r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9e164a845d32db8fa51fdb5b1aa218d9
169099b4d2f8e119ab6cf6fca279b6fb535b1759
402ffbf1404cf05c0516c5a8cd5344bd53537ac5150d387730a90c81c17dc9e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "402FFBF1404CF05C0516C5A8CD5344BD53537AC5150D387730A90C81C17DC9E4"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7051
Expires: Tue, 08 Nov 2022 18:59:09 GMT
Date: Tue, 08 Nov 2022 17:01:38 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7908acd0c083145e2b454aaeb063c236
0696647bb0a4118327f637a50ebcc21bac39d592
ffc30b68df0b33d67f31e37bbf5ae5cf4c23e1c8b8197bf76a95ee06bec4cd36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6152
Cache-Control: max-age=155525
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 17:01:38 GMT
Etag: "636a2fef-1d7"
Expires: Thu, 10 Nov 2022 12:13:43 GMT
Last-Modified: Tue, 08 Nov 2022 10:31:11 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d8c32b2fb818533a5b3fe5c69157bde9
93594fd3fc50d9d444c28660eabba1edbe4f0588
df8b8ce7a83d11fbe075c8780103c509654f288b5d757d64b696d861a11f3c7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF8B8CE7A83D11FBE075C8780103C509654F288B5D757D64B696D861A11F3C7F"
Last-Modified: Sun, 06 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11923
Expires: Tue, 08 Nov 2022 20:20:21 GMT
Date: Tue, 08 Nov 2022 17:01:38 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: klgrfqb8bJ5dGEZkpE3UyNKgqFmJrf3TxSV3kIGEgu92tNQoIRsYQf4+NPLGmOWMy6JwkiVX4ik=
x-amz-request-id: TSV9CJEVV31WPRBV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 08 Nov 2022 16:11:22 GMT
age: 3016
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 17:01:38 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
maihoangphotocopy.com/aima/qakbot.zip
103.130.216.99302 Found 683 B URL HTTP/1.1 maihoangphotocopy.com/aima/qakbot.zip
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 6371befc85069a96b0cb3c52e754a55a
de3def799f60ce2a16721687937ffb2a3f9bd3ae
db6f3663ecb5b124f3c02ce15691739fe69888b7ed6112f03062489470517f77
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /aima/qakbot.zip HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 683
date: Tue, 08 Nov 2022 17:01:38 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
location: https://maihoangphotocopy.com/aima/qakbot.zip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2a47d129a3af5f02c654faf925c60273
9ad27ed9f4500c939260a677c12e702599b00fa9
0e031af077bf7009ffefada782407a247bbd31bddc96994c68de7bfe902bf992
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4653
Cache-Control: max-age=148960
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 17:01:39 GMT
Etag: "636a1c26-1d7"
Expires: Thu, 10 Nov 2022 10:24:19 GMT
Last-Modified: Tue, 08 Nov 2022 09:06:46 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.88.220.109101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.88.220.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cDeH369FI+iGYofHn7DVbA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wUeAyCec2Glf8MEpt3J4H8Gk4Mc=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2674
Expires: Tue, 08 Nov 2022 17:46:14 GMT
Date: Tue, 08 Nov 2022 17:01:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2674
Expires: Tue, 08 Nov 2022 17:46:14 GMT
Date: Tue, 08 Nov 2022 17:01:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2674
Expires: Tue, 08 Nov 2022 17:46:14 GMT
Date: Tue, 08 Nov 2022 17:01:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2674
Expires: Tue, 08 Nov 2022 17:46:14 GMT
Date: Tue, 08 Nov 2022 17:01:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3564993-11e9-4914-840f-9a1b924c950a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3564993-11e9-4914-840f-9a1b924c950a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7884b85a4b30e918a0b44f73a301a78b
f7ae1b83a0199b76dd0d31a21db4072b867e4f37
9576f9ad95c958887de953dee72b267cd0ed7293ed62fb540df76a2d49fac035
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3564993-11e9-4914-840f-9a1b924c950a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4527
x-amzn-requestid: c3be9447-c43a-48d6-9aef-c0999742886c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQA1GFN5IAMFaRw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697b53-3bb315de52dcf6114da9ad05;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:40:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: _nFA59k8ERwiA6Ct_pZJs0WkFuagosyyiOkeQc1PuWMcno-Lpz4UfA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:42:39 GMT
etag: "f7ae1b83a0199b76dd0d31a21db4072b867e4f37"
content-type: image/jpeg
age: 69541
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92bcf73f-5c71-47c9-824d-b8fa1f9af018.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92bcf73f-5c71-47c9-824d-b8fa1f9af018.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4ff4c1be0934222258267f7595f2ecde
5d51855ed7cc6f8cac53eef1730212eb70b28036
49ce70117f2b108ebcff7f8e0ac14b2583eaf6b36a10baff097b35b728ba44d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92bcf73f-5c71-47c9-824d-b8fa1f9af018.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10781
x-amzn-requestid: c5063271-8b84-41d7-899c-958c135541c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAwTF2cIAMF0DQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697b34-6b6018d826efae3e3738a7d9;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:40:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yfT-BN4Codmr6J5v6xIIIpOG5EaHI1xnOqineRxdeQ3VJ_MmujMZew==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:42:38 GMT
age: 69542
etag: "5d51855ed7cc6f8cac53eef1730212eb70b28036"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C7GYpM3mXSf0hVyGO9Zzlxa3IHXHdyPlXsvr3i0GoQnaPZF6lO-OwA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 06:28:01 GMT
age: 38019
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a2bb539-06cb-47fd-8d3c-7043929bfeaa.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a2bb539-06cb-47fd-8d3c-7043929bfeaa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 71473fb15e07b9c973e7368bdd2c2eb7
e5e369ed7b77ff7639bffc16da2f2ca6c035421c
a7e72e22f9d0204e2be1f21fe1c66c8469c5b14ef3b4c64f3cf2335ba5365618
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a2bb539-06cb-47fd-8d3c-7043929bfeaa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9336
x-amzn-requestid: fb33f029-9d6c-40df-aab2-bdb139d8dedb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAKOGdEIAMFujA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697a41-53c235ce324b4e896b401a40;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zP8bp-rTtlDnlSAnPdZNJL19gSEfS9HmA9WUgNx4jku9i1zoahW-og==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:40:01 GMT
age: 69699
etag: "e5e369ed7b77ff7639bffc16da2f2ca6c035421c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc57b3745-ae4a-4265-b3dd-286aed8be329.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc57b3745-ae4a-4265-b3dd-286aed8be329.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d22d633d497f2e25eab580a648c05434
8e549621e4182a257895a03db93e786bd86072a5
2263e6c2417c5a40885359d93939febbb9e94cef1c598b7ef95069d50275bf28
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc57b3745-ae4a-4265-b3dd-286aed8be329.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5978
x-amzn-requestid: e4cff3d7-86a7-44a8-8858-7c893c19e76c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAVFHdWIAMFQZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697a86-60d1a8250e0017a3574a6642;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:37:10 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qSguV2gfEtxsoWSMifxQEbIAAqhUDgVom0IWauJEIrFoMA5f17J-GA==
via: 1.1 599f04a365a179d553682d476509c388.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:42:26 GMT
age: 69554
etag: "8e549621e4182a257895a03db93e786bd86072a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 39446652ee66d20bd73df20f1a29589c
349ea78f3ad0f2f7376ba22e417226b2e06806d7
655a00944a319ba167e99b43055044cb18bc48d53605ff0d1b6c8b1ba8ee8237
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4737
x-amzn-requestid: ad230e08-9f4e-46cf-9a86-f8e013a1c498
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQBFkEhLIAMFq_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697bbd-7e8b686a23a84c5d473c9ef5;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:42:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FoOPmZEjC6nhw801dgqENVL-9-aC0pyFAF-fMS57XzQyfxck2GGUvA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:49:14 GMT
age: 69146
etag: "349ea78f3ad0f2f7376ba22e417226b2e06806d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
maihoangphotocopy.com/aima/qakbot.zip
103.130.216.99404 Not Found 18 kB URL HTTP/2 maihoangphotocopy.com/aima/qakbot.zip
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7145), with CRLF, LF line terminators
Hash 3954a31c2ddeef6b49d375a08c9c3ae6
48c8464fd65799cd6b460c7186164c2813941c03
2176fdcffb878ebd2fd4abfb7a47ea673661f772a893cbe58b41160130e3db98
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /aima/qakbot.zip HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
x-powered-by: PHP/7.3.33
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-transform, no-cache, no-store, must-revalidate
link: <https://maihoangphotocopy.com/wp-json/>; rel="https://api.w.org/"
content-length: 18282
content-encoding: br
vary: Accept-Encoding
date: Tue, 08 Nov 2022 17:01:40 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b10986024b7c43560e2e76cb10764ec4
dcb10e65ceffd902d240df3c5682be4388119a96
6b9d5fdaeaf7b5c35fa5db97477ec3cde32b64b54b44c0d48b41fef1857630e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 17:01:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d6dbaa7f1a697305cfaabdc859cdb9d3
680fa363852fb33b9b76b83d3ba5c0a4c51499cb
2ccc20d4d484d91da7e9fb07056d62a620af07b21f495be49f54e7e83c988dda
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 17:01:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=AW-871540680
142.250.74.168200 OK 67 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-871540680
IP 142.250.74.168:0
File type ASCII text, with very long lines (2917)
Hash 88ae255c9a9cb5fbba9a12f1b3143006
f2a4c5c4972022a3107b64be212feaa8e02c1b67
9be38df316b20bd811ae6dfe1faf36960342d95c4ceeaceb0793325bfa912578
GET /gtag/js?id=AW-871540680 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 08 Nov 2022 17:01:41 GMT
expires: Tue, 08 Nov 2022 17:01:41 GMT
cache-control: private, max-age=900
last-modified: Tue, 08 Nov 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 66848
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b10986024b7c43560e2e76cb10764ec4
dcb10e65ceffd902d240df3c5682be4388119a96
6b9d5fdaeaf7b5c35fa5db97477ec3cde32b64b54b44c0d48b41fef1857630e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 17:01:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d6dbaa7f1a697305cfaabdc859cdb9d3
680fa363852fb33b9b76b83d3ba5c0a4c51499cb
2ccc20d4d484d91da7e9fb07056d62a620af07b21f495be49f54e7e83c988dda
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 17:01:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maihoangphotocopy.com/wp-content/plugins/ot-product-price-filter/css/nouislider.min.css?ver=5.8.6
103.130.216.99200 OK 957 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/ot-product-price-filter/css/nouislider.min.css?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (3555), with no line terminators
Hash f78df23eb1367872c6560c682e2f924b
4ced6c3eceffecf3b1321ff658715f2f9bae0f77
d4780d6bb8abb704e8325b576a42473e88ff0737939f487aa96afb109ba45e9e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/ot-product-price-filter/css/nouislider.min.css?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: text/css
last-modified: Tue, 29 Sep 2020 05:42:01 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 957
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/ot-product-price-filter/css/layout.css?ver=5.8.6
103.130.216.99200 OK 341 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/ot-product-price-filter/css/layout.css?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash cef6659c722671129d5887689bfda152
6ba01cede1faa623c12c980b7b19970d8d2e618c
7303a34d5306e2af35ca09f36a7767e7f58a5185dd92779a05345c35b88c5634
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/ot-product-price-filter/css/layout.css?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: text/css
last-modified: Tue, 29 Sep 2020 05:42:01 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 341
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.6
103.130.216.99200 OK 10 kB URL HTTP/2 maihoangphotocopy.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type Unicode text, UTF-8 text, with very long lines (33376)
Hash cf64bd69df964ad7baacebb5f165288e
3b43b33729294f0378142606559dac91d56919f8
f8d581c3f1abb40a8a24d79f47abe7b7b4ea24207160d0e260d06ca0cdebcb19
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: text/css
last-modified: Fri, 30 Jul 2021 10:44:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9960
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=2.5.14
103.130.216.99200 OK 7.4 kB URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=2.5.14
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (65536), with no line terminators
Hash bbc6c817dfd23b76b87a702f8d27fd47
0b21faaae17ae0186e1785301087b5a9b2352257
7cd393712956ed26420ac8222422d9b34ba63728bba06e6b81fb85c67d67aea7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=2.5.14 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: text/css
last-modified: Fri, 11 Mar 2022 01:04:51 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7355
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2002
103.130.216.99200 OK 378 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2002
