firefox.settings.services.mozilla.com/v1/
13.224.132.78200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 13.224.132.78:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 24 Sep 2022 19:05:44 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 0d28fd7b073340c78cdcd5a3e2e0fe5a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR3-C2
X-Amz-Cf-Id: BWHRXQBgDLCm4pbYclu7uBAzQfk7O7MFa2Tf9oWseVe0N58ZtFd1IQ==
Age: 3026
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7728
Expires: Sat, 24 Sep 2022 22:04:58 GMT
Date: Sat, 24 Sep 2022 19:56:10 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
13.224.132.85200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 13.224.132.85:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 24 Sep 2022 04:13:03 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 ce730d33091c8015848f9f46f438eab2.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR3-C2
x-amz-cf-id: RnR7w0KgKT3jNHCFoATqEMhcZD4iCQs__UkV4Om62ZZxGpyvTsgtyA==
age: 56588
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:56:11 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
daominhha.com/
61.14.232.45301 Moved Permanently 230 B IP 61.14.232.45:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 338cc50f2a80c17a836a21313e1282e3
bb2631e6a7aa630321f52e99b3012f9649744c77
e44363c862aff71cf5dfba0125640c6bf6526ead713aa9754edf7457b3623181
GET / HTTP/1.1
Host: daominhha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: Apache
Date: Sat, 24 Sep 2022 19:56:11 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 230
Connection: keep-alive
Location: https://daominhha.net/
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
13.224.132.78200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 13.224.132.78:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Expires, Alert, Content-Length, ETag, Cache-Control, Content-Type, Backoff, Pragma, Last-Modified
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sat, 24 Sep 2022 19:20:46 GMT
Expires: Sat, 24 Sep 2022 19:53:07 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 0d28fd7b073340c78cdcd5a3e2e0fe5a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR3-C2
X-Amz-Cf-Id: s3gLDqtuBqzDsWJiZoYFJgtTStTWB-ilv1gilQ6xTMLxwW575qNXTQ==
Age: 2125
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a7809de115ea73f8b61f3d20a9978493
01fc65a2b694d7aadd5204d21801e87b2b55b73e
72692486033feeb149424c59576c6c75b17228dfc89b4c369d2e17cc4bff3d52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1177
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:56:11 GMT
Last-Modified: Sat, 24 Sep 2022 19:36:35 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4cdac3d5f5ced81892aff0ff1528055f
cff543ea0779d5792800e3af254ac9f1583be48f
08c000037e8c43c4a38f9cc80c24561bdd4f1781b4414f8075e7619bc1418e45
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08C000037E8C43C4A38F9CC80C24561BDD4F1781B4414F8075E7619BC1418E45"
Last-Modified: Thu, 22 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4039
Expires: Sat, 24 Sep 2022 21:03:30 GMT
Date: Sat, 24 Sep 2022 19:56:11 GMT
Connection: keep-alive
push.services.mozilla.com/
54.187.146.10101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.146.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VV2CI7DkM4PaSg/HTV7ATg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ew6M6a53FYn++z1mCVydfseYjYU=
daominhha.net/
103.97.124.72200 OK 38 kB IP 103.97.124.72:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (42196), with CRLF, LF line terminators
Hash 582b667f747c153ec637a3eeaeb673d2
cf714147edd5411c01e700992a8fd135345ff039
a14c2c9d6b41c4d7a48e9ac5ce33759a1e5bf53661fc03c6a5a0fedd6de6b67c
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: daominhha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:56:11 GMT
content-type: text/html; charset=UTF-8
content-length: 37826
vary: Accept-Encoding,User-Agent
last-modified: Sat, 24 Sep 2022 19:05:11 GMT
accept-ranges: bytes
cache-control: max-age=0
expires: Sat, 24 Sep 2022 19:56:11 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f81d321c15c87e7147d792d08ebb7513
47f30d4ca38e6753a393965219321b0394ebb597
390ae5f5435d3f8c8b7f1fa8d7e2a3ebf55ea5dbe98aa3528dd562df4c295753
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:56:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-183268939-1
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-183268939-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 2bf189c1d8770cfd6e42cc639da085d0
93bf360aab082144994f9e52454bf8ac4c4fa1c8
5b5d4f011e4f3b1f1e85f7139c6cb31f2b48278a2a5876f490af02083cf801f5
GET /gtag/js?id=UA-183268939-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daominhha.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 24 Sep 2022 19:56:12 GMT
expires: Sat, 24 Sep 2022 19:56:12 GMT
cache-control: private, max-age=900
last-modified: Sat, 24 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42256
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 58b52380a6b5c598d1ad88e8da148137
a56206a0277aea6e8e2f7629793aba713d8edd0c
561a57c27dfa1f8651a89292428576b626e8700b9cd6b8173a0ce121aa8f9f4a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:56:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
daominhha.net/wp-content/plugins/ajax-search-pro/css/fonts/icons/icons2.woff2
103.97.124.72200 OK 2.3 kB URL HTTP/2 daominhha.net/wp-content/plugins/ajax-search-pro/css/fonts/icons/icons2.woff2
IP 103.97.124.72:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type Web Open Font Format (Version 2), TrueType, length 2348, version 1.0\012- data
Hash 83b6052cdcd55044e06bc99f5e316e28
b82570b3c5b64545f3b92f8e49dbe796ed72e015
