /rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 13 Nov 2023 03:18:10 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: B2XXbXRnFhVtU9Nu5vgINg==
x-fb-debug: m+BQtPjWNbih3NkPDP8aeJSIVnefnV7FgVfmHv1ottnMxuFQ7O9P70HznPCRDJbEWaZVpMfMOPytg5/OtxyEfQ==
priority: u=3,i
content-length: 12369
x-fb-trip-id: 1679558926
date: Wed, 23 Nov 2022 04:10:33 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iLl54/yh/l/en_US/m3C9wUm7Rze.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 8.4 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iLl54/yh/l/en_US/m3C9wUm7Rze.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (2905)
Hash 7734711815478192096a4df90abbfa01
ea16129c6f54227d9d01bf3421e68863e75ffd7a
22cf4b88ca3b9208f44974e02dc6f784021871877121c7d03b310d7264ced0e3
GET /rsrc.php/v3iLl54/yh/l/en_US/m3C9wUm7Rze.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 13 Nov 2023 01:47:54 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: dzRxGBVHgZIJak35Crv6AQ==
x-fb-debug: mYoF2e1P7ghRejAJM02fWCgsd/dKefl60w4VqfDDrjYuscIKYr1aETRoBdkiOe/ue4siFzhXwZHQTDNWyiHklg==
priority: u=3,i
content-length: 8360
x-fb-trip-id: 1679558926
date: Wed, 23 Nov 2022 04:10:33 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y-/r/y841rZ2iNa0.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 8.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y-/r/y841rZ2iNa0.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (9885)
Hash 71e8e93b5e55f2010013b0814f4e3ae5
4732ba3acc539a0e9ff12d08c1b5a16f535bd594
b710ea52f812ac39c5195f0c170142bfcfcc274aa6b250a29a1ed1c59ea58556
GET /rsrc.php/v3/y-/r/y841rZ2iNa0.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 12 Nov 2023 16:49:53 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: cejpO15V8gEAE7CBT0465Q==
x-fb-debug: K+vakdudtTdQF+msD/lkaUE6a2YRi6isCJuPTc0LNd9e9IlBt8LCzbYYbinXlIPe0wHMqStwCkhFMju4cwxNKQ==
content-length: 8748
x-fb-trip-id: 1679558926
date: Wed, 23 Nov 2022 04:10:33 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 16 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type C source, ASCII text, with very long lines (8741)
Hash dfb29285817fca7b068ba0ec98aa2392
78cd49585da28a245a096781c8e0fada59cf2b72
2c4a3a46d7dfaf97bbc16a2b93470d1b3382c0da3f44dca0c987a3384cee43d3
GET /rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 13 Nov 2023 04:19:38 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 37KShYF/ynsGi6DsmKojkg==
x-fb-debug: 7xJriGHNsmB5/T1Cwg2g4hhrlkKi0N3SIxzE4Uhhymx2s/s5WJwHZaYdliFwpRkCZST+OzT4OECl4om6NStC4w==
priority: u=3,i
content-length: 16262
x-fb-trip-id: 1679558926
date: Wed, 23 Nov 2022 04:10:33 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yN/l/0,cross/rpeMW_reP7a.css?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 4.3 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yN/l/0,cross/rpeMW_reP7a.css?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (4431)
Hash b2143b0fcfe49a5fecb3dd3414dceebd
2126f221b98f84ced41561752c42fa1ce809610f
d282d9db4fd4faddbdc947b13c3f34173b3efceeeaec3ca47a9a112037a6c7ef
GET /rsrc.php/v3/yN/l/0,cross/rpeMW_reP7a.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 21 Nov 2023 16:56:20 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: shQ7D8/kml/ss900FNzuvQ==
x-fb-debug: oJH5Z9GK1hwo8ptkgSnLyGB4CPpuZSKkTRzWVNZuqiu96Vv+KxNQ9gGDVeJAnAYkFehVeJVkov93xkZ8ws7LQw==
content-length: 4323
x-fb-trip-id: 1679558926
date: Wed, 23 Nov 2022 04:10:33 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 338 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (327)
Hash 76f593e842677f73cd0a06232874b2c3
25a13f79478d5a0e286a2299dca2f3b296463079
74dcbe026002f10b703960a500b50dabe518862e568a9e689dec7afa243fa44d
GET /rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 10 Nov 2023 14:53:19 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: dvWT6EJnf3PNCgYjKHSyww==
x-fb-debug: Zp1wPiIBW0tAEDCzIG+C15SNLQZuFBAuL7eGPEZ2EcUv1w5gNg/KYnLzpL+Ik9U2mzu8iznakPOFiuJ0CwtpxA==
content-length: 338
x-fb-trip-id: 1679558926
date: Wed, 23 Nov 2022 04:10:33 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yt/l/en_US/JGSM2yXjSKh.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 24 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iEpO4/yt/l/en_US/JGSM2yXjSKh.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (42048)
Hash 3051900d03a657ddbbc9afa8ac11cdbd
557f26734897e137a6678f6d2a81672fc6a34ad2
038035ce01be57324c7e251c8834229b4910f27e3a042912fd7276947e5750df
GET /rsrc.php/v3iEpO4/yt/l/en_US/JGSM2yXjSKh.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 12 Nov 2023 16:53:15 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: MFGQDQOmV927ya+orBHNvQ==
x-fb-debug: 9DqJHAPrdMDmypf/NoQ+1HoYyKVzMkLtJvbIXR4QOJOOPFwO/mdx3WsOTc4adiwZRn2JRwyloMqLbifzUc1b+g==
content-length: 23455