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (1156), with no line terminators
Hash a6928aa91112567cad0fa3dc87d869ee
17ea9c46787e2f18e191fd958b2e66516cbd9b02
cd486376d94277581bada0a4dbdfe75d2a4607283645a522dc346edd36838dde
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2002 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: text/css
last-modified: Tue, 29 Sep 2020 05:44:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 378
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/wc-category-showcase/assets/css/wc-category-showcase.css?ver=01
103.130.216.99200 OK 3.1 kB URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/wc-category-showcase/assets/css/wc-category-showcase.css?ver=01
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type Unicode text, UTF-8 text, with very long lines (19647), with no line terminators
Hash f186c203fcd7b45dc0d258a181d52a82
105c844cef892ba4895f63faccbecfa2eaedba7a
70ce3e14f902ae38dc26746e340bee5f050437bae8c18e6701147799623c394e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/wc-category-showcase/assets/css/wc-category-showcase.css?ver=01 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: text/css
last-modified: Tue, 29 Sep 2020 05:50:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3101
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/css/front.css?ver=5.8.6
103.130.216.99200 OK 2.7 kB URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/css/front.css?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash 8f809c6212c3d60de4bd43d438df0743
7f0c7f3b443ee45886d27201f76e54149a57ca30
1e116702f1ff7c9d870bcd004edd311c8b2ccc4c953c8919187d6edce171849b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/css/front.css?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: text/css
last-modified: Tue, 29 Sep 2020 05:55:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2740
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/js/chosen/chosen.min.css?ver=5.8.6
103.130.216.99200 OK 1.9 kB URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/js/chosen/chosen.min.css?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (10646)
Hash 0948467bdde4f96913a9fb07b3a12310
c9da3a37c26e93e62354bd622d4f88c0e4d84a7e
d75784f2a4d80268575f9eb15305a57fcea6fa95b2f2918f47c8d66e94c88a8e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/js/chosen/chosen.min.css?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: text/css
last-modified: Tue, 29 Sep 2020 05:56:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1907
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/by_author/css/by_author.css?ver=5.8.6
103.130.216.99200 OK 244 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/by_author/css/by_author.css?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash e7368d2dfcc405e1403fe5317236ca38
34f48847f7a5419357fadb63d558da99f64e6e85
f6b51a5ba4f351b6b0aafe1a7de5703c4c64b1e503d7febdc976a54e0e008ead
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/by_author/css/by_author.css?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: text/css
last-modified: Tue, 29 Sep 2020 05:55:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 244
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/by_instock/css/by_instock.css?ver=5.8.6
103.130.216.99200 OK 61 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/by_instock/css/by_instock.css?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash 42adace676f5aabc801213b68dd2f459
79676a1b58ddfbdc18eded38b5fd608b4aa9a81f
c277fe3b68ad507ba99939f981baac6ade7850fabdaaff0ace5334c5a8268700
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/by_instock/css/by_instock.css?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: text/css
last-modified: Tue, 29 Sep 2020 05:55:38 GMT
accept-ranges: bytes
content-length: 61
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=3.0.9
103.130.216.99200 OK 5.6 kB URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=3.0.9
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type HTML document, ASCII text, with very long lines (22141), with no line terminators
Hash 66ffe17a29e4fe1774f7b62f2211bc3d
a1ba17b3ea1a37869314b0cdd82b5e0d2d172375
b4ae3a1900255f27091e97efa9f231509465cc8fc331755cf036333c7b6d7a50
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=3.0.9 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: application/javascript
last-modified: Tue, 29 Sep 2020 05:59:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5610
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/wc-category-showcase/assets/js/bundle.min.js?ver=01
103.130.216.99200 OK 12 kB URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/wc-category-showcase/assets/js/bundle.min.js?ver=01
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (48929)
Hash e5db4e1c5fcb9743fb3b847d964be1a1
fd13a4e8e87a2fd3b93bb3ebeac85a1c747af32a
24ec9aa494520d72f7f7b1b6582ef46f6428ccfcfe89ade806977871b37f9e60
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/wc-category-showcase/assets/js/bundle.min.js?ver=01 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: application/javascript
last-modified: Tue, 29 Sep 2020 05:50:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12083
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
103.130.216.99200 OK 894 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (1680)
Hash dfcc770336a2eead262dd6f877e80755
c201c1011320e8bf6b428fc4ada657b17b5b9650
044ac2994997d874b7b9a5d02fb4e9d911529c4bfa4f62554f1b1b71a48b2943
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: application/javascript
last-modified: Fri, 11 Mar 2022 01:04:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 894
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=4.0.4
103.130.216.99200 OK 655 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=4.0.4
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (1985), with no line terminators
Hash 45d7e53f0103f52c09686a2e00189775
9441759cd9f42216696475cb9a6ddde65215e8e3
186592ce82dcd921c4d1624c421761541b4f149b9ee583506b192fda1a15aeda
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=4.0.4 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: application/javascript
last-modified: Fri, 11 Mar 2022 01:04:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 655
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=4.0.4
103.130.216.99200 OK 938 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=4.0.4
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (2940), with no line terminators
Hash b0b78a02b18f4e4585d69d009ede4df4
c03f17d58f54b62f770bee9c75246d8960919a5a
88594d81dad7ba341a2fedec5edb45e51028353314ae7a5aea9527e93a76c1a4
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=4.0.4 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: application/javascript
last-modified: Fri, 11 Mar 2022 01:04:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 938
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/themes/flatsome/inc/integrations/wc-yith-wishlist/wishlist.js?ver=3.10.2
103.130.216.99200 OK 568 B URL HTTP/2 maihoangphotocopy.com/wp-content/themes/flatsome/inc/integrations/wc-yith-wishlist/wishlist.js?ver=3.10.2
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash 591b10f4f0bbef1774d7478e2e8937c5
89ccd8645869273cbf65cc654f4192d438f687a2
228e29246442d644a46ace0ad6b9d616923dee2577a4e65043916741ad936958
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/flatsome/inc/integrations/wc-yith-wishlist/wishlist.js?ver=3.10.2 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: application/javascript
last-modified: Tue, 03 Nov 2020 02:55:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 568
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce/assets/js/jquery-ui-touch-punch/jquery-ui-touch-punch.min.js?ver=4.0.4
103.130.216.99200 OK 526 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce/assets/js/jquery-ui-touch-punch/jquery-ui-touch-punch.min.js?ver=4.0.4
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type Unicode text, UTF-8 text, with very long lines (1090)
Hash 7551ebda9b33ef3673bc98769bdeada9
107c51edfd27692bca328f094bff11d6c1cf76d7
813e86dd2ac051c797696722e581b6f50b7f5bcbbc181d10a88e35f02289c064
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/jquery-ui-touch-punch/jquery-ui-touch-punch.min.js?ver=4.0.4 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: application/javascript
last-modified: Fri, 11 Mar 2022 01:04:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 526
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce-currency-switcher/js/front.js?ver=1.3.1
103.130.216.99200 OK 3.9 kB URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce-currency-switcher/js/front.js?ver=1.3.1
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash 4e9c259f6b7369c7e3fc015f6184f7a5
cc18e0e1e026b069e8b768cb0a77e1a15b2cbddb
e6200e0cfa9986df62004cd36e01e3837d94b60e1816d86160f26eed3d6562dd
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-currency-switcher/js/front.js?ver=1.3.1 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: application/javascript
last-modified: Tue, 29 Sep 2020 05:55:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3919
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/js/html_types/select.js?ver=5.8.6
103.130.216.99200 OK 376 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/js/html_types/select.js?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash 71041d491ac86647357463d79be26b08
836eb28f2de7166ca99b09248b9e5e5fb6edbc74
60462ea92c6929ad5486f844533da14e3767230c16d8470f1e254b84409a64fd
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/js/html_types/select.js?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: application/javascript
last-modified: Tue, 29 Sep 2020 05:56:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 376
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/js/html_types/mselect.js?ver=5.8.6
103.130.216.99200 OK 584 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/js/html_types/mselect.js?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash 4a9224e074fd9f879d0666984f54b551
fe13ffbf5e2b68f9e4d429ce3406fcf399d3ca01
8ae5b08f8e616668688ea4abc7aaba7a47caf5ff438a0060b9a222c8c4f1face
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/js/html_types/mselect.js?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: application/javascript
last-modified: Tue, 29 Sep 2020 05:56:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 584
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/by_instock/js/by_instock.js?ver=5.8.6
103.130.216.99200 OK 329 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/by_instock/js/by_instock.js?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash 5a8a09f56a844278c839634201c34e4e
e44f8a8c316d1364347e068d6db99c5a02b7f528
7688d63158c0356d9c32cb1fa6b9ba3def71967f9ec35b4e2cfbf7bb314bf04b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/by_instock/js/by_instock.js?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: application/javascript
last-modified: Tue, 29 Sep 2020 05:55:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 329
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/by_onsales/js/by_onsales.js?ver=5.8.6
103.130.216.99200 OK 329 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/by_onsales/js/by_onsales.js?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash 02a95942aa325b3f0086adcd72f8db47
e992cb0ded56edf2160b1cdfc3533cc05b238f8b
543f61a2b4d445c9013f1ffa77e907c3681a796ca3ae6e8059bd6935fd83f3d7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/by_onsales/js/by_onsales.js?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: application/javascript
last-modified: Tue, 29 Sep 2020 05:55:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 329
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/by_sku/js/by_sku.js?ver=5.8.6
103.130.216.99200 OK 912 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/by_sku/js/by_sku.js?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash 7de77481706a0f94a031e4996d654148
1d55d000a5e4c3498bd5515cd0ee068d78c532ed
df9951c2974538735d1f7236a6463ea5f80c4e847f08ae8de8596a919d48494f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/by_sku/js/by_sku.js?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: application/javascript
last-modified: Tue, 29 Sep 2020 05:55:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 912
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/select_radio_check/js/html_types/select_radio_check.js?ver=5.8.6
103.130.216.99200 OK 941 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/select_radio_check/js/html_types/select_radio_check.js?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash 3d1a9681d4e461af11c11901a5be8f52
1f15101e7917021975f1209c526083db8bf7558e
41b4d50c4b78c75c89811ddcb0ea6924751146b943b51aa25883c901a91aab2f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/select_radio_check/js/html_types/select_radio_check.js?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: application/javascript
last-modified: Tue, 29 Sep 2020 05:55:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 941
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/slider/js/html_types/slider.js?ver=5.8.6
103.130.216.99200 OK 796 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/slider/js/html_types/slider.js?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash 8c619315dbd8f7ad8837d60bd950cef2
cdcaabefe92a07933af3eb5644cc7367ce6a90c4
f08de298e8a4a1c060a06eb2c92e836f959f43b20128a3bdde8d6b7d9e2e2107
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/slider/js/html_types/slider.js?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: application/javascript
last-modified: Tue, 29 Sep 2020 05:55:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 796