df5fb895368d354c17a502e398cee9417d531377fb273443bc60e6fc8e39cb82
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ajax-search-pro/css/fonts/icons/icons2.woff2 HTTP/1.1
Host: daominhha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daominhha.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:56:12 GMT
content-type: application/octet-stream
content-length: 2348
last-modified: Sun, 03 Apr 2022 15:38:44 GMT
cache-control: max-age=2592000
expires: Mon, 24 Oct 2022 19:56:12 GMT
etag: "6249bf84-92c"
accept-ranges: bytes
X-Firefox-Spdy: h2
daominhha.net/wp-content/cache/min/1/e397c62a6e9d8523772a2f726b32e06e.css
103.97.124.72200 OK 84 kB URL HTTP/2 daominhha.net/wp-content/cache/min/1/e397c62a6e9d8523772a2f726b32e06e.css
IP 103.97.124.72:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type ASCII text, with very long lines (61786)
Hash f87ecd4e0484b96495b054bf5fc562ac
a01d3c086515bc3f20ee369a84528068f008e33f
a89546996601477c53764c06470d3b119f1b8208e583e59afddbb07077fd9ba9
GET /wp-content/cache/min/1/e397c62a6e9d8523772a2f726b32e06e.css HTTP/1.1
Host: daominhha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daominhha.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:56:12 GMT
content-type: text/css; charset=utf-8
content-length: 83840
last-modified: Fri, 23 Sep 2022 03:43:17 GMT
vary: Accept-Encoding
cache-control: max-age=31536000, public
expires: Sun, 24 Sep 2023 19:56:12 GMT
etag: "632d2b55-14780"
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2403
Expires: Sat, 24 Sep 2022 20:36:16 GMT
Date: Sat, 24 Sep 2022 19:56:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2403
Expires: Sat, 24 Sep 2022 20:36:16 GMT
Date: Sat, 24 Sep 2022 19:56:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2403
Expires: Sat, 24 Sep 2022 20:36:16 GMT
Date: Sat, 24 Sep 2022 19:56:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2403
Expires: Sat, 24 Sep 2022 20:36:16 GMT
Date: Sat, 24 Sep 2022 19:56:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2403
Expires: Sat, 24 Sep 2022 20:36:16 GMT
Date: Sat, 24 Sep 2022 19:56:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02a682b4703bb9d6381c762726c05531
1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:59:08 GMT
age: 79025
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ea5f06ad31f0cedd2cb5c6df82f35f4
60a83a1618ffae06e49ca3002bac1db9980dcfe8
5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10279
x-amzn-requestid: 0f361c26-1f12-421a-9752-7d4fcdf839ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4V65GTXIAMF9-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd045-25677a637307879044de8242;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:14:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NcnEyVD-vG10pOpPCBMjKGqVw-rstkPIt-oqkIc5urAGE934fxL0VQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 04:12:38 GMT
age: 56615
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96ebb238-493f-4ccc-a8d9-7a7c6f8ab469.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96ebb238-493f-4ccc-a8d9-7a7c6f8ab469.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a4b36e1bf29c9c82f069cdd3c50874c
d2180d40ceb16924a87a41aad90dedb0bb912085
aab96d28ea8e21e6d37449eba400cac45acced1825ebdb27853d17ae4f993b00
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96ebb238-493f-4ccc-a8d9-7a7c6f8ab469.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7963
x-amzn-requestid: cadfa4ff-473d-4927-bdf6-3aad64cddf18
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQbHTCIAMFfZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2735-41d711e5210099aa6273dd86;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: g0NS7XamCzSMKmm1-mLnWLwUuBoJczvwSmTb0c_7klsY78wbrg4bRw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:57:02 GMT
age: 79151
etag: "d2180d40ceb16924a87a41aad90dedb0bb912085"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa150280eb113504d61a25935c0f0127
ed04f74fbb4c77b21e2babc51a82857f5e23d169
07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lAQOV9_fZ2RFvhRKMtDOeRTWJc-Jo1u-DrtJshcQuCSOUXVbNMjhaw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:56:56 GMT
age: 79157
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 55d224ac83a417772c98bc5080fb6689
a30f9044330824e70dde0dcc785890d981e6fdf5
b2ea4dea200109019a65834b98e31e8fac718a199513810a2819858be2b4470a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9935
x-amzn-requestid: 9eb8463d-172a-40a2-8eed-3c97b1260afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQ5FARoAMFXQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2738-3709a2f22ecc033532223b26;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:38:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: e5eETCL5yFnoG4HPx0Qv8hjGnlXx5vOL4syMx9uato8nuIHkSvMezg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:53:50 GMT
age: 79343
etag: "a30f9044330824e70dde0dcc785890d981e6fdf5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8d9af95acfc8b9b431eb1e020157f6d
f6f926be6e265a597aaede424f05fcd7c76fcc20
0b61d6cb0e0908cb8d303b9e951e2854166bd232e0291b5d698a6b757c064e88
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6386
x-amzn-requestid: 4380489e-d0ba-4f67-ac4f-67619ba34422
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7shGHryIAMF6zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e27a0-005f9c783c7722f16c178026;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:39:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: RuUOjTDRTkcaGFf_hTWrHZ89edOajgGUdl5PjbaUV7CUppat6IYsRg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:52:36 GMT
age: 79417