x-fb-trip-id: 1679558926
date: Wed, 23 Nov 2022 04:10:33 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yW/r/0aTHA2C1d6g.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 7.2 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yW/r/0aTHA2C1d6g.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (4057)
Hash 571700b5a1e8db88d5d79007a910b962
07102cc5f2b19f190830664e1ec6718efb33c011
ecccefedaf39e094079b22880aba987993015fbf1b70fd3c63bc57dc10685f11
GET /rsrc.php/v3/yW/r/0aTHA2C1d6g.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 14 Nov 2023 06:04:49 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: VxcAtaHo24jV15AHqRC5Yg==
x-fb-debug: NT+M5oXO8pwkIMnEqGwapf+WVRORcDdI9fHky/3paBQ/wwz6CTFWuVr8ViFofTrTwDWDAUG1I14mocRnBu+xzA==
content-length: 7238
x-fb-trip-id: 1679558926
date: Wed, 23 Nov 2022 04:10:33 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/_RgpdkW75Wy.css?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 3.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/_RgpdkW75Wy.css?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (3040)
Hash 551311d1d8e5ad89a39ba9e5a2e2fdde
b85188f8308705e9eeedd256a6a42623acf47d63
f353f63c8d988fb52108e44527a79f10e05e00340f794c9629ba7e835c6f4099
GET /rsrc.php/v3/yw/l/0,cross/_RgpdkW75Wy.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 22 Nov 2023 18:06:25 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: VRMR0djlrYmjm6nlouL93g==
x-fb-debug: bTysicilASjDDgG1doKr8u0jPc3z4lDl9nIO6R0cT7UX5QriUXaqp4nMZgWvvDiCANaNDvI8qfoc5Qoh6FSyvA==
priority: u=2
content-length: 3699
x-fb-trip-id: 1679558926
date: Wed, 23 Nov 2022 04:10:33 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/b9TGs_-VwbF.css?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 1.2 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/b9TGs_-VwbF.css?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (1407)
Hash 5d5d8d45279e0559943d6d9af7b930b7
6fd2a6064fd3513425b99ac744410f28d7ba81f6
6eee9c5e3da3e81d758a23614caaf9078776ef4ef73346275d879aa1f945fbf6
GET /rsrc.php/v3/y1/l/0,cross/b9TGs_-VwbF.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 22 Nov 2023 18:06:25 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: XV2NRSeeBVmUPW2a97kwtw==
x-fb-debug: X4ROC8NP25Ic54F5XX3l9ytzvy0DfEZ3HrvzLsDaG0UugrnVtP2tuMoB7c+oCpPskpXMRV6rx6gufa1GeFInpQ==
priority: u=2
content-length: 1165
x-fb-trip-id: 1679558926
date: Wed, 23 Nov 2022 04:10:33 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
xaydunghoangtu.com/wp-content/uploads/fav.png
112.78.1.150200 OK 2.8 kB URL HTTP/2 xaydunghoangtu.com/wp-content/uploads/fav.png
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type PNG image data, 75 x 75, 8-bit colormap, non-interlaced\012- data
Hash cc0335581d977159824ba2e696868b74
b0998364cd299ffaeea5d071b311237556d25615
addc6391fa097b5725125948606dd6ef7bc9f1e9eccf94ce756f5e45eb057919
GET /wp-content/uploads/fav.png HTTP/1.1
Host: xaydunghoangtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6; wordpress_651d65323a405=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:10:33 GMT
content-type: image/png
content-length: 2835
last-modified: Wed, 21 Oct 2020 10:05:26 GMT
etag: "5f9007e6-b13"
accept-ranges: bytes
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y8/r/qc0dVyw0ZD0.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 91 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y8/r/qc0dVyw0ZD0.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (18622)
Hash 151e87d38f4f425e44d9c851c9aecf05
762111e5095f5354be95b98ad476f6e7161ce6b1
f236f289f38c8081b496e0537ed3b2c66822e7a743f5d9d4959f955c64b0b2b0
GET /rsrc.php/v3/y8/r/qc0dVyw0ZD0.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 17 Nov 2023 16:54:49 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: FR6H049PQl5E2chRya7PBQ==
x-fb-debug: XKYCuFqqNH0kZrgnBK9d939R6pWs+fcIzk26id8p6lRkOvr6n2vQtYYz0yMcJoZ8xMvN0Ztyy0Cqwk+0Rwgf4Q==
content-length: 91088
x-fb-trip-id: 1679558926
date: Wed, 23 Nov 2022 04:10:33 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
xaydunghoangtu.com/wp-content/uploads/sl1.jpg
112.78.1.150200 OK 27 kB URL HTTP/2 xaydunghoangtu.com/wp-content/uploads/sl1.jpg
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 870x321, components 3\012- data
Hash 41f08d6539bf24181a0054886abe3eb0
018b5649e61fbe0cffc16b3569ad5eae55a82d0b
ef0a0030a21b99bdce44582a005fd94d239e6c4bee89a19a21e6f0e9a22eeb84
GET /wp-content/uploads/sl1.jpg HTTP/1.1
Host: xaydunghoangtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6; wordpress_651d65323a405=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:10:33 GMT
content-type: image/jpeg
content-length: 26738
last-modified: Thu, 29 Oct 2020 04:26:47 GMT
etag: "5f9a4487-6872"
accept-ranges: bytes
X-Firefox-Spdy: h2