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
103.130.216.99200 OK 5.8 kB URL HTTP/2 maihoangphotocopy.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type Unicode text, UTF-8 text, with very long lines (16323)
Hash 54751d4cd4f7fd32b25850ef8ad71fc6
47e74afa81675e761838a6eb5bc70ad9c7d47528
8f3249357e3247b7f0efc468ee2f421f5fd2ee1856af1e37f9e8dd1867753eba
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: application/javascript
last-modified: Fri, 30 Jul 2021 10:44:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5805
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-includes/js/dist/hooks.min.js?ver=a7edae857aab69d69fa10d5aef23a5de
103.130.216.99200 OK 1.7 kB URL HTTP/2 maihoangphotocopy.com/wp-includes/js/dist/hooks.min.js?ver=a7edae857aab69d69fa10d5aef23a5de
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (5405)
Hash 3542d5a59cc8f715917094ef5195c984
9748b5fd456ca74067bd23b33512c5ffe1b7afa5
64d15e1842d5583a8b53802ffcce06997baa35eab6ee11be33ff53d25610be25
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/hooks.min.js?ver=a7edae857aab69d69fa10d5aef23a5de HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: application/javascript
last-modified: Fri, 30 Jul 2021 10:44:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1712
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-admin/js/password-strength-meter.min.js?ver=5.8.6
103.130.216.99200 OK 558 B URL HTTP/2 maihoangphotocopy.com/wp-admin/js/password-strength-meter.min.js?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (1088)
Hash 83a4679bd25c92bc2a1ff9c128ef29ba
3fdb33b26d20696ef72f873af6d9d07a820ec54a
beff217915512e7274ad5e7d649efdcd2c35ea3cca254717e2433c5dc71a7bb7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-admin/js/password-strength-meter.min.js?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: application/javascript
last-modified: Fri, 30 Jul 2021 10:44:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 558
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce/assets/js/frontend/password-strength-meter.min.js?ver=4.0.4
103.130.216.99200 OK 692 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce/assets/js/frontend/password-strength-meter.min.js?ver=4.0.4
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (2034), with no line terminators
Hash 33ef4713db1e80bbc6d1859e6f27c06f
f25b664edb377a1f90afd52d47b8cdee34a653b0
d1903d589af286031db078e658c523a70ccbcf3ba25a5d61c95dbfe8a51f3fa6
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/password-strength-meter.min.js?ver=4.0.4 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: application/javascript
last-modified: Fri, 11 Mar 2022 01:04:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 692
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/by_onsales/css/by_onsales.css?ver=5.8.6
103.130.216.99200 OK 57 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/by_onsales/css/by_onsales.css?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash cf3a71f4f059554809a6c493edab94b3
9e60e866175163112070257aee5019a825c8a024
46c9eb24d0df1f5ebcc4885f9b7eedc7de9998fd9052116b25a5f0fd2a90bc97
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/by_onsales/css/by_onsales.css?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: text/css
last-modified: Tue, 29 Sep 2020 05:55:38 GMT
accept-ranges: bytes
content-length: 57
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/by_sku/css/by_sku.css?ver=5.8.6
103.130.216.99200 OK 287 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/by_sku/css/by_sku.css?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash 16b35cce4a06a5c720a67b7b32d4ae51
ca5ae16f795a304bb2e995c6f56f631f675317a3
9678bc32d8f44be5d1eb355832bb7fc3dfa90f933de31f5794ed05cfec62768d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/by_sku/css/by_sku.css?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: text/css
last-modified: Tue, 29 Sep 2020 05:55:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 287
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/by_text/css/by_text.css?ver=5.8.6
103.130.216.99200 OK 377 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/by_text/css/by_text.css?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash caf0a73e117b5e46f23302d5d729da7f
f720888d5a04af6f4fe33d16453d3bf3b1f4d510
a4c0634f5db71734d5b5bff4c9db5720b492e411c7ff0e5a8bd55d0ab3f8409a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/by_text/css/by_text.css?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: text/css
last-modified: Tue, 29 Sep 2020 05:55:41 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 377
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/color/css/html_types/color.css?ver=5.8.6
103.130.216.99200 OK 450 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/color/css/html_types/color.css?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash bb6a32a1f83fea20733d74d569eee378
be5d515c9b6f5a1b8f2a81da408dd750628d9d88
d8931ac1a9dcb5afda827c178c376ee1df21bfa3d39df5c66ad8234a2b965134
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/color/css/html_types/color.css?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: text/css
last-modified: Tue, 29 Sep 2020 05:55:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 450
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/label/css/html_types/label.css?ver=5.8.6
103.130.216.99200 OK 308 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/label/css/html_types/label.css?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash 956684db09fe42dc988d161ea1db2459
a6452b6516b0ba8e891937d26dc616cb6cad00fd
af747889e276f219743525204e18d4c38e22a85070d8c6ecafa215372b9c8c0e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/label/css/html_types/label.css?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: text/css
last-modified: Tue, 29 Sep 2020 05:55:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 308
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/products_messenger/css/products_messenger.css?ver=5.8.6
103.130.216.99200 OK 433 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/products_messenger/css/products_messenger.css?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash f2a2c3b74f6a0674ced527ea0d972b46
c858da81e95db5ec88fdb7008a378811dceadb99
9fbc7c377e503251d203a9b3ac6ebe0174dbb3e0a5ea6ec87a36f1bd08712319
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/products_messenger/css/products_messenger.css?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: text/css
last-modified: Tue, 29 Sep 2020 05:55:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 433
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/select_hierarchy/css/html_types/select_hierarchy.css?ver=5.8.6
103.130.216.99200 OK 0 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/select_hierarchy/css/html_types/select_hierarchy.css?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/select_hierarchy/css/html_types/select_hierarchy.css?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: text/css
last-modified: Tue, 29 Sep 2020 05:55:47 GMT
accept-ranges: bytes
content-length: 0
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/select_radio_check/css/html_types/select_radio_check.css?ver=5.8.6
103.130.216.99200 OK 778 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/select_radio_check/css/html_types/select_radio_check.css?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash 66efc2dd491f9457ee29378b61f03e70
5988d14377acc28b079ecd7e1cad819b9cd29d65
81d777ff8282d70dc3d72f3d9a74f8bee8f800196bf05d48c5c3bdc17796c4ff
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/select_radio_check/css/html_types/select_radio_check.css?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: text/css
last-modified: Tue, 29 Sep 2020 05:55:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 778
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/slider/css/html_types/slider.css?ver=5.8.6
103.130.216.99200 OK 0 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/slider/css/html_types/slider.css?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/slider/css/html_types/slider.css?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: text/css
last-modified: Tue, 29 Sep 2020 05:55:49 GMT
accept-ranges: bytes
content-length: 0
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0
103.130.216.99200 OK 887 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash f4ab93f0a15ed3d7f9a9aa4dc10c8e44
8a7a202c2d5b13a3d8cefdfc9d365d06c9a8f4eb
07f0d7acc5ca7171eab1b980605da9ca7ff5ffc3969a5b37aac77aa94ee64453
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: text/css
last-modified: Tue, 29 Sep 2020 05:59:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 887
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.12
103.130.216.99200 OK 328 B URL HTTP/2 maihoangphotocopy.com/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.12
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (327)
Hash 8a1c4f5626a521ebb41f5d989f6e2c7f
91fa777e0689ff76d0fd41625f04de231b3e0569
30fd9ec16112567ac68f1db9d60e71dd610be376f97dd1856ad61ba4265e8fd2
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.12 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: text/css
last-modified: Tue, 03 Nov 2020 02:55:36 GMT
accept-ranges: bytes
content-length: 328
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/themes/flatsome/inc/integrations/wc-yith-wishlist/wishlist.css?ver=3.10.2
103.130.216.99200 OK 1.0 kB URL HTTP/2 maihoangphotocopy.com/wp-content/themes/flatsome/inc/integrations/wc-yith-wishlist/wishlist.css?ver=3.10.2
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash e4f945a0f2b175a4c84f8ace1a671a9f
34cf732fadab1b2e9c7adbbe05f3e0b07689d962
991a4b98ab613ef8362adace28845d36d8e5161955d10a6641a622a84f694b56
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/flatsome/inc/integrations/wc-yith-wishlist/wishlist.css?ver=3.10.2 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: text/css
last-modified: Tue, 03 Nov 2020 02:55:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1044
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/recent-posts-widget-with-thumbnails/public.css?ver=6.7.0
103.130.216.99200 OK 370 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/recent-posts-widget-with-thumbnails/public.css?ver=6.7.0
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash f4ddc9088c2c83c802ef6135049490ac
0537cc7051d4e0c8ecab004460d692496f425b5a
45ca054f439c4fc1bc2aaacacf769b938cff809a5bf550319033a8ba9aba9772
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/recent-posts-widget-with-thumbnails/public.css?ver=6.7.0 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: text/css
last-modified: Tue, 29 Sep 2020 05:42:47 GMT
accept-ranges: bytes
content-length: 370
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/tablepress/css/default.min.css?ver=1.9.2
103.130.216.99200 OK 2.5 kB URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/tablepress/css/default.min.css?ver=1.9.2
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (5871), with no line terminators
Hash 840a0443624d9b378f23f4d8129c1082
a93d1da03530db2a7d2d4e17fa3cc5946b3c1232
3471931e41d3fc8d0ac472981af3a1c8d681e0c712d6a65776e24c41825f01ee
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/tablepress/css/default.min.css?ver=1.9.2 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: text/css
last-modified: Tue, 29 Sep 2020 05:45:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2521
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/themes/flatsome/assets/css/flatsome-shop.css?ver=3.12.3
103.130.216.99200 OK 5.0 kB URL HTTP/2 maihoangphotocopy.com/wp-content/themes/flatsome/assets/css/flatsome-shop.css?ver=3.12.3
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type Unicode text, UTF-8 text, with very long lines (22286)
Hash de346d699deddac568ff2599c09151e6
29ca7dd2d8f87e0167abb722c74e3124228625de
e2992f6cc904de0a86cccd080a413f03cd00a25278cb7b7b9ea3954e9e991849
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/flatsome/assets/css/flatsome-shop.css?ver=3.12.3 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: text/css
last-modified: Tue, 03 Nov 2020 02:55:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5040
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/themes/flatsome-child/style.css?ver=3.0
103.130.216.99200 OK 955 B URL HTTP/2 maihoangphotocopy.com/wp-content/themes/flatsome-child/style.css?ver=3.0
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash 266eb6c420cd45f8fa839d7478c15661
e2166fef770a9d77a39e06ee0b9bade680fb26ca
3fbd5c580871bf846658cdb5c1adc91c34bb25595b870cee91134731e37a570c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/flatsome-child/style.css?ver=3.0 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: text/css
last-modified: Mon, 18 Jan 2021 13:43:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 955
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
103.130.216.99200 OK 4.0 kB URL HTTP/2 maihoangphotocopy.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: application/javascript
last-modified: Fri, 30 Jul 2021 10:44:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/ot-product-price-filter/js/nouislider.min.js?ver=5.8.6
103.130.216.99200 OK 7.1 kB URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/ot-product-price-filter/js/nouislider.min.js?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (21134)
Hash 92b4eac83776161087f31b99af6ec456
1b8d00b6aa9ee179e5fe8407a78296be19caac85
c5f30fbbc420a500f60ddc17f43e6e894a518eace123331255ca03edcfe1257b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/ot-product-price-filter/js/nouislider.min.js?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: application/javascript
last-modified: Tue, 29 Sep 2020 05:42:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7080