etag: "f6f926be6e265a597aaede424f05fcd7c76fcc20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
daominhha.net/wp-content/uploads/2022/01/download-dying-light-2-stay-human-full-crack-daominhha-380x214.jpg
103.97.124.72200 OK 17 kB URL HTTP/2 daominhha.net/wp-content/uploads/2022/01/download-dying-light-2-stay-human-full-crack-daominhha-380x214.jpg
IP 103.97.124.72:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 82", baseline, precision 8, 380x214, components 3\012- data
Hash 47305d57264c1663feae54418339041d
dff1c200e4502a34f9179b5d04def4be08bdc44d
b38e88d2279cef4a1a1499575c5a3a0281affb120fdd18cdf10670017f0283a1
GET /wp-content/uploads/2022/01/download-dying-light-2-stay-human-full-crack-daominhha-380x214.jpg HTTP/1.1
Host: daominhha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daominhha.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:56:12 GMT
content-type: image/jpeg
content-length: 16847
last-modified: Sun, 16 Jan 2022 06:53:42 GMT
cache-control: max-age=10368000, public
expires: Sun, 22 Jan 2023 19:56:12 GMT
etag: "61e3c0f6-41cf"
accept-ranges: bytes
X-Firefox-Spdy: h2
daominhha.net/wp-content/uploads/2021/04/download-Far-cry-6-full-crack-daominhha-380x214.jpg
103.97.124.72200 OK 17 kB URL HTTP/2 daominhha.net/wp-content/uploads/2021/04/download-Far-cry-6-full-crack-daominhha-380x214.jpg
IP 103.97.124.72:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 380x214, components 3\012- data
Hash cf35639728ac885919b62e07e8e02072
a13669b3a15b1e471cf6a46fa124c27f9df05f7e
b7a0e93c0cdee5fed2f07e29056cad0704d46c645e471913f416da4f328036b8
GET /wp-content/uploads/2021/04/download-Far-cry-6-full-crack-daominhha-380x214.jpg HTTP/1.1
Host: daominhha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daominhha.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:56:12 GMT
content-type: image/jpeg
content-length: 16778
last-modified: Mon, 27 Sep 2021 02:24:07 GMT
cache-control: max-age=10368000, public
expires: Sun, 22 Jan 2023 19:56:12 GMT
etag: "61512b47-418a"
accept-ranges: bytes
X-Firefox-Spdy: h2
daominhha.net/wp-content/uploads/2022/01/download-ELDEN-RING-full-crack-daominhha-378x220.jpg
103.97.124.72200 OK 16 kB URL HTTP/2 daominhha.net/wp-content/uploads/2022/01/download-ELDEN-RING-full-crack-daominhha-378x220.jpg
IP 103.97.124.72:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 82", baseline, precision 8, 378x220, components 3\012- data
Hash f2691697c6a63541d5e94960129d7572
8174dabec8ce0a004450f0b3a7ff37de721157cd
c3c2e38e99536eb4894f3963bc464d4f56c99d135002ec738f6d14a497cfe421
GET /wp-content/uploads/2022/01/download-ELDEN-RING-full-crack-daominhha-378x220.jpg HTTP/1.1
Host: daominhha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daominhha.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:56:12 GMT
content-type: image/jpeg
content-length: 16472
last-modified: Sun, 16 Jan 2022 07:04:35 GMT
cache-control: max-age=10368000, public
expires: Sun, 22 Jan 2023 19:56:12 GMT
etag: "61e3c383-4058"
accept-ranges: bytes
X-Firefox-Spdy: h2
daominhha.net/wp-content/uploads/2021/04/tai-mien-phi-Together-BnB-full-crack-daominhha-380x218.jpg
103.97.124.72200 OK 14 kB URL HTTP/2 daominhha.net/wp-content/uploads/2021/04/tai-mien-phi-Together-BnB-full-crack-daominhha-380x218.jpg
IP 103.97.124.72:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 380x218, components 3\012- data
Hash aeb0bf5bb37879b3ee7b4cc693b0f969
e102bc573e8c3adda8ac107b286c543ac3fa918b
419675bca1b0b03111452d72e41ab44e72d90e4122e1e20d0ff81f2dc8078dc2
GET /wp-content/uploads/2021/04/tai-mien-phi-Together-BnB-full-crack-daominhha-380x218.jpg HTTP/1.1
Host: daominhha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daominhha.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:56:12 GMT
content-type: image/jpeg
content-length: 13998
last-modified: Mon, 27 Sep 2021 02:24:09 GMT
cache-control: max-age=10368000, public
expires: Sun, 22 Jan 2023 19:56:12 GMT
etag: "61512b49-36ae"
accept-ranges: bytes
X-Firefox-Spdy: h2
daominhha.net/wp-content/uploads/2020/12/Sands-of-Salzaar-380x218.jpg
103.97.124.72200 OK 18 kB URL HTTP/2 daominhha.net/wp-content/uploads/2020/12/Sands-of-Salzaar-380x218.jpg
IP 103.97.124.72:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 380x218, components 3\012- data
Hash 7c7b9fd4f3f2dfd9ed57a441b55827b8
24d28cd39b113b9db14e2759538178178f76d8ea
438272630e4904901d67a10aa1630149de1149eadd4c9786e5cf856ff49617c5
GET /wp-content/uploads/2020/12/Sands-of-Salzaar-380x218.jpg HTTP/1.1
Host: daominhha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daominhha.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:56:12 GMT
content-type: image/jpeg
content-length: 17922
last-modified: Mon, 27 Sep 2021 02:36:33 GMT
cache-control: max-age=10368000, public
expires: Sun, 22 Jan 2023 19:56:12 GMT
etag: "61512e31-4602"
accept-ranges: bytes
X-Firefox-Spdy: h2
daominhha.net/wp-content/uploads/2022/01/free-download-Sifu-full-crack-daominhha.com_-313x220.png
103.97.124.72200 OK 88 kB URL HTTP/2 daominhha.net/wp-content/uploads/2022/01/free-download-Sifu-full-crack-daominhha.com_-313x220.png
IP 103.97.124.72:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 313 x 220, 8-bit/color RGBA, non-interlaced\012- data
Hash be7cf1f7e52f0ef3154f0254ea4740e3
c66d5458207f4e8c3adc20f9b454ad4fcedebb6e
2a6cf675b4be077c522d31bd9782739e303240cf1e5d2a27cc9483070325adad
GET /wp-content/uploads/2022/01/free-download-Sifu-full-crack-daominhha.com_-313x220.png HTTP/1.1
Host: daominhha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daominhha.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:56:12 GMT
content-type: image/png
content-length: 88522