xaydunghoangtu.com/wp-content/uploads/mong.jpg
112.78.1.150200 OK 285 kB URL HTTP/2 xaydunghoangtu.com/wp-content/uploads/mong.jpg
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x622, components 3\012- data
Size 285 kB (284832 bytes)
Hash 39ce25fdf7dbf46dcbc60d8e5ff7f723
c2ce3a878d8a54a1199330074c29785443a47ff3
3de1db9522d2eef5b0759dd0f19bf54ca8183f3aff6ea5429b8c7a2de0c5117d
GET /wp-content/uploads/mong.jpg HTTP/1.1
Host: xaydunghoangtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6; wordpress_651d65323a405=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:10:33 GMT
content-type: image/jpeg
content-length: 284832
last-modified: Thu, 29 Oct 2020 04:10:51 GMT
etag: "5f9a40cb-458a0"
accept-ranges: bytes
X-Firefox-Spdy: h2
xaydunghoangtu.com/wp-content/uploads/img1-1536x1090.jpg
112.78.1.150200 OK 252 kB URL HTTP/2 xaydunghoangtu.com/wp-content/uploads/img1-1536x1090.jpg
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1536x1090, components 3\012- data
Size 252 kB (251515 bytes)
Hash 5ea5d899fad2f92b2ec09b073f717c7a
99e01a0a550bde6203063aa7647f896dc26c94ba
305ef9385a102f6b60335cb3f5cb67d83fa0cc82f193deb4ded7c3065506eb4d
GET /wp-content/uploads/img1-1536x1090.jpg HTTP/1.1
Host: xaydunghoangtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6; wordpress_651d65323a405=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:10:33 GMT
content-type: image/jpeg
content-length: 251515
last-modified: Thu, 29 Oct 2020 04:27:17 GMT
etag: "5f9a44a5-3d67b"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d9261e74ce5d6cdb4f85a9e2c0b6fb66
738bf615c72177114e2a43d616262718b2c37d64
a8d322eee53c731563cd5643b8b7396bea1b50cf4080533d4e9d46ea19f35ba3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3571
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:10:33 GMT
Etag: "637d0e67-1d7"
Last-Modified: Wed, 23 Nov 2022 03:11:02 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
xaydunghoangtu.com/wp-content/uploads/ONG-ICH-KHIEM-1536x2048.jpg
112.78.1.150200 OK 582 kB URL HTTP/2 xaydunghoangtu.com/wp-content/uploads/ONG-ICH-KHIEM-1536x2048.jpg
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 1536x2048, components 3\012- data
Size 582 kB (582259 bytes)
Hash 2393a6b95ef490ed32bf08f52855985f
ec163fff4f83fa15ecfb32b0b4f36aa5f30cac85
ea84029b6dbf4dd86e3fab1b6ab2ab119aef397db55c0c27402c630f3763c9f7
GET /wp-content/uploads/ONG-ICH-KHIEM-1536x2048.jpg HTTP/1.1
Host: xaydunghoangtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6; wordpress_651d65323a405=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:10:33 GMT
content-type: image/jpeg
content-length: 582259
last-modified: Fri, 11 Dec 2020 02:40:15 GMT
etag: "5fd2dc0f-8e273"
accept-ranges: bytes
X-Firefox-Spdy: h2
xaydunghoangtu.com/wp-content/uploads/dang-thi-cong-1.jpg
112.78.1.150200 OK 271 kB URL HTTP/2 xaydunghoangtu.com/wp-content/uploads/dang-thi-cong-1.jpg
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x622, components 3\012- data
Size 271 kB (270558 bytes)
Hash 6831a40cf5afc12f3d0a8c0c360c81e1
15be4e34e2e4c2cf3fe083f2a7db623ce2a3a079
9a17c5a27dbe6d6c757f578bf6236b5b801fcdd6db2e529928baa7b09e2e7824
GET /wp-content/uploads/dang-thi-cong-1.jpg HTTP/1.1
Host: xaydunghoangtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6; wordpress_651d65323a405=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:10:33 GMT
content-type: image/jpeg
content-length: 270558
last-modified: Thu, 29 Oct 2020 04:00:24 GMT
etag: "5f9a3e58-420de"
accept-ranges: bytes
X-Firefox-Spdy: h2
xaydunghoangtu.com/wp-content/uploads/NAM-hotel.jpg
112.78.1.150200 OK 223 kB URL HTTP/2 xaydunghoangtu.com/wp-content/uploads/NAM-hotel.jpg
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 991x1200, components 3\012- data
Size 223 kB (223329 bytes)
Hash 7455f0490ef9025a66119e9309f05090
6cf4a09d49090d828799a71866f60e826337bd23
c12831e0184d37e3cb44bb2a182696f60d02237ca500c24abf0d5735d053f98c
GET /wp-content/uploads/NAM-hotel.jpg HTTP/1.1
Host: xaydunghoangtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6; wordpress_651d65323a405=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:10:33 GMT
content-type: image/jpeg
content-length: 223329
last-modified: Thu, 29 Oct 2020 03:40:10 GMT
etag: "5f9a399a-36861"
accept-ranges: bytes
X-Firefox-Spdy: h2
xaydunghoangtu.com/wp-content/uploads/img1.jpg
112.78.1.150200 OK 229 kB URL HTTP/2 xaydunghoangtu.com/wp-content/uploads/img1.jpg
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1919x1362, components 3\012- data
Size 229 kB (229306 bytes)
Hash 7a1d51c4cb62091145dc16cccff6f6cc
ce04bc2b15aacb16db0057be8c7726557435e547
e0743be91f0eb52969e92c5d94c81bd8a3f2026b16b1719f68fa3bde26004255
GET /wp-content/uploads/img1.jpg HTTP/1.1