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.12.3
103.130.216.99200 OK 49 kB URL HTTP/2 maihoangphotocopy.com/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.12.3
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (19155)
Hash 004d93566813d80ec68a36dea2415572
bdfee1f06577175bec8392851e7ee095a6f31bdd
69e8f48734e37fc9588c060159f986338997f66165bd4bbd0389cae0d5fd9a89
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.12.3 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: application/javascript
last-modified: Tue, 03 Nov 2020 02:55:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 48841
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.12.3
103.130.216.99200 OK 28 kB URL HTTP/2 maihoangphotocopy.com/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.12.3
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (65536), with no line terminators
Hash 3d4b06ffab9d5ae527bc3ffe57c41fae
0fc20a5cd23266ed8d155e3a12301588386a9624
98f9384bca4cf42694ffd6c4f8fa95c9cfe5e7a4198cb89ff1d34be5d0cfa1fb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.12.3 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: text/css
last-modified: Tue, 03 Nov 2020 02:55:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 27563
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
103.130.216.99200 OK 30 kB URL HTTP/2 maihoangphotocopy.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (65447)
Hash 34f918ada1fe4f01c5a4b90065bbc37a
a731f6ce2d413805e39ae45994012b1bd5ea1e2b
eba158d5ab26a5a54a3dcfcea1072c636f44e92fc2eb30a3f27cd5be3f891dfc
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:41 GMT
content-type: application/javascript
last-modified: Fri, 30 Jul 2021 10:44:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30273
date: Tue, 08 Nov 2022 17:01:41 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 03fc468285706210a3ce339d5a223c61
fd32b7fa20b5c53cc2aebc09a3defe4c890f61be
9401d1803a9bac1dd2297405f8cf32dffdc375912ccc1c7bcf884f59a0ed64ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 17:01:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 03fc468285706210a3ce339d5a223c61
fd32b7fa20b5c53cc2aebc09a3defe4c890f61be
9401d1803a9bac1dd2297405f8cf32dffdc375912ccc1c7bcf884f59a0ed64ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 17:01:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 03fc468285706210a3ce339d5a223c61
fd32b7fa20b5c53cc2aebc09a3defe4c890f61be
9401d1803a9bac1dd2297405f8cf32dffdc375912ccc1c7bcf884f59a0ed64ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 17:01:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 03fc468285706210a3ce339d5a223c61
fd32b7fa20b5c53cc2aebc09a3defe4c890f61be
9401d1803a9bac1dd2297405f8cf32dffdc375912ccc1c7bcf884f59a0ed64ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 17:01:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 03fc468285706210a3ce339d5a223c61
fd32b7fa20b5c53cc2aebc09a3defe4c890f61be
9401d1803a9bac1dd2297405f8cf32dffdc375912ccc1c7bcf884f59a0ed64ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 17:01:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://maihoangphotocopy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:34:08 GMT
expires: Thu, 02 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 509253
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
216.58.207.195200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 11872, version 1.0\012- data
Hash 87ace20058325aa069320aa4af875dff
b743548770c46d905ae1ba06310bc001c587fe8e
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://maihoangphotocopy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:35:48 GMT
expires: Thu, 02 Nov 2023 19:35:48 GMT
cache-control: public, max-age=31536000
age: 509153
last-modified: Wed, 11 May 2022 19:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
216.58.207.195200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 11824, version 1.0\012- data
Hash deb26e9b1a25438118e5d39d741ae6b6
a2801defb4c8bed8e4083dfde0b2a5a9c0537020
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://maihoangphotocopy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11824
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:50:35 GMT
expires: Thu, 02 Nov 2023 19:50:35 GMT
cache-control: public, max-age=31536000
age: 508266
last-modified: Wed, 11 May 2022 19:24:43 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
216.58.207.195200 OK 5.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 5560, version 1.0\012- data
Hash ca3b09b62fda648a4511700413313fd0
109cd4c5435bd6614391bb8722c47c287c96b2ec
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://maihoangphotocopy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5560
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:36:26 GMT
expires: Thu, 02 Nov 2023 19:36:26 GMT
cache-control: public, max-age=31536000
age: 509115
last-modified: Wed, 11 May 2022 19:24:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://maihoangphotocopy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:34:08 GMT
expires: Thu, 02 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 509253
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d5e48e9985f578f1aea54d1680a62b2e
aeb024cae8e3da1534fb22d75ff80448ce783b71
a50720fe50839393bb435957a712029cda538ed8aeebadebfd1bed10298852fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A50720FE50839393BB435957A712029CDA538ED8AEEBADEBFD1BED10298852FA"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7245
Expires: Tue, 08 Nov 2022 19:02:26 GMT
Date: Tue, 08 Nov 2022 17:01:41 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 03fc468285706210a3ce339d5a223c61
fd32b7fa20b5c53cc2aebc09a3defe4c890f61be
9401d1803a9bac1dd2297405f8cf32dffdc375912ccc1c7bcf884f59a0ed64ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 17:01:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
216.58.207.195200 OK 5.5 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 5548, version 1.0\012- data
Hash cdaab83619fcacd4027a77c99dd51e69
9e6eae8554f8cc2309b2dae2d9fa217e34eed6a4
4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://maihoangphotocopy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5548
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 21:33:47 GMT
expires: Thu, 02 Nov 2023 21:33:47 GMT
cache-control: public, max-age=31536000
age: 502074
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/uploads/2021/01/logo-mai-ho%C3%A0ng.png
103.130.216.99200 OK 4.6 kB URL HTTP/2 maihoangphotocopy.com/wp-content/uploads/2021/01/logo-mai-ho%C3%A0ng.png
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type PNG image data, 595 x 264, 8-bit colormap, non-interlaced\012- data
Hash 4667a48a2c9e18a1622aa6f7eb524c20
d0e7903b45ecd48e77f705a8f4f3c898e2a85bdc
ff280f25bdc459e52ebeb2d17af41afedb82e53d14fe3efc7476cf6fca7d2762
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2021/01/logo-mai-ho%C3%A0ng.png HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:42 GMT
content-type: image/png
last-modified: Mon, 18 Jan 2021 09:46:35 GMT
accept-ranges: bytes
content-length: 4601
date: Tue, 08 Nov 2022 17:01:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/uploads/2020/04/bct.png
103.130.216.99200 OK 40 kB URL HTTP/2 maihoangphotocopy.com/wp-content/uploads/2020/04/bct.png
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type PNG image data, 600 x 227, 8-bit/color RGBA, non-interlaced\012- data
Hash f3d3b02c52d6144889ea6a5cbc6f0f19
e0943c89ae88ee72ac7d607b24881a01d4ef2545
3ce767d3c8938a12c7fd8ae92b0a3d861d350773e2b99e1bbb0d76550e96cd3f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/04/bct.png HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:42 GMT
content-type: image/png
last-modified: Tue, 29 Sep 2020 06:08:39 GMT
accept-ranges: bytes
content-length: 40074
date: Tue, 08 Nov 2022 17:01:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce-currency-switcher/css/front.css?ver=1.3.1
103.130.216.99200 OK 887 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce-currency-switcher/css/front.css?ver=1.3.1
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash ab3556621988a5cb8962793ec974a90d
80e3c8f55247146f79d5c105d0186b30d3e84915
8866604a1199c419a6289b8e5f03cfccf30d1b55f01837ab5b31b6c719af042e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-currency-switcher/css/front.css?ver=1.3.1 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:42 GMT
content-type: text/css
last-modified: Tue, 29 Sep 2020 05:55:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 887
date: Tue, 08 Nov 2022 17:01:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/js/ion.range-slider/css/ion.rangeSlider.css?ver=5.8.6
103.130.216.99200 OK 746 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/js/ion.range-slider/css/ion.rangeSlider.css?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash 5b555317b6600b82294c80a0366cdf65
e2e36ab3dbf32afb5eaf085ad33690415cd04888
2a288149a92d836c4e976fafcaff46d3d9e6d443b27bfc51ad22b9829c656b6f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/js/ion.range-slider/css/ion.rangeSlider.css?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:42 GMT
content-type: text/css
last-modified: Tue, 29 Sep 2020 05:56:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 746
date: Tue, 08 Nov 2022 17:01:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/js/ion.range-slider/css/ion.rangeSlider.skinNice.css?ver=5.8.6
103.130.216.99200 OK 587 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/js/ion.range-slider/css/ion.rangeSlider.skinNice.css?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash 44c14cfd4dad693c933821b4ca60323a
8c190a6bb215ad5e3b834e81b7bda285007ca94f
2d28d9febe5e627ac1e69a60e6c82f809f0c14855cc57da29bb78b3603236622
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/js/ion.range-slider/css/ion.rangeSlider.skinNice.css?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:42 GMT
content-type: text/css
last-modified: Tue, 29 Sep 2020 05:56:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 587
date: Tue, 08 Nov 2022 17:01:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0
103.130.216.99200 OK 3.7 kB URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (15658)
Hash 2e1ace7d6395ee01f03245506620cf70
5db6c3acbcf75b51612ab3fd5608cc6a2458f024
4bc24bd6b86a2f59c777ceea8dccb205167bf8a1cd94785768605347814dd7ee
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:42 GMT
content-type: application/javascript
last-modified: Tue, 29 Sep 2020 05:59:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3710
date: Tue, 08 Nov 2022 17:01:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2002
103.130.216.99200 OK 2.2 kB URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2002
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (6091), with no line terminators
Hash bc966353388572531142d078254a46dd
d813127829e81e4d1b42d7943c5f44887cf03d8e
377527657e160de1456dff3e050ba75f2bf0648fb1a479d5e831441f84b9e606
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/table-of-contents-plus/front.min.js?ver=2002 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:42 GMT
content-type: application/javascript
last-modified: Tue, 29 Sep 2020 05:44:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2181
date: Tue, 08 Nov 2022 17:01:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
103.130.216.99200 OK 3.3 kB URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (9172)
Hash 9c7ae47bcf0dc0d73dc2efa79ad93080
d6666e4f67d9ce2a031613735c462e8c509e7203
326fc19eb1b917c2bd26de1196715e9ad6736988d89823e7418cab6f28eb2126
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:42 GMT
content-type: application/javascript
last-modified: Fri, 11 Mar 2022 01:04:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3280
date: Tue, 08 Nov 2022 17:01:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=4.0.4
103.130.216.99200 OK 914 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=4.0.4
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type HTML document, ASCII text, with very long lines (2793), with no line terminators
Hash f2559b3077cbfb9fdc8c9f081d1b3321
25127f1379987a5a2612cf3653dcddd1be3ab944
497dc79f1af98a1d404b948c0f8acbe61a77639d8822324a4ff52c249e250eb5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=4.0.4 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:42 GMT
content-type: application/javascript
last-modified: Fri, 11 Mar 2022 01:04:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 914
date: Tue, 08 Nov 2022 17:01:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-includes/js/hoverIntent.min.js?ver=1.10.1
103.130.216.99200 OK 656 B URL HTTP/2 maihoangphotocopy.com/wp-includes/js/hoverIntent.min.js?ver=1.10.1
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (1445)
Hash bd87574b1deaeb098dee8bdf37586145
dc0cfb5b1c2596984ecd0de71577a8a21ea3bc74
41d15c4fc818bc5dbb435ba559095e856e3b765f5f2a9ff6f5d1a0ed9cc9b3e1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/hoverIntent.min.js?ver=1.10.1 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:42 GMT
content-type: application/javascript
last-modified: Fri, 30 Jul 2021 10:44:35 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 656
date: Tue, 08 Nov 2022 17:01:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.12.3
103.130.216.99200 OK 4.8 kB URL HTTP/2 maihoangphotocopy.com/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.12.3
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (12801)
Hash 70cbc7ebb657b8543e7a16850bd72f06
52f910087652491f0aed0d9c23029cf9cde73e25
e001ff5cf15b6ba1d367f441370a2fad7baab087af21c7a22d009ddce1ca342b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.12.3 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:42 GMT
content-type: application/javascript