last-modified: Fri, 28 Jan 2022 06:38:18 GMT
cache-control: max-age=10368000, public
expires: Sun, 22 Jan 2023 19:56:12 GMT
etag: "61f38f5a-159ca"
accept-ranges: bytes
X-Firefox-Spdy: h2
daominhha.net/wp-content/themes/hncgamingtheme/assets/fonts/open-sans-v18-vietnamese_latin-ext_latin-regular.woff2
103.97.124.72200 OK 43 kB URL HTTP/2 daominhha.net/wp-content/themes/hncgamingtheme/assets/fonts/open-sans-v18-vietnamese_latin-ext_latin-regular.woff2
IP 103.97.124.72:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type Web Open Font Format (Version 2), TrueType, length 43236, version 1.0\012- data
Hash a9557eb451f17dcd8e687327ea9383a0
78ad7ac0d04e1c0439c26d47978622b5b75b472a
2e3b1d34ac67763ab50652da19305d4b3694c6b6e6bf35f4b98411ce4af646d2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/hncgamingtheme/assets/fonts/open-sans-v18-vietnamese_latin-ext_latin-regular.woff2 HTTP/1.1
Host: daominhha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://daominhha.net/wp-content/cache/min/1/e397c62a6e9d8523772a2f726b32e06e.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:56:13 GMT
content-type: application/octet-stream
content-length: 43236
last-modified: Fri, 05 Feb 2021 07:41:12 GMT
cache-control: max-age=2592000
expires: Mon, 24 Oct 2022 19:56:13 GMT
etag: "601cf698-a8e4"
accept-ranges: bytes
X-Firefox-Spdy: h2
daominhha.net/wp-content/themes/hncgamingtheme/images/overlay.png
103.97.124.72200 OK 211 B URL HTTP/2 daominhha.net/wp-content/themes/hncgamingtheme/images/overlay.png
IP 103.97.124.72:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 2 x 2, 1-bit colormap, non-interlaced\012- data
Hash 0a3750e6fdb29fcd632e627e2fc34dde
7c046ea4b1669da4eb81acccd7fc58b00201543d
5ddb13e84c10a1b7a773f0580f2997c3b5e91d1c2227fc1313c5991429442657
GET /wp-content/themes/hncgamingtheme/images/overlay.png HTTP/1.1
Host: daominhha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daominhha.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:56:13 GMT
content-type: image/png
content-length: 211
vary: Accept-Encoding
x-accel-version: 0.01
last-modified: Sat, 26 Dec 2020 19:16:32 GMT
accept-ranges: bytes
cache-control: max-age=10368000, public
expires: Sun, 22 Jan 2023 19:56:13 GMT
X-Firefox-Spdy: h2
daominhha.net/wp-content/themes/hncgamingtheme/assets/fonts/open-sans-v18-vietnamese_latin-ext_latin-600.woff2
103.97.124.72200 OK 45 kB URL HTTP/2 daominhha.net/wp-content/themes/hncgamingtheme/assets/fonts/open-sans-v18-vietnamese_latin-ext_latin-600.woff2
IP 103.97.124.72:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type Web Open Font Format (Version 2), TrueType, length 44936, version 1.0\012- data
Hash 97593b89e95959c7f41c47cf407d1f63
714db8a8c2f2425dbe450f83ff25c51cefd244d6
486c67592731a0b36a89dba1fd0b97aeb73f236bbf60dbf28d7c6b5723c07989
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/hncgamingtheme/assets/fonts/open-sans-v18-vietnamese_latin-ext_latin-600.woff2 HTTP/1.1
Host: daominhha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://daominhha.net/wp-content/cache/min/1/e397c62a6e9d8523772a2f726b32e06e.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:56:13 GMT
content-type: application/octet-stream
content-length: 44936
last-modified: Fri, 05 Feb 2021 07:41:12 GMT
cache-control: max-age=2592000
expires: Mon, 24 Oct 2022 19:56:13 GMT
etag: "601cf698-af88"
accept-ranges: bytes
X-Firefox-Spdy: h2
daominhha.net/wp-content/themes/hncgamingtheme/assets/fontawesomepro-5130/webfonts/fa-solid-900.woff2
103.97.124.72200 OK 142 kB URL HTTP/2 daominhha.net/wp-content/themes/hncgamingtheme/assets/fontawesomepro-5130/webfonts/fa-solid-900.woff2
IP 103.97.124.72:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type Web Open Font Format (Version 2), TrueType, length 141600, version 331.524\012- data
Size 142 kB (141600 bytes)
Hash 16e9dbeb2afd22d5cf0e7eeb2b2879ae
91689c405037a6cc57058a8738324bd762cf5c2b
e77c7e1c8f859611d1200ee9a75eadbce02664f28a53b05807233e88deb82f65
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/hncgamingtheme/assets/fontawesomepro-5130/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: daominhha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://daominhha.net/wp-content/cache/min/1/e397c62a6e9d8523772a2f726b32e06e.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:56:13 GMT
content-type: application/octet-stream
content-length: 141600
last-modified: Tue, 10 Nov 2020 20:51:44 GMT
cache-control: max-age=2592000
expires: Mon, 24 Oct 2022 19:56:13 GMT
etag: "5faafd60-22920"
accept-ranges: bytes
X-Firefox-Spdy: h2
daominhha.net/wp-content/themes/hncgamingtheme/assets/fonts/open-sans-v18-vietnamese_latin-ext_latin-700.woff2
103.97.124.72200 OK 45 kB URL HTTP/2 daominhha.net/wp-content/themes/hncgamingtheme/assets/fonts/open-sans-v18-vietnamese_latin-ext_latin-700.woff2
IP 103.97.124.72:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type Web Open Font Format (Version 2), TrueType, length 44988, version 1.0\012- data
Hash 17c283b4e785e073ec09dc72acebafac
42b7e1929f00cdcdc7d84878153338875b4fbb6a
c22fe8c70c36f1d862903b772eaed864d3a8fa849473c9caff224fdb852428e4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/hncgamingtheme/assets/fonts/open-sans-v18-vietnamese_latin-ext_latin-700.woff2 HTTP/1.1
Host: daominhha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://daominhha.net/wp-content/cache/min/1/e397c62a6e9d8523772a2f726b32e06e.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:56:13 GMT
content-type: application/octet-stream
content-length: 44988
last-modified: Fri, 05 Feb 2021 07:41:12 GMT
cache-control: max-age=2592000
expires: Mon, 24 Oct 2022 19:56:13 GMT