Host: xaydunghoangtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6; wordpress_651d65323a405=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:10:33 GMT
content-type: image/jpeg
content-length: 229306
last-modified: Thu, 29 Oct 2020 04:27:09 GMT
etag: "5f9a449d-37fba"
accept-ranges: bytes
X-Firefox-Spdy: h2
scontent.ftbs5-2.fna.fbcdn.net/v/t39.30808-1/248663389_10158541204178553_8011492100387814626_n.png?stp=cp0_dst-png_p50x50&_nc_cat=103&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=MICSe4lglV8AX85x1Q2&_nc_ht=scontent.ftbs5-2.fna&edm=ANSO7JkEAAAA&oh=00_AfCLMm4vzDjZtvYcK3uWUhWt11rFmzovvMnSlFHs4qNRVg&oe=638272A6
213.157.214.17200 OK 1.9 kB URL HTTP/2 scontent.ftbs5-2.fna.fbcdn.net/v/t39.30808-1/248663389_10158541204178553_8011492100387814626_n.png?stp=cp0_dst-png_p50x50&_nc_cat=103&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=MICSe4lglV8AX85x1Q2&_nc_ht=scontent.ftbs5-2.fna&edm=ANSO7JkEAAAA&oh=00_AfCLMm4vzDjZtvYcK3uWUhWt11rFmzovvMnSlFHs4qNRVg&oe=638272A6
IP 213.157.214.17:0
File type PNG image data, 50 x 50, 8-bit/color RGB, non-interlaced\012- data
Hash eed6cb6d77d71369f4a8f956e56d9203
bb3ea70519b3686001b32c166023a6131b3525b3
13f1102c83bf42ca9444b1349d0df813fa28d22f74ee7d7fa0bc9fcb553dbe33
GET /v/t39.30808-1/248663389_10158541204178553_8011492100387814626_n.png?stp=cp0_dst-png_p50x50&_nc_cat=103&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=MICSe4lglV8AX85x1Q2&_nc_ht=scontent.ftbs5-2.fna&edm=ANSO7JkEAAAA&oh=00_AfCLMm4vzDjZtvYcK3uWUhWt11rFmzovvMnSlFHs4qNRVg&oe=638272A6 HTTP/1.1
Host: scontent.ftbs5-2.fna.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Thu, 28 Oct 2021 21:41:42 GMT
x-haystack-needlechecksum: 2830878616
x-needle-checksum: 109046106
content-type: image/png
content-digest: adler32=2101318160
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 1861
date: Wed, 23 Nov 2022 04:10:33 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d9261e74ce5d6cdb4f85a9e2c0b6fb66
738bf615c72177114e2a43d616262718b2c37d64
a8d322eee53c731563cd5643b8b7396bea1b50cf4080533d4e9d46ea19f35ba3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3571
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:10:33 GMT
Etag: "637d0e67-1d7"
Last-Modified: Wed, 23 Nov 2022 03:11:02 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
xaydunghoangtu.com/wp-content/uploads/ONG-ICH-KHIEM.jpg
112.78.1.150200 OK 1.3 MB URL HTTP/2 xaydunghoangtu.com/wp-content/uploads/ONG-ICH-KHIEM.jpg
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x2560, components 3\012- data
Size 1.3 MB (1349938 bytes)
Hash 6a5464b262e77a720d42922e60c12774
851ca251014a0a42b6a5b7350b9ac45678e654c8
384d2b213a336190e1ffdeaa42ec1b5f2e242db81ba4b0b3f6de7315745a680b
GET /wp-content/uploads/ONG-ICH-KHIEM.jpg HTTP/1.1
Host: xaydunghoangtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6; wordpress_651d65323a405=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:10:33 GMT
content-type: image/jpeg
content-length: 1349938
last-modified: Fri, 11 Dec 2020 02:40:14 GMT
etag: "5fd2dc0e-149932"
accept-ranges: bytes
X-Firefox-Spdy: h2
scontent-arn2-1.xx.fbcdn.net/v/t39.30808-6/314890194_487568293403511_5506635707078463768_n.jpg?stp=dst-jpg_p75x225&_nc_cat=107&ccb=1-7&_nc_sid=8024bb&_nc_ohc=iX2F7sqBT5wAX8z6Stb&_nc_ht=scontent-arn2-1.xx&oh=00_AfDdKpNUiZqps-xiiQmB2BlvTYR57Ly2B-QuWzYUxr0_Zw&oe=63819618
31.13.72.12200 OK 9.8 kB URL HTTP/2 scontent-arn2-1.xx.fbcdn.net/v/t39.30808-6/314890194_487568293403511_5506635707078463768_n.jpg?stp=dst-jpg_p75x225&_nc_cat=107&ccb=1-7&_nc_sid=8024bb&_nc_ohc=iX2F7sqBT5wAX8z6Stb&_nc_ht=scontent-arn2-1.xx&oh=00_AfDdKpNUiZqps-xiiQmB2BlvTYR57Ly2B-QuWzYUxr0_Zw&oe=63819618
IP 31.13.72.12:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 349x225, components 3\012- data
Hash c3904e10477edcd93c0c9f847cc76afd
8e6cc6d88249c5c7463b7139e0c7de63c2a5f7f6
46421b01ae7d4d1c07243709f09800f32264f2c7e36b4ab79f47d67014988bf1
GET /v/t39.30808-6/314890194_487568293403511_5506635707078463768_n.jpg?stp=dst-jpg_p75x225&_nc_cat=107&ccb=1-7&_nc_sid=8024bb&_nc_ohc=iX2F7sqBT5wAX8z6Stb&_nc_ht=scontent-arn2-1.xx&oh=00_AfDdKpNUiZqps-xiiQmB2BlvTYR57Ly2B-QuWzYUxr0_Zw&oe=63819618 HTTP/1.1
Host: scontent-arn2-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Mon, 07 Nov 2022 20:37:59 GMT
x-haystack-needlechecksum: 4219831774
x-needle-checksum: 2763380916
content-type: image/jpeg
content-digest: adler32=2169749691
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 9795
x-fb-trip-id: 2050670934
date: Wed, 23 Nov 2022 04:10:34 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-arn2-1.xx.fbcdn.net/v/t39.30808-6/315756746_493935039433503_1580501792517664426_n.jpg?stp=dst-jpg_p235x350&_nc_cat=103&ccb=1-7&_nc_sid=8024bb&_nc_ohc=r1uN1MCfnD8AX-51F84&_nc_ht=scontent-arn2-1.xx&oh=00_AfA5V4jRWEehQHVv0Ayai73Zvl_fkiprsv-6aoru3GSdGQ&oe=6382BFC0