last-modified: Tue, 03 Nov 2020 02:55:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4815
date: Tue, 08 Nov 2022 17:01:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/themes/flatsome/assets/js/woocommerce.js?ver=3.12.3
103.130.216.99200 OK 4.5 kB URL HTTP/2 maihoangphotocopy.com/wp-content/themes/flatsome/assets/js/woocommerce.js?ver=3.12.3
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type HTML document, ASCII text, with very long lines (8876)
Hash 68d75f0bd57c2b1e14be7b13412fbbb9
770cb25900768562a33ed0c0c48e436c518479e8
26e795403d6ecc1f0df7ea734e41d610f269bc7cf23f74d155be0c114e73b9b5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/flatsome/assets/js/woocommerce.js?ver=3.12.3 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:42 GMT
content-type: application/javascript
last-modified: Tue, 03 Nov 2020 02:55:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4492
date: Tue, 08 Nov 2022 17:01:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-includes/js/wp-embed.min.js?ver=5.8.6
103.130.216.99200 OK 663 B URL HTTP/2 maihoangphotocopy.com/wp-includes/js/wp-embed.min.js?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (1391)
Hash 992198ff853eb696f88bb0ec8586d015
a6262428de1b6c68cccf617d2a503f5a3bd3aecd
ae0480bd571a7f57cccdbd08f77706edca84029f95bd90bc325224169528d21c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-embed.min.js?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:42 GMT
content-type: application/javascript
last-modified: Fri, 30 Jul 2021 10:44:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 663
date: Tue, 08 Nov 2022 17:01:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
103.130.216.99200 OK 6.6 kB URL HTTP/2 maihoangphotocopy.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (7973)
Hash a860333ebd586af29e6e3f2f882aaf39
8b0a322de4f2e143339a1f01cf2301f7d5191ad1
5e56e5766fb13582a2bb4c36e780771cb3c27ac8a0e02096cd9f05a55b389653
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.12.1 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:42 GMT
content-type: application/javascript
last-modified: Fri, 30 Jul 2021 10:44:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6589
date: Tue, 08 Nov 2022 17:01:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.12.1
103.130.216.99200 OK 984 B URL HTTP/2 maihoangphotocopy.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.12.1
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (3202)
Hash f2cf35e80249f611cca2a41d3c254af6
09ff3ebf0f5eeb883210ba081b61428dd070b831
8d953c7a7c7a0ed7b853ae8af58c81fb04fc79c0ee0852b28481ad2ea5d89002
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.12.1 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:42 GMT
content-type: application/javascript
last-modified: Fri, 30 Jul 2021 10:44:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 984
date: Tue, 08 Nov 2022 17:01:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-includes/js/jquery/ui/slider.min.js?ver=1.12.1
103.130.216.99200 OK 3.0 kB URL HTTP/2 maihoangphotocopy.com/wp-includes/js/jquery/ui/slider.min.js?ver=1.12.1
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (10533)
Hash 7a5af828368fd52e6fac5beb8aee748d
050bfd8f6f6e9dffa6fc520456ed331b15eb422f
72a48236a64fed9dcf2470ee858e837ac7fece0290c312539d37d09a2061fc06
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/slider.min.js?ver=1.12.1 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:42 GMT
content-type: application/javascript
last-modified: Fri, 30 Jul 2021 10:44:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2980
date: Tue, 08 Nov 2022 17:01:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce-currency-switcher/js/price-slider_33.js?ver=1.3.1
103.130.216.99200 OK 896 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce-currency-switcher/js/price-slider_33.js?ver=1.3.1
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash dc55bea6aa1ba0196ec340b1be060018
11bdd38f6793aaffe562522252491ddab71f6f87
f66e8dbf2fce1cacaaa2d89b25b97c29134ed800968468d169fa9aed662270a1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-currency-switcher/js/price-slider_33.js?ver=1.3.1 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:42 GMT
content-type: application/javascript
last-modified: Tue, 29 Sep 2020 05:55:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 896
date: Tue, 08 Nov 2022 17:01:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce-currency-switcher/js/jquery.ddslick.min.js?ver=1.3.1
103.130.216.99200 OK 2.1 kB URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce-currency-switcher/js/jquery.ddslick.min.js?ver=1.3.1
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type HTML document, Unicode text, UTF-8 text, with very long lines (7149), with no line terminators
Hash 0b222a1342b3b8c0333cbe43e4da658d
6bc639dbcd4286f577adadea2b04d7952fe058a5
f1da6eaee063d3cb986d065710ba93d2640f96b2ad5f85477d389aec7bc30962
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-currency-switcher/js/jquery.ddslick.min.js?ver=1.3.1 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:42 GMT
content-type: application/javascript
last-modified: Tue, 29 Sep 2020 05:55:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2129
date: Tue, 08 Nov 2022 17:01:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/js/ion.range-slider/js/ion-rangeSlider/ion.rangeSlider.min.js?ver=5.8.6
103.130.216.99200 OK 8.2 kB URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/js/ion.range-slider/js/ion-rangeSlider/ion.rangeSlider.min.js?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type Unicode text, UTF-8 (with BOM) text, with very long lines (649)
Hash 2a435f3fb3ef60a962fa3ada169523de
80668aaaa6281bb26f79ce730fa51ede8ccf25b7
ae0fcac47205cdbf31cf9429fd7c1cccccda720990abc52cff95a88ff6d70039
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/js/ion.range-slider/js/ion-rangeSlider/ion.rangeSlider.min.js?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:42 GMT
content-type: application/javascript
last-modified: Tue, 29 Sep 2020 05:56:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8219
date: Tue, 08 Nov 2022 17:01:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/js/front.js?ver=5.8.6
103.130.216.99200 OK 9.0 kB URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/js/front.js?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash c7864ae010e80178d280949c487e9ade
a4f3eb6be2154130d2790ed47e32db31221916c6
305a1fc7aee3d96a7c104dd1fd679c2636eb08926bee885fb37bae4adc1d1591
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/js/front.js?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:42 GMT
content-type: application/javascript
last-modified: Tue, 29 Sep 2020 05:56:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8961
date: Tue, 08 Nov 2022 17:01:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/js/html_types/radio.js?ver=5.8.6
103.130.216.99200 OK 750 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/js/html_types/radio.js?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash f0324dcd0787d7f5c6a4ccfcf3b778c2
7f5086a9e73443cc47201ecf8ab848282afbd7aa
02769a5b03cc30cb853e5ba578d03d087ce6b02c86b3b3aed9c9eba6b10b7cc0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/js/html_types/radio.js?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:42 GMT
content-type: application/javascript
last-modified: Tue, 29 Sep 2020 05:56:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 750
date: Tue, 08 Nov 2022 17:01:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/js/html_types/checkbox.js?ver=5.8.6
103.130.216.99200 OK 711 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/js/html_types/checkbox.js?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash 5b7daea35824aa2ccb8bbf7df6032a1c
1afe722eb6311410e9214559cc64b13341b0ca2c
1066b4bd79c1a9aeef7ab76d49200d0b4b58d76b62cee0ddee8201d408596019
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/js/html_types/checkbox.js?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:42 GMT
content-type: application/javascript
last-modified: Tue, 29 Sep 2020 05:56:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 711
date: Tue, 08 Nov 2022 17:01:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/by_author/js/by_author.js?ver=5.8.6
103.130.216.99200 OK 401 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/by_author/js/by_author.js?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash 910c2c7f6a88a645ebc2d2c8af7cb683
99b8d40d945897354138a3d2eba06366a0eec83f
c5dea4ed42a4a7a6a529196ed2bce0b851aed9a53da0b5be33ef2c922473a9c2
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/by_author/js/by_author.js?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:42 GMT
content-type: application/javascript
last-modified: Tue, 29 Sep 2020 05:55:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 401
date: Tue, 08 Nov 2022 17:01:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/by_text/js/by_text.js?ver=5.8.6
103.130.216.99200 OK 1.2 kB URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/by_text/js/by_text.js?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash 25b2f2624b53076aeb4ebf3d89ada361
c6adf72f952211162ad0411ff58bcb2ef61b0fda
d5f0be6cd86b40b9df1fa670942042ed37834a675fe22202ba3de737029f76f8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/by_text/js/by_text.js?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:42 GMT
content-type: application/javascript
last-modified: Tue, 29 Sep 2020 05:55:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1190
date: Tue, 08 Nov 2022 17:01:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/color/js/html_types/color.js?ver=5.8.6
103.130.216.99200 OK 802 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/color/js/html_types/color.js?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash 7fbcdd1296c383b47a4e5238bcfca7b6
79d6edb7da8a5bf6a49c4f8a37e8a35a5bff990d
99e1d8211c3dcf632850e1decf0c7234bfcfb48c08513f08e260b5e6880f69bb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/color/js/html_types/color.js?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:42 GMT
content-type: application/javascript
last-modified: Tue, 29 Sep 2020 05:55:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 802
date: Tue, 08 Nov 2022 17:01:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/label/js/html_types/label.js?ver=5.8.6
103.130.216.99200 OK 493 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/label/js/html_types/label.js?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash 5eeef37f8f41b6af74d178b1c2c32548
bedce25e366a05a14ff288b4d842d93f3ffc6e61
e5190d0d4fdf1dc7387e4f0eff61306bca8de431e3f68fbf1cd0713ab39f5162
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/label/js/html_types/label.js?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:42 GMT
content-type: application/javascript
last-modified: Tue, 29 Sep 2020 05:55:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 493
date: Tue, 08 Nov 2022 17:01:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/products_messenger/js/products_messenger.js?ver=5.8.6
103.130.216.99200 OK 528 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/products_messenger/js/products_messenger.js?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash b11234750ad7d9ef75f2cf15cce7e42a
c2571f0c9fb81c17f07a20f7be0af6124208214f
28d6ca9c3c8f7b4c1b4ea712216e8ee40a63c2ddd1cf72b680e5f8d4ba21d377
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/products_messenger/js/products_messenger.js?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:42 GMT
content-type: application/javascript
last-modified: Tue, 29 Sep 2020 05:55:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 528
date: Tue, 08 Nov 2022 17:01:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/select_hierarchy/js/html_types/select_hierarchy.js?ver=5.8.6
103.130.216.99200 OK 47 B URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/ext/select_hierarchy/js/html_types/select_hierarchy.js?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash f7423005be87e6a6a7ecca3ed0831e62
18dabb6a12cf7aecd29943c05562947904171119
7be7023c9b13baa4b87880d11049b1a34e2db125778a5ffcbe9e05590e766a00
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/select_hierarchy/js/html_types/select_hierarchy.js?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:42 GMT
content-type: application/javascript
last-modified: Tue, 29 Sep 2020 05:55:47 GMT
accept-ranges: bytes
content-length: 47
date: Tue, 08 Nov 2022 17:01:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/js/chosen/chosen.jquery.min.js?ver=5.8.6
103.130.216.99200 OK 8.1 kB URL HTTP/2 maihoangphotocopy.com/wp-content/plugins/woocommerce-products-filter/js/chosen/chosen.jquery.min.js?ver=5.8.6
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash 0f7abf73fd4b5a1ecee0b3fa1cb2bdbd
f4e007e7b8a5e5d82e1c4028d3a4807528a2d4c4
6c19eaa6612ccd13dde776fb2448ae7e66bf9197f7a5eb69262ae81842018b59
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/js/chosen/chosen.jquery.min.js?ver=5.8.6 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:42 GMT
content-type: application/javascript
last-modified: Tue, 29 Sep 2020 05:56:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8110
date: Tue, 08 Nov 2022 17:01:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-includes/js/zxcvbn-async.min.js?ver=1.0
103.130.216.99200 OK 351 B URL HTTP/2 maihoangphotocopy.com/wp-includes/js/zxcvbn-async.min.js?ver=1.0
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (316)
Hash c6f045d5e79f0a4f5ce90419ca598162
45d70af2ab1d5d4ff738afc052758a0242f31a00
e93e18f2f34a865e27d2d839eaccca6bec750d357f1c937980026d6d25507c2c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/zxcvbn-async.min.js?ver=1.0 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:42 GMT
content-type: application/javascript