etag: "601cf698-afbc"
accept-ranges: bytes
X-Firefox-Spdy: h2
daominhha.net/wp-content/themes/hncgamingtheme/assets/fonts/open-sans-v18-vietnamese_latin-ext_latin-italic.woff2
103.97.124.72200 OK 41 kB URL HTTP/2 daominhha.net/wp-content/themes/hncgamingtheme/assets/fonts/open-sans-v18-vietnamese_latin-ext_latin-italic.woff2
IP 103.97.124.72:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type Web Open Font Format (Version 2), TrueType, length 41076, version 1.0\012- data
Hash eaa7773c89001e5b4bca5092c248df2d
d2e926aa5086e82bda8b3a97d4c53392ed18c63c
6c9463f7096c0b9d610e095ed248ac1e8a8da7e92d17e9be544f3baced7b62b2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/hncgamingtheme/assets/fonts/open-sans-v18-vietnamese_latin-ext_latin-italic.woff2 HTTP/1.1
Host: daominhha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://daominhha.net/wp-content/cache/min/1/e397c62a6e9d8523772a2f726b32e06e.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:56:13 GMT
content-type: application/octet-stream
content-length: 41076
last-modified: Fri, 05 Feb 2021 07:41:12 GMT
cache-control: max-age=2592000
expires: Mon, 24 Oct 2022 19:56:13 GMT
etag: "601cf698-a074"
accept-ranges: bytes
X-Firefox-Spdy: h2
daominhha.net/wp-content/themes/hncgamingtheme/assets/fontawesomepro-5130/webfonts/fa-brands-400.woff2
103.97.124.72200 OK 77 kB URL HTTP/2 daominhha.net/wp-content/themes/hncgamingtheme/assets/fontawesomepro-5130/webfonts/fa-brands-400.woff2
IP 103.97.124.72:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type Web Open Font Format (Version 2), TrueType, length 76636, version 331.524\012- data
Hash a0f6b35c2b55babc93cb9b15791a1d4c
bd5cea4fa49feb29a336ee8623b46f8eb5c235b3
80c7d8d88a91688aa18a1ce39ec33e15ac5e1cad7c7be1c5fa3c403f34f1b53c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/hncgamingtheme/assets/fontawesomepro-5130/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: daominhha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://daominhha.net/wp-content/cache/min/1/e397c62a6e9d8523772a2f726b32e06e.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:56:13 GMT
content-type: application/octet-stream
content-length: 76636
last-modified: Tue, 10 Nov 2020 20:51:44 GMT
cache-control: max-age=2592000
expires: Mon, 24 Oct 2022 19:56:13 GMT
etag: "5faafd60-12b5c"
accept-ranges: bytes
X-Firefox-Spdy: h2
daominhha.net/wp-content/uploads/2020/12/logonew.png
103.97.124.72200 OK 6.2 kB URL HTTP/2 daominhha.net/wp-content/uploads/2020/12/logonew.png
IP 103.97.124.72:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 420 x 77, 8-bit colormap, non-interlaced\012- data
Hash 3fa5d6d612f0c234719ffe1650b673f0
42c2a6f7b390b073ff6e8d1a3dc106ae66ced38e
c113b2921b35d0a9551cf6e2aac580cd6f5664c85cba4be9cfc73c47b552efed
GET /wp-content/uploads/2020/12/logonew.png HTTP/1.1
Host: daominhha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daominhha.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:56:13 GMT
content-type: image/png
content-length: 6179
last-modified: Mon, 27 Sep 2021 03:17:18 GMT
cache-control: max-age=10368000, public
expires: Sun, 22 Jan 2023 19:56:13 GMT
etag: "615137be-1823"
accept-ranges: bytes
X-Firefox-Spdy: h2
daominhha.net/wp-content/uploads/2021/01/icon-game-moi-7.png
103.97.124.72200 OK 8.3 kB URL HTTP/2 daominhha.net/wp-content/uploads/2021/01/icon-game-moi-7.png
IP 103.97.124.72:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 128 x 128, 8-bit colormap, non-interlaced\012- data
Hash e76a78dffc300e41dfe2f4fb43c42d27
d8edd3a22dc270d08dc6ee1d6ab257f515214b8d
62c8621242d66f8108c536773702193694cbaca251c2733f9d84693d6938331e
GET /wp-content/uploads/2021/01/icon-game-moi-7.png HTTP/1.1
Host: daominhha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daominhha.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:56:13 GMT
content-type: image/png
content-length: 8291
last-modified: Mon, 27 Sep 2021 02:41:40 GMT
cache-control: max-age=10368000, public
expires: Sun, 22 Jan 2023 19:56:13 GMT
etag: "61512f64-2063"
accept-ranges: bytes
X-Firefox-Spdy: h2
daominhha.net/wp-content/uploads/2022/07/banner-lam-nhiem-vu.png
103.97.124.72200 OK 386 kB URL HTTP/2 daominhha.net/wp-content/uploads/2022/07/banner-lam-nhiem-vu.png
IP 103.97.124.72:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 1140 x 360, 8-bit/color RGBA, non-interlaced\012- data
Size 386 kB (386046 bytes)
Hash cba1cddb7a7d0ce926b913e9f06966c8
c3b86a7ae8eada2796d5d2920337edaa96ffbf07
6078607a7915172fee95f61d440a84b4004971cd62bcd9ccaa5872a9690b807a
GET /wp-content/uploads/2022/07/banner-lam-nhiem-vu.png HTTP/1.1
Host: daominhha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daominhha.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:56:13 GMT
content-type: image/png
content-length: 386046
last-modified: Fri, 08 Jul 2022 09:28:21 GMT
cache-control: max-age=10368000, public
expires: Sun, 22 Jan 2023 19:56:13 GMT
etag: "62c7f8b5-5e3fe"
accept-ranges: bytes
X-Firefox-Spdy: h2
daominhha.net/wp-content/uploads/2021/01/icon-game-moi-3.png
103.97.124.72200 OK 20 kB URL HTTP/2 daominhha.net/wp-content/uploads/2021/01/icon-game-moi-3.png
IP 103.97.124.72:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash c815c411f8ba8c7c2ba3390a0612fb19
2db20d74efdb670cafdc3ad75b422015eea712be
f964fe2bed01c9922cddf1ad439fc3689348bb36fd7d0735930cf7de3dfcb54a
GET /wp-content/uploads/2021/01/icon-game-moi-3.png HTTP/1.1
Host: daominhha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daominhha.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:56:13 GMT
content-type: image/png
content-length: 20037
last-modified: Sat, 06 Feb 2021 15:43:35 GMT