31.13.72.12200 OK 12 kB URL HTTP/2 scontent-arn2-1.xx.fbcdn.net/v/t39.30808-6/315756746_493935039433503_1580501792517664426_n.jpg?stp=dst-jpg_p235x350&_nc_cat=103&ccb=1-7&_nc_sid=8024bb&_nc_ohc=r1uN1MCfnD8AX-51F84&_nc_ht=scontent-arn2-1.xx&oh=00_AfA5V4jRWEehQHVv0Ayai73Zvl_fkiprsv-6aoru3GSdGQ&oe=6382BFC0
IP 31.13.72.12:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x350, components 3\012- data
Hash 710146e592c45f8fec75359f2dbf03f4
0cbd11ba99529c9b4e3c2215c9d4fddc333c04ac
e608f90409f2b149bae45fc506085f3e10bd69123449ef5fe26bc478163daefd
GET /v/t39.30808-6/315756746_493935039433503_1580501792517664426_n.jpg?stp=dst-jpg_p235x350&_nc_cat=103&ccb=1-7&_nc_sid=8024bb&_nc_ohc=r1uN1MCfnD8AX-51F84&_nc_ht=scontent-arn2-1.xx&oh=00_AfA5V4jRWEehQHVv0Ayai73Zvl_fkiprsv-6aoru3GSdGQ&oe=6382BFC0 HTTP/1.1
Host: scontent-arn2-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Wed, 16 Nov 2022 18:57:44 GMT
x-haystack-needlechecksum: 1267590077
x-needle-checksum: 3476616996
content-type: image/jpeg
content-digest: adler32=3590548135
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 11724
x-fb-trip-id: 2050670934
date: Wed, 23 Nov 2022 04:10:34 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-arn2-1.xx.fbcdn.net/v/t39.30808-6/315601592_492388656254808_6925285830766631534_n.jpg?stp=dst-jpg_p235x350&_nc_cat=104&ccb=1-7&_nc_sid=8024bb&_nc_ohc=wbNrLwWnuq8AX8t4peN&_nc_ht=scontent-arn2-1.xx&oh=00_AfBvXUMp5_v4PQZ9KuFStj6JuZqcMCxG_B0Zj_5UZ3D0MQ&oe=63820AAF
31.13.72.12200 OK 25 kB URL HTTP/2 scontent-arn2-1.xx.fbcdn.net/v/t39.30808-6/315601592_492388656254808_6925285830766631534_n.jpg?stp=dst-jpg_p235x350&_nc_cat=104&ccb=1-7&_nc_sid=8024bb&_nc_ohc=wbNrLwWnuq8AX8t4peN&_nc_ht=scontent-arn2-1.xx&oh=00_AfBvXUMp5_v4PQZ9KuFStj6JuZqcMCxG_B0Zj_5UZ3D0MQ&oe=63820AAF
IP 31.13.72.12:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x350, components 3\012- data
Hash 457832d85e206931987f1324891414c8
e5c29bfb1b3afe96d42ee791d26da1bc9a922e45
7ade0bbb55bb1ed836fda1430aa420a17cfd5eb392db2798ac3972e8afe44bd8
GET /v/t39.30808-6/315601592_492388656254808_6925285830766631534_n.jpg?stp=dst-jpg_p235x350&_nc_cat=104&ccb=1-7&_nc_sid=8024bb&_nc_ohc=wbNrLwWnuq8AX8t4peN&_nc_ht=scontent-arn2-1.xx&oh=00_AfBvXUMp5_v4PQZ9KuFStj6JuZqcMCxG_B0Zj_5UZ3D0MQ&oe=63820AAF HTTP/1.1
Host: scontent-arn2-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Mon, 14 Nov 2022 17:09:45 GMT
x-haystack-needlechecksum: 2138646377
x-needle-checksum: 3104704882
content-type: image/jpeg
content-digest: adler32=257247698
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 24954
x-fb-trip-id: 2050670934
date: Wed, 23 Nov 2022 04:10:34 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-arn2-1.xx.fbcdn.net/v/t15.5256-10/316608472_1505968503239775_5156894989005011548_n.jpg?stp=dst-jpg_s350x350&_nc_cat=104&ccb=1-7&_nc_sid=08861d&_nc_ohc=n-GsGkYG2I4AX97S33W&_nc_ht=scontent-arn2-1.xx&oh=00_AfDK5U1Y7W3aYPjkSyy0a-cZnW0DC3yN7ztydazSydyWdA&oe=6381BB84
31.13.72.12200 OK 9.8 kB URL HTTP/2 scontent-arn2-1.xx.fbcdn.net/v/t15.5256-10/316608472_1505968503239775_5156894989005011548_n.jpg?stp=dst-jpg_s350x350&_nc_cat=104&ccb=1-7&_nc_sid=08861d&_nc_ohc=n-GsGkYG2I4AX97S33W&_nc_ht=scontent-arn2-1.xx&oh=00_AfDK5U1Y7W3aYPjkSyy0a-cZnW0DC3yN7ztydazSydyWdA&oe=6381BB84
IP 31.13.72.12:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x197, components 3\012- data
Hash ecd6e1d82cfe052160ecc0aa58867893
1a35efcff053581a1c723c61618aee2a47127a68
ca428396d48c4ba0f0d5aa5232da3ce937e5442de9756133577b7ff194dbfaa9
GET /v/t15.5256-10/316608472_1505968503239775_5156894989005011548_n.jpg?stp=dst-jpg_s350x350&_nc_cat=104&ccb=1-7&_nc_sid=08861d&_nc_ohc=n-GsGkYG2I4AX97S33W&_nc_ht=scontent-arn2-1.xx&oh=00_AfDK5U1Y7W3aYPjkSyy0a-cZnW0DC3yN7ztydazSydyWdA&oe=6381BB84 HTTP/1.1
Host: scontent-arn2-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 22 Nov 2022 15:01:59 GMT
x-haystack-needlechecksum: 3046911788
x-needle-checksum: 810877521
content-type: image/jpeg
content-digest: adler32=3906005205
content-length: 9806
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-trip-id: 2050670934
date: Wed, 23 Nov 2022 04:10:34 GMT
x-fb-edge-debug: G5iHgZIAAGQrc9IJYgBiq7TZYYtweYkI8iZdN02gnUVcD5RvvtLYbQBufzt7DNoSt1dEFC7TAqRTt05PSfEMvONUsG3fM6l_izlJeRes9kA
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-arn2-1.xx.fbcdn.net/v/t39.30808-6/315843460_493080806185593_8217138244123855244_n.jpg?stp=dst-jpg_p173x172&_nc_cat=102&ccb=1-7&_nc_sid=8024bb&_nc_ohc=FuLItmcJRkAAX_3vbZI&_nc_ht=scontent-arn2-1.xx&oh=00_AfCtiBf--4C8IBl2Y_5bYj2C2KI1CstJQZJSOaGL5OsMLQ&oe=63824D19
31.13.72.12200 OK 7.0 kB URL HTTP/2 scontent-arn2-1.xx.fbcdn.net/v/t39.30808-6/315843460_493080806185593_8217138244123855244_n.jpg?stp=dst-jpg_p173x172&_nc_cat=102&ccb=1-7&_nc_sid=8024bb&_nc_ohc=FuLItmcJRkAAX_3vbZI&_nc_ht=scontent-arn2-1.xx&oh=00_AfCtiBf--4C8IBl2Y_5bYj2C2KI1CstJQZJSOaGL5OsMLQ&oe=63824D19