last-modified: Fri, 30 Jul 2021 10:44:34 GMT
accept-ranges: bytes
content-length: 351
date: Tue, 08 Nov 2022 17:01:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
103.130.216.99200 OK 2.3 kB URL HTTP/2 maihoangphotocopy.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
File type ASCII text, with very long lines (6406), with no line terminators
Hash 0a5d2d9461ad0dc29cdb0fbab916277d
2705d5ae926519a3bd371ceb07d2851236331a76
46cc96bf94441771fa1b64edd72c60408c5fc863142234f1906238b363dc4325
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:42 GMT
content-type: application/javascript
last-modified: Fri, 30 Jul 2021 10:44:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2308
date: Tue, 08 Nov 2022 17:01:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
cdn.autoads.asia/scripts/autoads-maxlead-widget.js?business_id=4FB6C15620B24521965F59F3D4D1CADB
171.244.15.40200 OK 2.3 kB URL HTTP/1.1 cdn.autoads.asia/scripts/autoads-maxlead-widget.js?business_id=4FB6C15620B24521965F59F3D4D1CADB
IP 171.244.15.40:0
ASN #38731 CHT Compamy Ltd
File type Unicode text, UTF-8 (with BOM) text, with very long lines (6384), with no line terminators
Hash 40852cdf248e435f4ebc6a32850ee0d1
f3505ec06b6ba427d18a3711e3ce2e747b911571
b5f7a8a6e3e4832a374966166086f3d25a32808033bc73bc9fa7698b70661b1a
GET /scripts/autoads-maxlead-widget.js?business_id=4FB6C15620B24521965F59F3D4D1CADB HTTP/1.1
Host: cdn.autoads.asia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: application/javascript
Content-Encoding: gzip
Expires: -1
Last-Modified: Fri, 25 Dec 2020 10:59:07 GMT
Accept-Ranges: bytes
ETag: "808f2af7acdad61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Tue, 08 Nov 2022 17:01:41 GMT
Content-Length: 2330
Strict-Transport-Security: max-age=31536000
Set-Cookie: SRVNAME=cdn21_2; path=/
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 89d3b51d06a660181b023005fb2396a4
df0483119c2dfc20349c6aa00ddbc399e0ef03f0
51f52c22a57c3fbbdb9411641234063b9c8ce79a61a72fa81e7570ef2171220d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1220
Cache-Control: max-age=135817
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 17:01:42 GMT
Etag: "6369f63c-1d7"
Expires: Thu, 10 Nov 2022 06:45:19 GMT
Last-Modified: Tue, 08 Nov 2022 06:25:00 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash a9374206851834987bb6f42fdbde6965
1e7632ba7b83a2258cb88662d2fb2783d400dec3
854af7f8daaf516b72c709bf1c9e6ba2637431efac48d977c520440cb3b99dca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 17:01:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1961)
Hash 1e7f4619f98cfbd1755955e1dadf03bd
ac60eae317448a096e9b6264c8d316774f7242a5
8945f3a030fa53848a569631d5aaae937a08ff86e41845437525b3919bacca3d
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 7ee763b1f30845493b3aeb0fcc620f4b
etag: "a702c03e8bd982232f3bc81531dc20b0"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 08 Nov 2022 17:10:40 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: Hn9GGfmM+9F1WVXh2t8DvQ==
x-fb-debug: TTiDZ+tjwVPWQzUwhhbMXJb0INBAPLDS7x1aLwFAljlgQDTAyf/v5o2FDVekmkqVhkJBXDt4M4HPu8U9XCRtSg==
priority: u=3,i
content-length: 1683
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 17:01:42 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/871540680/?random=1667926898838&cv=11&fst=1667926898838&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmaihoangphotocopy.com%2Faima%2Fqakbot.zip&tiba=Page%20not%20found%20-%20C%C3%94NG%20TY%20C%E1%BB%94%20PH%E1%BA%A6N%20THI%E1%BA%BET%20B%E1%BB%8A%20V%C4%82N%20PH%C3%92NG%20MAI%20HO%C3%80NG&auid=1429965341.1667926899&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.162200 OK 962 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/871540680/?random=1667926898838&cv=11&fst=1667926898838&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmaihoangphotocopy.com%2Faima%2Fqakbot.zip&tiba=Page%20not%20found%20-%20C%C3%94NG%20TY%20C%E1%BB%94%20PH%E1%BA%A6N%20THI%E1%BA%BET%20B%E1%BB%8A%20V%C4%82N%20PH%C3%92NG%20MAI%20HO%C3%80NG&auid=1429965341.1667926899&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2123), with no line terminators
Hash 2a26caf8d32ae8d57bf7c69db7642b7e
4b8abe4549293d7aa2146a3958bc25685fc6615a
0fbbde64228854cf3a23c4abeae19009102273b195c34207726c7b5796e51b1e
GET /pagead/viewthroughconversion/871540680/?random=1667926898838&cv=11&fst=1667926898838&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmaihoangphotocopy.com%2Faima%2Fqakbot.zip&tiba=Page%20not%20found%20-%20C%C3%94NG%20TY%20C%E1%BB%94%20PH%E1%BA%A6N%20THI%E1%BA%BET%20B%E1%BB%8A%20V%C4%82N%20PH%C3%92NG%20MAI%20HO%C3%80NG&auid=1429965341.1667926899&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 08 Nov 2022 17:01:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 962
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 08-Nov-2022 17:16:42 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 89d3b51d06a660181b023005fb2396a4
df0483119c2dfc20349c6aa00ddbc399e0ef03f0
51f52c22a57c3fbbdb9411641234063b9c8ce79a61a72fa81e7570ef2171220d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1220
Cache-Control: max-age=135817
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 17:01:42 GMT
Etag: "6369f63c-1d7"
Expires: Thu, 10 Nov 2022 06:45:19 GMT
Last-Modified: Tue, 08 Nov 2022 06:25:00 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d044f3e2fc14a96cc5752446b440b143
d0d278c9eee46eb43a3f91e8fa55db206a78c93a
a0aa7ecc56cdd27079c14e17f3f790b3c01584379a519e8f7760eb81a781a02a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 17:01:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-M8C75YTBPP>m=2oeb20&_p=1285299496&cid=1685707817.1667926899&ul=en-us&sr=1280x1024&_s=1&sid=1667926899&sct=1&seg=0&dl=https%3A%2F%2Fmaihoangphotocopy.com%2Faima%2Fqakbot.zip&dt=Page%20not%20found%20-%20C%C3%94NG%20TY%20C%E1%BB%94%20PH%E1%BA%A6N%20THI%E1%BA%BET%20B%E1%BB%8A%20V%C4%82N%20PH%C3%92NG%20MAI%20HO%C3%80NG&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-M8C75YTBPP>m=2oeb20&_p=1285299496&cid=1685707817.1667926899&ul=en-us&sr=1280x1024&_s=1&sid=1667926899&sct=1&seg=0&dl=https%3A%2F%2Fmaihoangphotocopy.com%2Faima%2Fqakbot.zip&dt=Page%20not%20found%20-%20C%C3%94NG%20TY%20C%E1%BB%94%20PH%E1%BA%A6N%20THI%E1%BA%BET%20B%E1%BB%8A%20V%C4%82N%20PH%C3%92NG%20MAI%20HO%C3%80NG&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-M8C75YTBPP>m=2oeb20&_p=1285299496&cid=1685707817.1667926899&ul=en-us&sr=1280x1024&_s=1&sid=1667926899&sct=1&seg=0&dl=https%3A%2F%2Fmaihoangphotocopy.com%2Faima%2Fqakbot.zip&dt=Page%20not%20found%20-%20C%C3%94NG%20TY%20C%E1%BB%94%20PH%E1%BA%A6N%20THI%E1%BA%BET%20B%E1%BB%8A%20V%C4%82N%20PH%C3%92NG%20MAI%20HO%C3%80NG&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://maihoangphotocopy.com
Connection: keep-alive
Referer: https://maihoangphotocopy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://maihoangphotocopy.com
date: Tue, 08 Nov 2022 17:01:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 541f79932e9b70823c9df2abb81b7f66
e19592e5e6f207caf7320aa3182fcdefea067668
bf445d61f2e817128aa4016af47868b675560d8269bc8c9656ac808d8a10351f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 17:01:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/sdk.js?hash=6b9aedf3ccafa26640acfaf7f7f934bc
31.13.72.12200 OK 88 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=6b9aedf3ccafa26640acfaf7f7f934bc
IP 31.13.72.12:0
File type ASCII text, with very long lines (18530)
Hash be63e6629301308114549871a72350a0
e7c0e8a7e37f80320007200d3b3a90fd6d48e26d
29b3ed4474afbf5405ee857484e79792fb78b5ada35eee64ae7d8619244e2224
GET /en_US/sdk.js?hash=6b9aedf3ccafa26640acfaf7f7f934bc HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://maihoangphotocopy.com
Connection: keep-alive
Referer: https://maihoangphotocopy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 4652de5d620a72b166e00b43d9b0cf3f
etag: "2a003f791ae325f674f0ff4cd0a174ac"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 08 Nov 2023 13:36:22 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: vmPmYpMBMIEUVJhxpyNQoA==
x-fb-debug: XeY8BH4DYnV4flHjU+PT3ksyTJSIouA+TEp1Sr6LrTEIVKV/idTQmQJpz63Vw5nIaUCw22dJkKGtWGXhbAs0fQ==
content-length: 88352
x-fb-trip-id: 2074150462
date: Tue, 08 Nov 2022 17:01:42 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 3549d49ec9ef3b66f2f3da1f6172ef93
54fa67ac88099ed2d4cdf7e24c8b301c7a098d0b
0af6a29f343dcbc612e18ab821ae8555975e27c363d72205366a3c5bb85b7211
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 17:01:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 01c1a1367e530a799bcaee7de89eefee
19d2450df87f1f3bb1c94e6e0bafbd60c7aead00
79cce6506b30bd3c699a700851db3254c2b909e559c54408b7d254b8e50003e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 17:01:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/871540680/?random=1667926898838&cv=11&fst=1667926800000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fmaihoangphotocopy.com%2Faima%2Fqakbot.zip&tiba=Page%20not%20found%20-%20C%C3%94NG%20TY%20C%E1%BB%94%20PH%E1%BA%A6N%20THI%E1%BA%BET%20B%E1%BB%8A%20V%C4%82N%20PH%C3%92NG%20MAI%20HO%C3%80NG&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2726915455&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/871540680/?random=1667926898838&cv=11&fst=1667926800000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fmaihoangphotocopy.com%2Faima%2Fqakbot.zip&tiba=Page%20not%20found%20-%20C%C3%94NG%20TY%20C%E1%BB%94%20PH%E1%BA%A6N%20THI%E1%BA%BET%20B%E1%BB%8A%20V%C4%82N%20PH%C3%92NG%20MAI%20HO%C3%80NG&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2726915455&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/871540680/?random=1667926898838&cv=11&fst=1667926800000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fmaihoangphotocopy.com%2Faima%2Fqakbot.zip&tiba=Page%20not%20found%20-%20C%C3%94NG%20TY%20C%E1%BB%94%20PH%E1%BA%A6N%20THI%E1%BA%BET%20B%E1%BB%8A%20V%C4%82N%20PH%C3%92NG%20MAI%20HO%C3%80NG&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2726915455&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 08 Nov 2022 17:01:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/871540680/?random=1667926898838&cv=11&fst=1667926800000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fmaihoangphotocopy.com%2Faima%2Fqakbot.zip&tiba=Page%20not%20found%20-%20C%C3%94NG%20TY%20C%E1%BB%94%20PH%E1%BA%A6N%20THI%E1%BA%BET%20B%E1%BB%8A%20V%C4%82N%20PH%C3%92NG%20MAI%20HO%C3%80NG&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2726915455&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/871540680/?random=1667926898838&cv=11&fst=1667926800000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fmaihoangphotocopy.com%2Faima%2Fqakbot.zip&tiba=Page%20not%20found%20-%20C%C3%94NG%20TY%20C%E1%BB%94%20PH%E1%BA%A6N%20THI%E1%BA%BET%20B%E1%BB%8A%20V%C4%82N%20PH%C3%92NG%20MAI%20HO%C3%80NG&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2726915455&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/871540680/?random=1667926898838&cv=11&fst=1667926800000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fmaihoangphotocopy.com%2Faima%2Fqakbot.zip&tiba=Page%20not%20found%20-%20C%C3%94NG%20TY%20C%E1%BB%94%20PH%E1%BA%A6N%20THI%E1%BA%BET%20B%E1%BB%8A%20V%C4%82N%20PH%C3%92NG%20MAI%20HO%C3%80NG&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2726915455&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 08 Nov 2022 17:01:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 01c1a1367e530a799bcaee7de89eefee
19d2450df87f1f3bb1c94e6e0bafbd60c7aead00
79cce6506b30bd3c699a700851db3254c2b909e559c54408b7d254b8e50003e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 17:01:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 5c4c9c21e826ed9dd1520ac96dea393c
106bc7d84ae02a77a4006f2cae1cf7b5093d36c0
1201a34924da1af919077623ac06926d89f890b33b843d30e1e129fee007783f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 17:01:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=354913102523834&ev=fb_page_view&dl=https%3A%2F%2Fmaihoangphotocopy.com%2Faima%2Fqakbot.zip&rl=&if=false&ts=1667926899984&sw=1280&sh=1024&at=
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=354913102523834&ev=fb_page_view&dl=https%3A%2F%2Fmaihoangphotocopy.com%2Faima%2Fqakbot.zip&rl=&if=false&ts=1667926899984&sw=1280&sh=1024&at=
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=354913102523834&ev=fb_page_view&dl=https%3A%2F%2Fmaihoangphotocopy.com%2Faima%2Fqakbot.zip&rl=&if=false&ts=1667926899984&sw=1280&sh=1024&at= HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 08 Nov 2022 17:01:43 GMT
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yH/l/0,cross/eI-Z_8po6XG.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 5.2 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yH/l/0,cross/eI-Z_8po6XG.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4431)
Hash 64001d0d115194ba64aad8ad8c22102a
f1c49b8f3f36db11db9a8e1e367b9c735250c289
b345a4d95d4cb15f6cfe6b9c3273fc1923cb82bd59ab3bb1c0fddd2dbc33339e
GET /rsrc.php/v3/yH/l/0,cross/eI-Z_8po6XG.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 07 Nov 2023 19:29:33 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: ZAAdDRFRlLpkqtitjCIQKg==
x-fb-debug: eiJPQ3rCpk4ccoAcQ77gLB2sEKkGT804i5sKYvgjeJOcj2GBE+p0Fr0U7MJfmNqLqMaeKeSJpPCbIXL5pwgVGA==
priority: u=3,i
content-length: 5156
x-fb-trip-id: 2074150462
date: Tue, 08 Nov 2022 17:01:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 827 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (724)
Hash 29973cf3b0ef9f16fe31ed981b2f6573
f22eb80b89b5e0ae9ace854aab6676d56eaef6a1
476822c80e0a0ee078edb7a74db59378f8b1d43d2de844e28a9e9c2f68a4c8d8
GET /rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 27 Oct 2023 19:33:05 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: KZc887Dvnxb+Me2YGy9lcw==