cache-control: max-age=10368000, public
expires: Sun, 22 Jan 2023 19:56:13 GMT
etag: "601eb927-4e45"
accept-ranges: bytes
X-Firefox-Spdy: h2
daominhha.net/wp-content/themes/hncgamingtheme/images/slider-fullscreen.png
103.97.124.72200 OK 260 B URL HTTP/2 daominhha.net/wp-content/themes/hncgamingtheme/images/slider-fullscreen.png
IP 103.97.124.72:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash c5350c0d06a289a94e339b964a3d7e44
03fe8c2b20e3621050ca0ad1cb49538025242b32
8a810670d5e7d1e0d44e5876f1bdd42c5efb7a59c4832a478ac715fd6172e1a7
GET /wp-content/themes/hncgamingtheme/images/slider-fullscreen.png HTTP/1.1
Host: daominhha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daominhha.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:56:13 GMT
content-type: image/png
content-length: 260
vary: Accept-Encoding
x-accel-version: 0.01
last-modified: Sat, 26 Dec 2020 19:18:52 GMT
accept-ranges: bytes
cache-control: max-age=10368000, public
expires: Sun, 22 Jan 2023 19:56:13 GMT
X-Firefox-Spdy: h2
daominhha.net/wp-content/uploads/2022/07/download-marvels-spider-man-remastered-full-crack-daominhha-380x218.jpg
103.97.124.72200 OK 14 kB URL HTTP/2 daominhha.net/wp-content/uploads/2022/07/download-marvels-spider-man-remastered-full-crack-daominhha-380x218.jpg
IP 103.97.124.72:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 82", baseline, precision 8, 380x218, components 3\012- data
Hash f4e16e6f3d17a9c774a7d277dbd6000d
4a0ed9c1e8b9f0d3aaa54077518b11ae821a23f3
c2b509235e00ab1934dde1980b9d94202004185c5316ded56e53430ae3a4a449
GET /wp-content/uploads/2022/07/download-marvels-spider-man-remastered-full-crack-daominhha-380x218.jpg HTTP/1.1
Host: daominhha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daominhha.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:56:13 GMT
content-type: image/jpeg
content-length: 13604
last-modified: Thu, 07 Jul 2022 03:46:19 GMT
cache-control: max-age=10368000, public
expires: Sun, 22 Jan 2023 19:56:13 GMT
etag: "62c6570b-3524"
accept-ranges: bytes
X-Firefox-Spdy: h2
daominhha.net/wp-content/themes/hncgamingtheme/images/right.png
103.97.124.72200 OK 213 B URL HTTP/2 daominhha.net/wp-content/themes/hncgamingtheme/images/right.png
IP 103.97.124.72:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash e90147cba47d1370781f14e0f0c4f1d1
f3c72115509baff871be7906ae55d84db8b08a0b
ddd038432377ce7fcfe3c613e7571177e740da85f7accb47a1c841fc8b246288
GET /wp-content/themes/hncgamingtheme/images/right.png HTTP/1.1
Host: daominhha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daominhha.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:56:13 GMT
content-type: image/png
content-length: 213
vary: Accept-Encoding
x-accel-version: 0.01
last-modified: Sat, 26 Dec 2020 19:18:52 GMT
accept-ranges: bytes
cache-control: max-age=10368000, public
expires: Sun, 22 Jan 2023 19:56:13 GMT
X-Firefox-Spdy: h2
daominhha.net/wp-content/themes/hncgamingtheme/images/left.png
103.97.124.72200 OK 227 B URL HTTP/2 daominhha.net/wp-content/themes/hncgamingtheme/images/left.png
IP 103.97.124.72:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash cbbfedc55e99b45096e5cfd14f9b97ab
031e9f7f25340efc920adf644c38153cb336681c
93ad22009da66cddfaba4080a7e8a23cf7a1ca0aeb2d9fa0d7326dd7998f245e
GET /wp-content/themes/hncgamingtheme/images/left.png HTTP/1.1
Host: daominhha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daominhha.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:56:13 GMT
content-type: image/png
content-length: 227
vary: Accept-Encoding
x-accel-version: 0.01
last-modified: Sat, 26 Dec 2020 19:18:52 GMT
accept-ranges: bytes
cache-control: max-age=10368000, public
expires: Sun, 22 Jan 2023 19:56:13 GMT
X-Firefox-Spdy: h2
daominhha.net/wp-content/uploads/2021/01/icon-game-moi-6.png
103.97.124.72200 OK 19 kB URL HTTP/2 daominhha.net/wp-content/uploads/2021/01/icon-game-moi-6.png
IP 103.97.124.72:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 2e8ee5de06e38a1d5c4d321d681f3604
dc74497d4807a777e98a744f5adbb74359e56fb5
40bd67e532db4a09f9028b150f05aeb0508188cf35d39ba8d29d306110235ad9
GET /wp-content/uploads/2021/01/icon-game-moi-6.png HTTP/1.1
Host: daominhha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daominhha.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:56:13 GMT
content-type: image/png
content-length: 18733
last-modified: Sat, 06 Feb 2021 15:43:35 GMT
cache-control: max-age=10368000, public
expires: Sun, 22 Jan 2023 19:56:13 GMT
etag: "601eb927-492d"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd8e3570655a88b47a20fb93af0fc0c5
6ebbd655af47cbe0788f5ea6a7d9cd457bda2f33
12bc57afd44ddf43fc3802ecc23e743660b146acff0958093fcea30e96b02f6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:56:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 74699b8a18081d931bc11ce2d1d0764d
92133bf4512718a118b4bab6957092a1e8856abf
5b19e1304b7bec5dc60c9c1877e812cb27fd9b9aa66f94f92afbeb3702ed030d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:56:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd8e3570655a88b47a20fb93af0fc0c5
6ebbd655af47cbe0788f5ea6a7d9cd457bda2f33
12bc57afd44ddf43fc3802ecc23e743660b146acff0958093fcea30e96b02f6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:56:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 74699b8a18081d931bc11ce2d1d0764d
92133bf4512718a118b4bab6957092a1e8856abf
5b19e1304b7bec5dc60c9c1877e812cb27fd9b9aa66f94f92afbeb3702ed030d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:56:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 74699b8a18081d931bc11ce2d1d0764d
92133bf4512718a118b4bab6957092a1e8856abf