IP 31.13.72.12:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 328x172, components 3\012- data
Hash 5ac55751b4e23606c9be562bb382504f
c13dfa8dc987bed8117bf65d0974034206885c12
faaa60013c2c8e54b99fc0244c9a210711febeb17fc77bd3f1a925ced95c8f2f
GET /v/t39.30808-6/315843460_493080806185593_8217138244123855244_n.jpg?stp=dst-jpg_p173x172&_nc_cat=102&ccb=1-7&_nc_sid=8024bb&_nc_ohc=FuLItmcJRkAAX_3vbZI&_nc_ht=scontent-arn2-1.xx&oh=00_AfCtiBf--4C8IBl2Y_5bYj2C2KI1CstJQZJSOaGL5OsMLQ&oe=63824D19 HTTP/1.1
Host: scontent-arn2-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 15 Nov 2022 16:59:50 GMT
x-haystack-needlechecksum: 1671115695
x-needle-checksum: 4210007317
content-type: image/jpeg
content-digest: adler32=188126775
content-length: 7019
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-trip-id: 2050670934
date: Wed, 23 Nov 2022 04:10:34 GMT
x-fb-edge-debug: JleyWsjgadmoaTT7ZVE8Vpx3PqGRzadHJZqVq4_Gqjl7brjHxambZYC9q6ps88hfZSnCVrVUPZXif4ZGmbvcPmEP3rtECgZNUKcCavwNKR4
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
video-arn2-2.xx.fbcdn.net/v/t39.25447-2/316314680_1032596657699583_5113769031817252280_n.mp4?_nc_cat=100&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfaTRsaXRlYmFzaWNfNXNlY2dvcF9ocTJfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=qSPBUEmBDSEAX_6WQGy&_nc_ht=video-arn2-2.xx&oh=00_AfBA8XvRn6Rtd3DdX13h6RxcqLzTR4jE9nNSG2F_FtT45A&oe=6383220D&bytestart=0&byteend=838
157.240.194.21200 OK 839 B URL HTTP/2 video-arn2-2.xx.fbcdn.net/v/t39.25447-2/316314680_1032596657699583_5113769031817252280_n.mp4?_nc_cat=100&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfaTRsaXRlYmFzaWNfNXNlY2dvcF9ocTJfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=qSPBUEmBDSEAX_6WQGy&_nc_ht=video-arn2-2.xx&oh=00_AfBA8XvRn6Rtd3DdX13h6RxcqLzTR4jE9nNSG2F_FtT45A&oe=6383220D&bytestart=0&byteend=838
IP 157.240.194.21:0
File type ISO Media, MP4 Base Media v5 \012- data
Hash 0b85a03442ecc6b0e1c015b99ece85f7
79f94ae161e90a3768668f6b8b4fc8b95418a344
1f4d4e0f9b10a6505cf9d72e3fd86f94e70b22ec33e1a8e1eeca5cffec757235
GET /v/t39.25447-2/316314680_1032596657699583_5113769031817252280_n.mp4?_nc_cat=100&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfaTRsaXRlYmFzaWNfNXNlY2dvcF9ocTJfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=qSPBUEmBDSEAX_6WQGy&_nc_ht=video-arn2-2.xx&oh=00_AfBA8XvRn6Rtd3DdX13h6RxcqLzTR4jE9nNSG2F_FtT45A&oe=6383220D&bytestart=0&byteend=838 HTTP/1.1
Host: video-arn2-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:206:HS_ERANGE_SUCCESS
last-modified: Tue, 22 Nov 2022 15:01:56 GMT
content-type: video/mp4
x-haystack-needlechecksum: 0
x-needle-checksum: 1532965953
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=1532965953
content-length: 839
accept-ranges: bytes
x-fb-trip-id: 436667874
date: Wed, 23 Nov 2022 04:10:34 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
video-arn2-2.xx.fbcdn.net/v/t42.1790-2/316744112_799849194421586_6998189324204669477_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=bqVdD3XYozMAX9pTZsb&_nc_ht=video-arn2-2.xx&oh=00_AfDwhpRivOJheQ48OwUrNjwMTkNDh2A69fpU6Qv7pEvQCQ&oe=637DC725&bytestart=0&byteend=782
157.240.194.21200 OK 783 B URL HTTP/2 video-arn2-2.xx.fbcdn.net/v/t42.1790-2/316744112_799849194421586_6998189324204669477_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=bqVdD3XYozMAX9pTZsb&_nc_ht=video-arn2-2.xx&oh=00_AfDwhpRivOJheQ48OwUrNjwMTkNDh2A69fpU6Qv7pEvQCQ&oe=637DC725&bytestart=0&byteend=782
IP 157.240.194.21:0
File type ISO Media, MP4 Base Media v5 \012- data
Hash 9731e131852488c4d429cfe261a7be5f
1b65abcadd1433bb518a6080076c4bbe993d0829
b165cc34f2368dd13bd99c1a73a776340c6c8b7d7a6df49116ea547fc4255f95
GET /v/t42.1790-2/316744112_799849194421586_6998189324204669477_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=bqVdD3XYozMAX9pTZsb&_nc_ht=video-arn2-2.xx&oh=00_AfDwhpRivOJheQ48OwUrNjwMTkNDh2A69fpU6Qv7pEvQCQ&oe=637DC725&bytestart=0&byteend=782 HTTP/1.1
Host: video-arn2-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:206:HS_ERANGE_SUCCESS
last-modified: Tue, 22 Nov 2022 15:02:40 GMT
content-type: video/mp4
x-haystack-needlechecksum: 0
x-needle-checksum: 272321244
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=272321244
content-length: 783
accept-ranges: bytes
x-fb-trip-id: 436667874
date: Wed, 23 Nov 2022 04:10:34 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
video-arn2-2.xx.fbcdn.net/v/t42.1790-2/316744112_799849194421586_6998189324204669477_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=bqVdD3XYozMAX9pTZsb&_nc_ht=video-arn2-2.xx&oh=00_AfDwhpRivOJheQ48OwUrNjwMTkNDh2A69fpU6Qv7pEvQCQ&oe=637DC725&bytestart=783&byteend=1990