x-fb-debug: g4bcggfqaqB6Bja//OmajfUrx0iD2yV41F2rYNqDegICxI5i6HgojQBI/xCVMRSxvmDHzQHeNxDWlSGFOXronA==
content-length: 827
x-fb-trip-id: 2074150462
date: Tue, 08 Nov 2022 17:01:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/NJiNNgzn9FZ.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 6.4 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/NJiNNgzn9FZ.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (8976)
Hash f18f13f03eb9d52cf83c0aded64079c1
179fdcc3bd0003cfcce42e26e8660556a6dc7c8d
eb3454aa82bab984d96df0c169a4d2fcc20b98d50f2b96eef42452aa1f139d54
GET /rsrc.php/v3/yW/l/0,cross/NJiNNgzn9FZ.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 04 Nov 2023 06:44:55 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 8Y8T8D651Sz4PAre1kB5wQ==
x-fb-debug: Rzk/1GGEiuBO9gjVnAQIuWuLzZA5tJO0L1pusC7YsWeFN+o+2tC1jGeq8wmsrMw5VTTBbaQTy2Oxoi90QRdbiA==
content-length: 6445
x-fb-trip-id: 2074150462
date: Tue, 08 Nov 2022 17:01:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/fmCWVMZE2Pj.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 4.9 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/fmCWVMZE2Pj.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type assembler source, ASCII text, with very long lines (2642)
Hash 863a76c925d1cd58e6f9301040c180d8
77823bb1c32859a0af0a6e986df408fe42355e7f
225148698525a9513019ac31d4e073ab34c47020c2b9bc3e7a282dfada6ef859
GET /rsrc.php/v3/yF/l/0,cross/fmCWVMZE2Pj.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 04 Nov 2023 00:18:26 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: hjp2ySXRzVjm+TAQQMGA2A==
x-fb-debug: ECS+VnOFTTDg7suhsOsk0xY14LhZ7/1n9/5F6ASvr5pTMQXtmdGoP3xEWIytHjGNnZTkfJHYPU4P8z3DbgnIrQ==
priority: u=2
content-length: 4918
x-fb-trip-id: 2074150462
date: Tue, 08 Nov 2022 17:01:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yM/r/WNuD0ewp6xQ.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 91 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yM/r/WNuD0ewp6xQ.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (18630)
Hash 2735f6f13ab0e68d5d21650e8d76d90d
fac3c804bd2c335c0c6aa615a0f6bd9197d5ed87
1744afaa9fc41238e9cfa2073844a8c1ed9c80093e5f1555fc93acfbec268b5d
GET /rsrc.php/v3/yM/r/WNuD0ewp6xQ.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 08 Nov 2023 01:32:04 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: JzX28Tqw5o1dIWUOjXbZDQ==
x-fb-debug: bC5+aa5Je0InC3pf1rVrCdTR4TP6lFHLdvrsN0ce1Cc3jv3cHGvzYTQToVx8+qOeVfHGmJ0JfNlleTuHo1Q+uQ==
content-length: 91137
x-fb-trip-id: 2074150462
date: Tue, 08 Nov 2022 17:01:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y5/r/NXJxRmgihgl.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 12 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y5/r/NXJxRmgihgl.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (5542)
Hash ff2d2eee60e0c67cd2f5a88064e1739b
7f358686932b0d389e033443b60ffefa22115e2e
adfde198ab91ca51a572f6c857570fb93f33f7ae665d5b2dc45d041ccbdec431
GET /rsrc.php/v3/y5/r/NXJxRmgihgl.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 02 Nov 2023 18:54:51 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: /y0u7mDgxnzS9aiAZOFzmw==
x-fb-debug: u0ErtjzKSWyT9AkarcT9SHjB4/8h/uqL/185UEMWktiYoif9mxfqfQ0rqXGbXKwwAnF0CGMSHrfxyLyD1Ub9Zw==
priority: u=3,i
content-length: 12270
x-fb-trip-id: 2074150462
date: Tue, 08 Nov 2022 17:01:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ojzICpVg5Kb.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 16 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/ys/r/ojzICpVg5Kb.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type C source, ASCII text, with very long lines (8749)
Hash c2b0fc32b893b1c243b3a27bcc5799cd
a9a85686e79bf7bba56cf1a7883b89447096eb54
f84f8dc2511cfbed3abe4ae7dd9c8e02c02260e0824eddaf69f2d54f3994a726
GET /rsrc.php/v3/ys/r/ojzICpVg5Kb.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 05 Nov 2023 03:23:46 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: wrD8MriTscJDs6J7zFeZzQ==
x-fb-debug: ZeaG4nczRFV9qJrZM59ZmYklxtldDRvk75b6fH34gkz1gMCEFsaTtetQwAT3aF82JRPYbxFDD5vVyCK2+3MHGg==
priority: u=3,i
content-length: 16259
x-fb-trip-id: 2074150462
date: Tue, 08 Nov 2022 17:01:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yC/l/en_US/I52F_owkvX4.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 23 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iEpO4/yC/l/en_US/I52F_owkvX4.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (41977)
Hash e5ac274375457b828912871811b4be94
3bbd528facf279eab4dc093a7fad9dbc837689eb
602f6ee48130b3bcb4e21f4307bd1c83d110182e1fb4cb8f118171d10c6f5ae4
GET /rsrc.php/v3iEpO4/yC/l/en_US/I52F_owkvX4.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 02 Nov 2023 19:19:47 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 5awnQ3VFe4KJEocYEbS+lA==
x-fb-debug: A69DPQXhkxcqr8dhq9gxsPnfUKmSBxAmHB1DiK5n9OBFY9YKN4sHzuSG6TTw/KAmtV3VGX6Zl/E3RELd2smEhA==
priority: u=3,i
content-length: 23273
x-fb-trip-id: 2074150462
date: Tue, 08 Nov 2022 17:01:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y_/r/wTglN12iuj9.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 8.6 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y_/r/wTglN12iuj9.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type C source, ASCII text, with very long lines (10494)
Hash 7a251324c979f281c33a391e28e632b5
d923ec35e14b92409ad05bed1ff3a018a10edb4e
3508e37a9692eac38f87221db9769070a336586c499a49c80b1b6fdf2d111c58
GET /rsrc.php/v3/y_/r/wTglN12iuj9.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 04 Nov 2023 06:45:01 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: eiUTJMl58oHDOjkeKOYytQ==
x-fb-debug: AswBv4pVAxG8MkcovIF8KNGw7E3tjgVbc2E8fb60hQlg1iVYNeYHKYf73/PR3fzitQW528N6ApzJT2w2s778pQ==
content-length: 8632
x-fb-trip-id: 2074150462
date: Tue, 08 Nov 2022 17:01:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yl/r/SuHirPIqipH.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 8.2 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yl/r/SuHirPIqipH.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (9885)
Hash 0eaa197a5c011011e1489f411b042249
9ba134dd641bbbc6ce70619ccd94f5d5ef47a899
145cfec975ec864e6589409173f8f9fee2a59faf0ce28c42889897e812ab9ac4
GET /rsrc.php/v3/yl/r/SuHirPIqipH.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 31 Oct 2023 20:10:15 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: DqoZelwBEBHhSJ9BGwQiSQ==
x-fb-debug: yFSTPf9aHCGcyulbBG2ye1uEtO6uRbNdzUijFwGA9MyDesJEtfw60dXhmic10Dug+H1qEox4CIVne1nj6DcCzg==
content-length: 8222
x-fb-trip-id: 2074150462
date: Tue, 08 Nov 2022 17:01:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 338 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (327)
Hash 76f593e842677f73cd0a06232874b2c3
25a13f79478d5a0e286a2299dca2f3b296463079
74dcbe026002f10b703960a500b50dabe518862e568a9e689dec7afa243fa44d
GET /rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 27 Oct 2023 20:08:04 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: dvWT6EJnf3PNCgYjKHSyww==
x-fb-debug: C8ru5zkRydgvHeANSR5CCnJiMJOKT/Cn1D/peSgWNQK5UFwPIyoKe+MHTJeZ5YMaL9iMR1r/NPoYeX9Euxr11g==
priority: u=3,i
content-length: 338
x-fb-trip-id: 2074150462
date: Tue, 08 Nov 2022 17:01:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iLl54/yH/l/en_US/9ceEMw7kTfT.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 7.1 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iLl54/yH/l/en_US/9ceEMw7kTfT.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (2905)
Hash 950c261533c6a05f36c3ec2562963ecb
65cbaffa72eb8dafe5b43aec833435170c02b15d
4c9b051d6cba504010fc8ebdba2ca7da807224e44ad7e9798bb25b90069a3e11
GET /rsrc.php/v3iLl54/yH/l/en_US/9ceEMw7kTfT.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 31 Oct 2023 20:10:19 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: lQwmFTPGoF82w+wlYpY+yw==
x-fb-debug: 13t86O1M9DDsMwuTuYJ9iHHjy1D4DmDIoaZn1iZikhDq39+hHiXsu3jXeEJGr8g98egndLLqFp4sag+ChL7QYw==
content-length: 7089
x-fb-trip-id: 2074150462
date: Tue, 08 Nov 2022 17:01:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3ivrH4/yL/l/en_US/PRLdM6JdoNy.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 80 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3ivrH4/yL/l/en_US/PRLdM6JdoNy.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (5723)
Hash 413933603fd11a27c002609b51c209a4
93b39cfbc87cf1f800567c1df6c5b67b62d6442b
dcaf00742c5e8f1f1c657a11381ea53b7b0799ca7ab4a058761e4fe856a387b0
GET /rsrc.php/v3ivrH4/yL/l/en_US/PRLdM6JdoNy.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 08 Nov 2023 06:18:05 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: QTkzYD/RGifAAmCbUcIJpA==
x-fb-debug: Qy5cPypoM7yS+5vuORQCbPlOL7Wzjn6IdUB4HlfstXLPVzDqVT68Btz00GkkHpliWK93G6TtdmnOpJz+LrUvMA==
priority: u=3,i
content-length: 79899
x-fb-trip-id: 2074150462
date: Tue, 08 Nov 2022 17:01:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yd/r/zge0LHF8dqs.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 19 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yd/r/zge0LHF8dqs.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (8610)
Hash 71784d64e0730a4231030112bc940424
e3e7d4984225fdbf12dbad61346e907cd35f71e4
8b5aa4ccf01ce902d15f71da668eefe12f44c12626415446e1720992f2c56094
GET /rsrc.php/v3/yd/r/zge0LHF8dqs.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 03 Nov 2023 02:42:02 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: cXhNZOBzCkIxAwESvJQEJA==
x-fb-debug: of7wzu3jYEJMPPwjdxt9dlZ+JyntVBdyTSg4ayv5c+O6v86H8j/WmjJR4jsmOJwS/QOpRYL483Avd8mxE2scdg==
priority: u=3,i
content-length: 19177
x-fb-trip-id: 2074150462
date: Tue, 08 Nov 2022 17:01:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3izWV4/yc/l/en_US/qk2dbOUObQD.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 42 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3izWV4/yc/l/en_US/qk2dbOUObQD.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (10798)
Hash 24cc936ff0eabfc4589221f7809fc1b5
61fc32f0b4d1c334a4758e82a134cf9703f1a31a
72a7583ee4d7946e0cb75d3d8b1c3a678366ee62756943e33dc5e8598b40e618
GET /rsrc.php/v3izWV4/yc/l/en_US/qk2dbOUObQD.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 03 Nov 2023 03:05:27 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: JMyTb/Dqv8RYkiH3gJ/BtQ==
x-fb-debug: OI6Ws2rrwyxXA/uaGFwlo9v7IncPoT3H2ZQyxK5r1LObiGkNY3r3mB9EehyeoL3ZaT8IhZ5aXMwgzEHahIFE7Q==
priority: u=3,i
content-length: 42020
x-fb-trip-id: 2074150462
date: Tue, 08 Nov 2022 17:01:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yV/r/oDVETVg4GJv.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 7.2 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yV/r/oDVETVg4GJv.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4061)
Hash d1ba68f146b01f4aef60d79aadb926ea
c6b4703c25d07fd2363e5d67d11e4846d9979b26
abbff04acf96f39a3121ed97505b5a23cbeee9057dd7040c58c4e423c899805d
GET /rsrc.php/v3/yV/r/oDVETVg4GJv.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 02 Nov 2023 18:54:51 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 0bpo8UawH0rvYNearbkm6g==
x-fb-debug: nETVm4WUsTBjWzPPz30+NcQ/dUZibWclH+7BC3skx38X1frzgZPa413yNFDo1GF9yx7utvfMwnrRvZAKq6brWw==
content-length: 7236
x-fb-trip-id: 2074150462
date: Tue, 08 Nov 2022 17:01:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yt/r/le0xof4l-2d.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 48 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yt/r/le0xof4l-2d.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type C source, ASCII text, with very long lines (5068)
Hash cfadf35053954c5dc9bb7bb30a9515b0
24da4eb686b1af084c6b4319362eea530cdf956f
2718da42f1b9c0f8f3e3b085105b6b3419b659d5bd648420c3abb43d479efaa5
GET /rsrc.php/v3/yt/r/le0xof4l-2d.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 02 Nov 2023 22:45:28 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: z63zUFOVTF3Ju3uzCpUVsA==
x-fb-debug: TeBGgO/WtckfJ0cqQCIVCdOaLYPdKzmgQ32tU177uiIdH5P74Fu7fIKLaOaAWIFKYxX2/baINZ4wsfbAarhrBQ==
priority: u=3,i
content-length: 48097
x-fb-trip-id: 2074150462
date: Tue, 08 Nov 2022 17:01:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yI/r/gczkeIw2IoN.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 760 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yI/r/gczkeIw2IoN.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (618)
Hash c6b205adbfcb0dbb16aad47f1936afe2
727e7921e9ce632e744bf9947c9900cab5f07237
b7f71557aa65acef460826f273569fe8dbb7283844b18995c30a27d181ba8f89
GET /rsrc.php/v3/yI/r/gczkeIw2IoN.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 02 Nov 2023 18:54:51 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: xrIFrb/LDbsWqtR/GTav4g==
x-fb-debug: HGW/a/MKWDghkRPtzm7QhfHINKMO9zjnCbPZ00azYu99srQ2CzZKjHsQr2/p0b8WbX+YSIVtFlbBE9b1oLqyLg==
content-length: 760
x-fb-trip-id: 2074150462
date: Tue, 08 Nov 2022 17:01:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yJ/r/FXh81Rcprpm.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 8.0 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yJ/r/FXh81Rcprpm.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4651)
Hash 889b9b334243c8e29c7afb6046d90ed3
14ba0f0bd2c230548e6123f3d2d463ce339c2e69
8ae1c936f6d62473d56e1ea69df5877e5d9b92a8b86d9490f5de40498e3097a4
GET /rsrc.php/v3/yJ/r/FXh81Rcprpm.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 07 Nov 2023 19:28:17 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: iJubM0JDyOKcevtgRtkO0w==
x-fb-debug: CNCrd4BZiLrDV7n0K1lhkxNNjgWyETborQpPo2TSVd+BC0QWe8uhMi+lyzhpbAKQ0TPrFDSna8RMigKkcy9BDw==
priority: u=3,i
content-length: 7975
x-fb-trip-id: 2074150462
date: Tue, 08 Nov 2022 17:01:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y6/r/Y1Vj4wvi23s.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 3.8 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y6/r/Y1Vj4wvi23s.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4488)