5b19e1304b7bec5dc60c9c1877e812cb27fd9b9aa66f94f92afbeb3702ed030d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:56:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9282604263746702
216.58.211.2200 OK 58 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9282604263746702
IP 216.58.211.2:0
File type ASCII text, with very long lines (2910)
Hash 4d6cc3355d615e87d17c2a3c3b12e5dd
190dbe38e03e69e6afb88410d3296e474e865402
cb4dafd42bc934ccad31fc3ea79de6a50474ab008a5b25cce45db5d0a8ef0f0d
GET /pagead/js/adsbygoogle.js?client=ca-pub-9282604263746702 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://daominhha.net
Connection: keep-alive
Referer: https://daominhha.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Sat, 24 Sep 2022 19:56:13 GMT
expires: Sat, 24 Sep 2022 19:56:13 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 12407068072783375986
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 58053
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7377172022886765
216.58.211.2200 OK 58 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7377172022886765
IP 216.58.211.2:0
File type ASCII text, with very long lines (2910)
Hash f2e27f08e123ef836c7966b53d13ef03
0cc6b88bf77a21882ad8979e812d8d5d605119dd
11d9a9a8251ad65a7d5bbc4360dfcaed6997b022724f37ef4f4ada75a53f800d
GET /pagead/js/adsbygoogle.js?client=ca-pub-7377172022886765 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://daominhha.net
Connection: keep-alive
Referer: https://daominhha.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Sat, 24 Sep 2022 19:56:13 GMT
expires: Sat, 24 Sep 2022 19:56:13 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 16836011077600790872
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 57930
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9376666196988864
216.58.211.2200 OK 58 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9376666196988864
IP 216.58.211.2:0
File type ASCII text, with very long lines (2910)
Hash cc965754c762b5d737db320623d58227
19f0efa89642418a0b0db73d4c779ea047bed9e3
7f60b2b7f5426a9cb5c68fc1c2c41951a45e4b5486c2b747a77683f862f3fead
GET /pagead/js/adsbygoogle.js?client=ca-pub-9376666196988864 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://daominhha.net
Connection: keep-alive
Referer: https://daominhha.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Sat, 24 Sep 2022 19:56:13 GMT
expires: Sat, 24 Sep 2022 19:56:13 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 2021434826428676264
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 57929
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7857004727829891
216.58.211.2200 OK 52 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7857004727829891
IP 216.58.211.2:0
File type ASCII text, with very long lines (5047)
Hash 0e6be420daf3fe6f567a5b6317bacc55
f648983284f2f82a6037a486351bd8dbc0e89324
7979302ca320f16ca51e02a3c59296a01da9429ca9c4d8207e2b97e9d6cb719b
GET /pagead/js/adsbygoogle.js?client=ca-pub-7857004727829891 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://daominhha.net
Connection: keep-alive
Referer: https://daominhha.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Sat, 24 Sep 2022 19:56:13 GMT
expires: Sat, 24 Sep 2022 19:56:13 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 1372234567536679938
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 52127
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9738390799017847
216.58.211.2200 OK 58 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9738390799017847
IP 216.58.211.2:0
File type ASCII text, with very long lines (2910)
Hash de523d9a6b25680e081561c129d71995
3d2a700fee9ef9e12e985c2cfd2b2685f5b14172
08a521df1f52f84a5b3f47b50857e2f20467fa9d86785a6881ed361ce61c5e11
GET /pagead/js/adsbygoogle.js?client=ca-pub-9738390799017847 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://daominhha.net
Connection: keep-alive
Referer: https://daominhha.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Sat, 24 Sep 2022 19:56:13 GMT
expires: Sat, 24 Sep 2022 19:56:13 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 15281224995709361278
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 58058
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 74699b8a18081d931bc11ce2d1d0764d
92133bf4512718a118b4bab6957092a1e8856abf
5b19e1304b7bec5dc60c9c1877e812cb27fd9b9aa66f94f92afbeb3702ed030d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:56:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
daominhha.net/wp-content/uploads/2020/12/favicon-220x220.png
103.97.124.72200 OK 10 kB URL HTTP/2 daominhha.net/wp-content/uploads/2020/12/favicon-220x220.png
IP 103.97.124.72:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 220 x 220, 8-bit colormap, non-interlaced\012- data
Hash fe45c4bbf8474658be129f067ca9e269
22a1d286516e687ce7876138c8f216112b5b0519
f7361144bb08a1c407bb487ea1da043453bd0ea92863c55f6c5b3601371ed6a8
GET /wp-content/uploads/2020/12/favicon-220x220.png HTTP/1.1
Host: daominhha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daominhha.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:56:13 GMT
content-type: image/png
content-length: 10226
last-modified: Mon, 27 Sep 2021 03:17:53 GMT
cache-control: max-age=10368000, public
expires: Sun, 22 Jan 2023 19:56:13 GMT
etag: "615137e1-27f2"
accept-ranges: bytes
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20220921/r20190131/zrt_lookup.html
142.250.74.130200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20220921/r20190131/zrt_lookup.html
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 682bf699cccbc0ff817e1fcb7b95262a
11ad3edf0008f52b733c2d6d7199e1f052318d58