157.240.194.21200 OK 1.2 kB URL HTTP/2 video-arn2-2.xx.fbcdn.net/v/t42.1790-2/316744112_799849194421586_6998189324204669477_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=bqVdD3XYozMAX9pTZsb&_nc_ht=video-arn2-2.xx&oh=00_AfDwhpRivOJheQ48OwUrNjwMTkNDh2A69fpU6Qv7pEvQCQ&oe=637DC725&bytestart=783&byteend=1990
IP 157.240.194.21:0
Hash 6bd07906be2de217417eceb4cbaa9c5f
bdf570da5d7c5ca12cb5bcdd9ae97fcfb0629d2b
cbe09e57bb10352dcd2aa2912bcc782e427077c1450ae78cae59371947c68260
GET /v/t42.1790-2/316744112_799849194421586_6998189324204669477_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=bqVdD3XYozMAX9pTZsb&_nc_ht=video-arn2-2.xx&oh=00_AfDwhpRivOJheQ48OwUrNjwMTkNDh2A69fpU6Qv7pEvQCQ&oe=637DC725&bytestart=783&byteend=1990 HTTP/1.1
Host: video-arn2-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:206:HS_ERANGE_SUCCESS
last-modified: Tue, 22 Nov 2022 15:02:40 GMT
content-type: video/mp4
x-haystack-needlechecksum: 0
x-needle-checksum: 272321244
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=272321244
content-length: 1208
accept-ranges: bytes
x-fb-trip-id: 436667874
date: Wed, 23 Nov 2022 04:10:34 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
video-arn2-2.xx.fbcdn.net/v/t39.25447-2/316314680_1032596657699583_5113769031817252280_n.mp4?_nc_cat=100&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfaTRsaXRlYmFzaWNfNXNlY2dvcF9ocTJfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=qSPBUEmBDSEAX_6WQGy&_nc_ht=video-arn2-2.xx&oh=00_AfBA8XvRn6Rtd3DdX13h6RxcqLzTR4jE9nNSG2F_FtT45A&oe=6383220D&bytestart=839&byteend=1338
157.240.194.21200 OK 500 B URL HTTP/2 video-arn2-2.xx.fbcdn.net/v/t39.25447-2/316314680_1032596657699583_5113769031817252280_n.mp4?_nc_cat=100&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfaTRsaXRlYmFzaWNfNXNlY2dvcF9ocTJfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=qSPBUEmBDSEAX_6WQGy&_nc_ht=video-arn2-2.xx&oh=00_AfBA8XvRn6Rtd3DdX13h6RxcqLzTR4jE9nNSG2F_FtT45A&oe=6383220D&bytestart=839&byteend=1338
IP 157.240.194.21:0
Hash 9ec0dcbe06518006f60bcc654c8875e6
29910815592093dc4794266bb71d668789a41be8
9f4795b7c3606fa96890762959c61932d6311eb3214bf38cf79b71dbb1467f5b
GET /v/t39.25447-2/316314680_1032596657699583_5113769031817252280_n.mp4?_nc_cat=100&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfaTRsaXRlYmFzaWNfNXNlY2dvcF9ocTJfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=qSPBUEmBDSEAX_6WQGy&_nc_ht=video-arn2-2.xx&oh=00_AfBA8XvRn6Rtd3DdX13h6RxcqLzTR4jE9nNSG2F_FtT45A&oe=6383220D&bytestart=839&byteend=1338 HTTP/1.1
Host: video-arn2-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:206:HS_ERANGE_SUCCESS
last-modified: Tue, 22 Nov 2022 15:01:56 GMT
content-type: video/mp4
x-haystack-needlechecksum: 0
x-needle-checksum: 1532965953
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=1532965953
content-length: 500
accept-ranges: bytes
x-fb-trip-id: 436667874
date: Wed, 23 Nov 2022 04:10:34 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
video-arn2-2.xx.fbcdn.net/v/t42.1790-2/316744112_799849194421586_6998189324204669477_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=bqVdD3XYozMAX9pTZsb&_nc_ht=video-arn2-2.xx&oh=00_AfDwhpRivOJheQ48OwUrNjwMTkNDh2A69fpU6Qv7pEvQCQ&oe=637DC725&bytestart=1991&byteend=18610
157.240.194.21200 OK 17 kB URL HTTP/2 video-arn2-2.xx.fbcdn.net/v/t42.1790-2/316744112_799849194421586_6998189324204669477_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=bqVdD3XYozMAX9pTZsb&_nc_ht=video-arn2-2.xx&oh=00_AfDwhpRivOJheQ48OwUrNjwMTkNDh2A69fpU6Qv7pEvQCQ&oe=637DC725&bytestart=1991&byteend=18610
IP 157.240.194.21:0
File type Maple something\012- data
Hash 1d0378818837b558c0a4e50bff9b5fc5
381fbaae9ba02130bb36950ef505ebd33b88773d
55162240d9af4ee3e8fbcbe3e0dabcad877a660a5566825eb29361cb77b4e934
GET /v/t42.1790-2/316744112_799849194421586_6998189324204669477_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=bqVdD3XYozMAX9pTZsb&_nc_ht=video-arn2-2.xx&oh=00_AfDwhpRivOJheQ48OwUrNjwMTkNDh2A69fpU6Qv7pEvQCQ&oe=637DC725&bytestart=1991&byteend=18610 HTTP/1.1
Host: video-arn2-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:206:HS_ERANGE_SUCCESS
last-modified: Tue, 22 Nov 2022 15:02:40 GMT
content-type: video/mp4
x-haystack-needlechecksum: 0
x-needle-checksum: 272321244
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=272321244
content-length: 16620
accept-ranges: bytes
x-fb-trip-id: 436667874
date: Wed, 23 Nov 2022 04:10:34 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
video-arn2-2.xx.fbcdn.net/v/t39.25447-2/316314680_1032596657699583_5113769031817252280_n.mp4?_nc_cat=100&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfaTRsaXRlYmFzaWNfNXNlY2dvcF9ocTJfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=qSPBUEmBDSEAX_6WQGy&_nc_ht=video-arn2-2.xx&oh=00_AfBA8XvRn6Rtd3DdX13h6RxcqLzTR4jE9nNSG2F_FtT45A&oe=6383220D&bytestart=1339&byteend=646623