Hash 64e49c34f30d6183fd9c5f6cee967f5c
9197478fcdda35e040fa7e6190b7427e11b535df
a95c113c157591cafb76092d133d210d56f0446432d572eb1a1160c024bfeb54
GET /rsrc.php/v3/y6/r/Y1Vj4wvi23s.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 03 Nov 2023 03:05:59 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: ZOScNPMNYYP9nF9s7pZ/XA==
x-fb-debug: XMj8Yma38+IVGm3NTsUEfLOv1s7bFyeiFB3HEYDPs4j64bvN4OCQWc05teqByOm5BAIWL1A0wdPdcSB2Q4ql1Q==
priority: u=3,i
content-length: 3827
x-fb-trip-id: 2074150462
date: Tue, 08 Nov 2022 17:01:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yf/r/FLvtonlSna1.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 15 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yf/r/FLvtonlSna1.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (56534)
Hash e266a3ccc2395fbcb9ddc3e5cf3fe8a4
eb22fd1e27291f601742a4da697539e046b72de5
ea280deb9b1274ac87adf23d5b5f523079d776271b910ee945d0127a2dea806d
GET /rsrc.php/v3/yf/r/FLvtonlSna1.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 31 Oct 2023 20:10:19 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 4majzMI5X7y53cPlzz/opA==
x-fb-debug: I5IU0N1yPAYYR78xtAdt+6x/vIJQIib+BkSkmcCjKjOT3TAt+SFqz8AQPlZNmnbwzwmTCkKYdKYMoJysLxXv8A==
priority: u=1,i
content-length: 15209
x-fb-trip-id: 2074150462
date: Tue, 08 Nov 2022 17:01:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
maihoangphotocopy.com/wp-includes/js/dist/i18n.min.js?ver=5f1269854226b4dd90450db411a12b79
103.130.216.99200 OK 471 B URL HTTP/2 maihoangphotocopy.com/wp-includes/js/dist/i18n.min.js?ver=5f1269854226b4dd90450db411a12b79
IP 103.130.216.99:0
ASN #135951 Webico Company Limited
Hash 69293b8c8a45196bb68c2fb4a573ee67
fbd418617bfbf280af580abf1d2698db8228d84b
bda77decf1a738ce7c86b23325d36faeff1878c643547c54dd62f182fc7ad5ed
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/i18n.min.js?ver=5f1269854226b4dd90450db411a12b79 HTTP/1.1
Host: maihoangphotocopy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/aima/qakbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 17:01:42 GMT
content-type: application/javascript
last-modified: Fri, 30 Jul 2021 10:44:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3713
date: Tue, 08 Nov 2022 17:01:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
cdn.autoads.asia/maxlead/1.6.x/scripts/autoads-maxlead-widget.js?business_id=4fb6c15620b24521965f59f3d4d1cadb
171.244.15.40200 OK 59 kB URL HTTP/1.1 cdn.autoads.asia/maxlead/1.6.x/scripts/autoads-maxlead-widget.js?business_id=4fb6c15620b24521965f59f3d4d1cadb
IP 171.244.15.40:0
ASN #38731 CHT Compamy Ltd
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65179), with no line terminators
Hash f781644d9fbf52d7c186c7080045451b
5121c43a966b320a44d03e1c040da1066fc44bd6
e11d0b7a24c02f47b12ba1b24cc84c06de6303776e30b5d4c4c0ce1838836a8b
GET /maxlead/1.6.x/scripts/autoads-maxlead-widget.js?business_id=4fb6c15620b24521965f59f3d4d1cadb HTTP/1.1
Host: cdn.autoads.asia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: application/javascript
Content-Encoding: gzip
Expires: -1
Last-Modified: Fri, 01 Jul 2022 06:58:59 GMT
Accept-Ranges: bytes
ETag: "80fbc39188dd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Tue, 08 Nov 2022 17:01:43 GMT
Content-Length: 59409
Strict-Transport-Security: max-age=31536000
Set-Cookie: SRVNAME=cdn20_1; path=/
cdn.autoads.asia/PushNotification/AutoAdsPushNotifyNoneSDK.js
171.244.15.40200 OK 3.9 kB URL HTTP/1.1 cdn.autoads.asia/PushNotification/AutoAdsPushNotifyNoneSDK.js
IP 171.244.15.40:0
ASN #38731 CHT Compamy Ltd
File type Unicode text, UTF-8 (with BOM) text, with very long lines (11551), with no line terminators
Hash 52b239b7673761fa8324e791f38d7965
aa4c156bc467bda13d39041cf0e65c37dad79f6c
9946bf813a718803389020246cd92a358194f570c71cb1e03534a76ceccdf2fe
GET /PushNotification/AutoAdsPushNotifyNoneSDK.js HTTP/1.1
Host: cdn.autoads.asia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: application/javascript
Content-Encoding: gzip
Expires: -1
Last-Modified: Wed, 24 Feb 2021 08:56:27 GMT
Accept-Ranges: bytes
ETag: "806f76ef8aad71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Tue, 08 Nov 2022 17:01:44 GMT
Content-Length: 3875
Strict-Transport-Security: max-age=31536000
Set-Cookie: SRVNAME=cdn20_2; path=/
cdn.autoads.asia/maxlead/1.6.x/content/aml-widget.min.css?v=1.6.x
171.244.15.40200 OK 17 kB URL HTTP/1.1 cdn.autoads.asia/maxlead/1.6.x/content/aml-widget.min.css?v=1.6.x
IP 171.244.15.40:0
ASN #38731 CHT Compamy Ltd
Hash 4e7c81d7a6b9f2cabc4f55b881bb6bf8
9cfc7c40f4c06a37f5a2bd78248934e8418f2aa1
b1bfb795690979f3be4e5032cce3be90d46b0d930b988ccf658d491cfdc8ee51
GET /maxlead/1.6.x/content/aml-widget.min.css?v=1.6.x HTTP/1.1
Host: cdn.autoads.asia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/css
Content-Encoding: gzip
Expires: -1
Last-Modified: Thu, 08 Jul 2021 06:50:54 GMT
Accept-Ranges: bytes
ETag: "05bcc98c573d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Tue, 08 Nov 2022 17:01:44 GMT
Content-Length: 16408
Strict-Transport-Security: max-age=31536000
Set-Cookie: SRVNAME=cdn20_1; path=/
api.autoads.asia/maxlead/api/widget/getdata?business_id=4fb6c15620b24521965f59f3d4d1cadb&previewToken=
171.244.15.40200 OK 0 B URL HTTP/1.1 api.autoads.asia/maxlead/api/widget/getdata?business_id=4fb6c15620b24521965f59f3d4d1cadb&previewToken=
IP 171.244.15.40:0
ASN #38731 CHT Compamy Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /maxlead/api/widget/getdata?business_id=4fb6c15620b24521965f59f3d4d1cadb&previewToken= HTTP/1.1
Host: api.autoads.asia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-enter-journey,x-maxlead-ismobile,x-maxlead-ispostback
Referer: https://maihoangphotocopy.com/
Origin: https://maihoangphotocopy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: https://maihoangphotocopy.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-enter-journey,x-maxlead-ismobile,x-maxlead-ispostback
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Tue, 08 Nov 2022 17:01:44 GMT
Content-Length: 0
Strict-Transport-Security: max-age=31536000
Set-Cookie: SRVNAME=api21_1; path=/
api.autoads.asia/maxlead/api/widget/getdata?business_id=4fb6c15620b24521965f59f3d4d1cadb&previewToken=
171.244.15.40200 OK 5.8 kB URL HTTP/1.1 api.autoads.asia/maxlead/api/widget/getdata?business_id=4fb6c15620b24521965f59f3d4d1cadb&previewToken=
IP 171.244.15.40:0
ASN #38731 CHT Compamy Ltd
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (5567), with no line terminators
Hash 0f09ab64a4ca7357ce0d4ee9b9ec89ff
fee20f26b4ba6d39af6df03783efee787e619882
a9782a8516f6cc9aefc28644431b8be47efa8b0f050adbdc7fa33e7abbbd4f78
POST /maxlead/api/widget/getdata?business_id=4fb6c15620b24521965f59f3d4d1cadb&previewToken= HTTP/1.1
Host: api.autoads.asia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8
X-MaxLead-IsPostBack: false
X-MaxLead-IsMobile: false
X-Enter-Journey: null
Origin: https://maihoangphotocopy.com
Connection: keep-alive
Referer: https://maihoangphotocopy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: application/json; charset=utf-8
Expires: -1
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: https://maihoangphotocopy.com
Access-Control-Allow-Credentials: true
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Tue, 08 Nov 2022 17:01:44 GMT
Content-Length: 5816
Strict-Transport-Security: max-age=31536000
Set-Cookie: SRVNAME=api21_1; path=/
alpha2.autoads.asia/js/autoads-tracking.js
171.244.15.40200 OK 1.8 kB URL HTTP/1.1 alpha2.autoads.asia/js/autoads-tracking.js
IP 171.244.15.40:0
ASN #38731 CHT Compamy Ltd
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 85c5ad182c81536e92f204bc0c63f4a4
9b3f06b6bdb62c549e5340b072b2ae37c6f95de6
2555da6178104f7afe86a4d4d5a28b2026d98534d939fe336212c5d9f30ca5e0
GET /js/autoads-tracking.js HTTP/1.1
Host: alpha2.autoads.asia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: application/javascript
Content-Encoding: gzip
Expires: -1
Last-Modified: Mon, 03 May 2021 08:05:54 GMT
Accept-Ranges: bytes
ETag: "05dbe23f33fd71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 08 Nov 2022 17:01:44 GMT
Content-Length: 1835
Strict-Transport-Security: max-age=31536000
cdn.autoads.asia/maxlead//themes/tracking/index.html?origin=aHR0cHM6Ly9tYWlob2FuZ3Bob3RvY29weS5jb20=&url=aHR0cHM6Ly9tYWlob2FuZ3Bob3RvY29weS5jb20vYWltYS9xYWtib3Quemlw&websiteId=57373&uid=&hasLead=false
171.244.15.40200 OK 1.7 kB URL HTTP/1.1 cdn.autoads.asia/maxlead//themes/tracking/index.html?origin=aHR0cHM6Ly9tYWlob2FuZ3Bob3RvY29weS5jb20=&url=aHR0cHM6Ly9tYWlob2FuZ3Bob3RvY29weS5jb20vYWltYS9xYWtib3Quemlw&websiteId=57373&uid=&hasLead=false
IP 171.244.15.40:0
ASN #38731 CHT Compamy Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash ff646fe3baf026018cd26eb937ff0742
638784c59eaa6ab4af08a410b55a16d247b0808d
0ff7e81183e0fa8d5126b9104246492b1c99f175ec2ce4f4a1d190593af5f0f3
GET /maxlead//themes/tracking/index.html?origin=aHR0cHM6Ly9tYWlob2FuZ3Bob3RvY29weS5jb20=&url=aHR0cHM6Ly9tYWlob2FuZ3Bob3RvY29weS5jb20vYWltYS9xYWtib3Quemlw&websiteId=57373&uid=&hasLead=false HTTP/1.1
Host: cdn.autoads.asia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html
Content-Encoding: gzip
Expires: -1
Last-Modified: Mon, 05 Jul 2021 08:22:10 GMT
Accept-Ranges: bytes
ETag: "06582d97671d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Tue, 08 Nov 2022 17:01:44 GMT
Content-Length: 1748
Strict-Transport-Security: max-age=31536000
Set-Cookie: SRVNAME=cdn21_1; path=/
api.autoads.asia/pushnotification/api/v1/GetPushConf?business_id=4FB6C15620B24521965F59F3D4D1CADB
171.244.15.40200 OK 408 B URL HTTP/1.1 api.autoads.asia/pushnotification/api/v1/GetPushConf?business_id=4FB6C15620B24521965F59F3D4D1CADB
IP 171.244.15.40:0
ASN #38731 CHT Compamy Ltd
File type JSON data\012- , ASCII text, with very long lines (408), with no line terminators
Hash 29fcf6f0e9970e6bc54996075db94de4
5ad15b416709b26cd903c36fdbc6348f7d61bc8c
9a738386a4cc8d952749b6a19bb05f3e044a9a1a3f8f5dcc43e6a8e297dbf61b
GET /pushnotification/api/v1/GetPushConf?business_id=4FB6C15620B24521965F59F3D4D1CADB HTTP/1.1
Host: api.autoads.asia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://maihoangphotocopy.com/
Origin: https://maihoangphotocopy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 408
Content-Type: application/json; charset=utf-8
Expires: -1
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: https://maihoangphotocopy.com
Access-Control-Allow-Credentials: true
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Tue, 08 Nov 2022 17:01:45 GMT
Strict-Transport-Security: max-age=31536000
Set-Cookie: SRVNAME=api21_1; path=/
cdn.autoads.asia/maxlead/1.6.x/scripts/collect.js
171.244.15.40200 OK 752 B URL HTTP/1.1 cdn.autoads.asia/maxlead/1.6.x/scripts/collect.js
IP 171.244.15.40:0
ASN #38731 CHT Compamy Ltd
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash c675f50251e6564e08ff607c0e8030db
f7d96ba52170754c9c1ee7fa2c34768d9dc2ab8a
d8b850dba505dd03d17d6ce211b8e8fb385f1fd512d529d2814a2b7387a1c2ca
GET /maxlead/1.6.x/scripts/collect.js HTTP/1.1
Host: cdn.autoads.asia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/
Cookie: __autoads_identity=76d26be2-b222-4afd-8288-6fdfa783b613
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: application/javascript
Content-Encoding: gzip
Expires: -1
Last-Modified: Thu, 19 May 2022 10:08:16 GMT
Accept-Ranges: bytes
ETag: "72f1735b686bd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Tue, 08 Nov 2022 17:01:45 GMT
Content-Length: 752
Strict-Transport-Security: max-age=31536000
Set-Cookie: SRVNAME=cdn21_2; path=/
www.facebook.com/v8.0/plugins/page.php?adapt_container_width=true&app_id=354913102523834&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df39c96621ffd344%26domain%3Dmaihoangphotocopy.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmaihoangphotocopy.com%252Ff190a699a9948%26relation%3Dparent.parent&container_width=328&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCongtycophanthietbivanphongmaihoang%2F&locale=en_US&sdk=joey&show_facepile=false&small_header=false
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/v8.0/plugins/page.php?adapt_container_width=true&app_id=354913102523834&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df39c96621ffd344%26domain%3Dmaihoangphotocopy.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmaihoangphotocopy.com%252Ff190a699a9948%26relation%3Dparent.parent&container_width=328&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCongtycophanthietbivanphongmaihoang%2F&locale=en_US&sdk=joey&show_facepile=false&small_header=false
IP 31.13.72.36:0
GET /v8.0/plugins/page.php?adapt_container_width=true&app_id=354913102523834&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df39c96621ffd344%26domain%3Dmaihoangphotocopy.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmaihoangphotocopy.com%252Ff190a699a9948%26relation%3Dparent.parent&container_width=328&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCongtycophanthietbivanphongmaihoang%2F&locale=en_US&sdk=joey&show_facepile=false&small_header=false HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
facebook-api-version: v8.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 5p5LhtfOVQINbA84goZZRb+BWy2SPBGJ/L1dA63ts11bYo2z1MYqE4DcQYBuJlma3WcueE2pzpUkrqAgAIjtRw==
date: Tue, 08 Nov 2022 17:01:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2Cregular%2C700%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2Cregular%2C700%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9
IP 142.250.74.10:0
GET /css?family=Roboto%3Aregular%2C700%2Cregular%2C700%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maihoangphotocopy.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 08 Nov 2022 17:01:41 GMT
date: Tue, 08 Nov 2022 17:01:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2