157.240.194.21200 OK 645 kB URL HTTP/2 video-arn2-2.xx.fbcdn.net/v/t39.25447-2/316314680_1032596657699583_5113769031817252280_n.mp4?_nc_cat=100&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfaTRsaXRlYmFzaWNfNXNlY2dvcF9ocTJfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=qSPBUEmBDSEAX_6WQGy&_nc_ht=video-arn2-2.xx&oh=00_AfBA8XvRn6Rtd3DdX13h6RxcqLzTR4jE9nNSG2F_FtT45A&oe=6383220D&bytestart=1339&byteend=646623
IP 157.240.194.21:0
Size 645 kB (645285 bytes)
Hash 7efb956b143d9cc5ebe0f9ebc922ee91
26beee5bd53280b1f10deb4972337b25a8e0e199
0b2f7ac8af005be0c004fd6f4adf2d9ac88cccc145f1e2803fdee52225a39208
GET /v/t39.25447-2/316314680_1032596657699583_5113769031817252280_n.mp4?_nc_cat=100&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfaTRsaXRlYmFzaWNfNXNlY2dvcF9ocTJfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=qSPBUEmBDSEAX_6WQGy&_nc_ht=video-arn2-2.xx&oh=00_AfBA8XvRn6Rtd3DdX13h6RxcqLzTR4jE9nNSG2F_FtT45A&oe=6383220D&bytestart=1339&byteend=646623 HTTP/1.1
Host: video-arn2-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:206:HS_ERANGE_SUCCESS
last-modified: Tue, 22 Nov 2022 15:01:56 GMT
content-type: video/mp4
x-haystack-needlechecksum: 0
x-needle-checksum: 1532965953
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=1532965953
content-length: 645285
accept-ranges: bytes
x-fb-trip-id: 436667874
date: Wed, 23 Nov 2022 04:10:34 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-arn2-2.xx.fbcdn.net/v/t39.2093-6/316540121_810899923318003_8692231635028652731_n.srt?_nc_cat=105&ccb=1-7&_nc_sid=8d539b&_nc_ohc=ASqBybF-hYIAX-3Jb3H&_nc_ht=scontent-arn2-2.xx&oh=00_AfD2kZxHOevef-pezon20hI91lg4-VPoeePmNM7EJ6uI5w&oe=63822FC3
157.240.194.27200 OK 5.2 kB URL HTTP/2 scontent-arn2-2.xx.fbcdn.net/v/t39.2093-6/316540121_810899923318003_8692231635028652731_n.srt?_nc_cat=105&ccb=1-7&_nc_sid=8d539b&_nc_ohc=ASqBybF-hYIAX-3Jb3H&_nc_ht=scontent-arn2-2.xx&oh=00_AfD2kZxHOevef-pezon20hI91lg4-VPoeePmNM7EJ6uI5w&oe=63822FC3
IP 157.240.194.27:0
Hash d534904782c04eaa77b96f673e0cecec
eabc4f44bc2e0abc1e9a2c863d93992713668f1f
0faaff606028491b473cf6feb23e750d7b9f6cf5cdf530911b228264b3e497b8
GET /v/t39.2093-6/316540121_810899923318003_8692231635028652731_n.srt?_nc_cat=105&ccb=1-7&_nc_sid=8d539b&_nc_ohc=ASqBybF-hYIAX-3Jb3H&_nc_ht=scontent-arn2-2.xx&oh=00_AfD2kZxHOevef-pezon20hI91lg4-VPoeePmNM7EJ6uI5w&oe=63822FC3 HTTP/1.1
Host: scontent-arn2-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 22 Nov 2022 15:01:19 GMT
content-type: text/srt
x-haystack-needlechecksum: 3193521733
x-needle-checksum: 675278387
content-digest: adler32=675278387
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: max-age=1209600, no-transform
content-length: 5171
x-fb-trip-id: 1904183273
date: Wed, 23 Nov 2022 04:10:34 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e8d7af3a5d030774447a0f71c7824f0
663cace8681891ad55943dd0273493aa9474d102
22068df04672281e392caa485259df103d591ab247c3eb5e0ccba10ffd8a9ef0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9766
x-amzn-requestid: ca8b7a9f-3c1a-419d-953e-2944bf820e5e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcR_Hd4IAMFWUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d40d9-4ca5e9b2476a47cd199b9cba;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:36:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RZqqB_Aaam7hYpdAB2fbx-i3iQth9M-OgA25IgCB5Uz0swqVi3-bVg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:48:19 GMT
age: 22937
etag: "663cace8681891ad55943dd0273493aa9474d102"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
xaydunghoangtu.com/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.11.3
112.78.1.150200 OK 0 B URL HTTP/2 xaydunghoangtu.com/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.11.3
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
GET /wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.11.3 HTTP/1.1
Host: xaydunghoangtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Cookie: HssSb3942757=6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:10:31 GMT
content-type: application/javascript
content-length: 171232
last-modified: Mon, 25 May 2020 10:27:08 GMT
etag: "5ecb9d7c-29ce0"
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3Aregular%2Cregular%2Cregular%2Cregular%7CPattaya%3Aregular%2Cregular&display=swap&ver=3.9
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3Aregular%2Cregular%2Cregular%2Cregular%7CPattaya%3Aregular%2Cregular&display=swap&ver=3.9
IP 142.250.74.10:0
GET /css?family=Roboto%3Aregular%2Cregular%2Cregular%2Cregular%7CPattaya%3Aregular%2Cregular&display=swap&ver=3.9 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xaydunghoangtu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Nov 2022 04:10:31 GMT
date: Wed, 23 Nov 2022 04:10:31 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2