bd42f773d589f85cf6884d7893746d5d4e0c082f78e1c80511cf3aefa1c69a0f
GET /pagead/html/r20220921/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daominhha.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4420
x-xss-protection: 0
date: Sat, 24 Sep 2022 03:27:15 GMT
expires: Sat, 08 Oct 2022 03:27:15 GMT
cache-control: public, max-age=1209600
age: 59338
etag: 9671129459699598864
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6883098946304141
216.58.211.2200 OK 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6883098946304141
IP 216.58.211.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/js/adsbygoogle.js?client=ca-pub-6883098946304141 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://daominhha.net
Connection: keep-alive
Referer: https://daominhha.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Sat, 24 Sep 2022 19:56:13 GMT
expires: Sat, 24 Sep 2022 19:56:13 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 16597746699738299781
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 52085
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ece8260ceafbd3b9a0a2d558556000f2
6c603250bcbb9a1ddc8652196d79d2a5aa8ad2b1
7b105d30166ff14be5941101e00b2782676557d430c87200a3bb36956b632820
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:56:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ea6011094da3116e1bb049caa0e491e1
5809e1f5b0beee0282601045c0a152853c977565
25bd8112864ac34144820c6aecf49dec7ff9cfb863d864ca0ebbf55dee213414
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:56:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 267300d587831dda7559c30c40cc614e
d7ff0b9754e61f5d4178eddb5e63c3390ab559c8
ec7aad1a3116ce8ef5258b49de87cf3456c8c4890206fa5d46c8e510ded80ac0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:56:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=daominhha.net&callback=_gfp_s_&client=ca-pub-9282604263746702
172.217.21.162200 OK 200 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=daominhha.net&callback=_gfp_s_&client=ca-pub-9282604263746702
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash beb60905ada5b4b5ac059d3ed9ff4cc3
4c5c1b80f9d454c4cdf7f548c841a735c70d123f
073b2ba5e4c087b40d5e8d1a6749e4fa04eff60bebd0def29e77919ecee6c5ee
GET /gampad/cookie.js?domain=daominhha.net&callback=_gfp_s_&client=ca-pub-9282604263746702 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daominhha.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 24 Sep 2022 19:56:14 GMT
server: cafe
cache-control: private
content-length: 200
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=daominhha.net
172.217.21.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=daominhha.net
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=daominhha.net HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daominhha.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 24 Sep 2022 19:56:14 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=daominhha.net
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=daominhha.net
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=daominhha.net HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daominhha.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 24 Sep 2022 19:56:14 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ece8260ceafbd3b9a0a2d558556000f2
6c603250bcbb9a1ddc8652196d79d2a5aa8ad2b1
7b105d30166ff14be5941101e00b2782676557d430c87200a3bb36956b632820
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:56:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 443b0617be50ed9c9a81efccc9e01157
d1298731f176c8e13a878be5d37c40bf45da7ec2
a63e8b9e4e05dd3bfefb01b74196c89c6ac9c8d1809f66d750b533ca81991e24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:56:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 423331d8bae78ba045bea86f1e4c6e7f
8ed72a508ba25a95e6899569180a02728d5edb5c
fb27ab0f1591889639eff81fa012d5c185ecb1b04be5060af2e89e378fc264a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:56:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220921&st=env
216.58.211.2200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220921&st=env
IP 216.58.211.2:0
File type JSON data\012- , ASCII text, with very long lines (14526), with no line terminators
Hash 166cc9d5c3f8411611340ee6aa487919
0b3de1b382cff85dd00f6d1ef6d7fbe70c13cd84
e66a3cd1823bfb5894f2a163c29ce56d717b73260a35aee2db953ea8b703a6c2
GET /getconfig/sodar?sv=200&tid=gda&tv=r20220921&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://daominhha.net
Connection: keep-alive
Referer: https://daominhha.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 24 Sep 2022 19:56:14 GMT
server: cafe
cache-control: private
content-length: 11027
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d5f86ddceacf0b5d14b5b74eb60e39e2
a197f1b182fc5aebc30ee5570d7c5e6d7a3f410d
0727801c97c941992fb3a3bf7cc6ca2c44e15326d6e3dc9f0f0b4af54f4908ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:56:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daominhha.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sat, 24 Sep 2022 19:56:14 GMT
expires: Sat, 24 Sep 2022 19:56:14 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.33200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daominhha.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 11:30:52 GMT
expires: Fri, 22 Sep 2023 11:30:52 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 203122
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/bg/D52GskfJOxf5PECSshYwDvZZSmyyoPi_bK3LssDxWko.js
216.58.211.2200 OK 16 kB URL HTTP/2 pagead2.googlesyndication.com/bg/D52GskfJOxf5PECSshYwDvZZSmyyoPi_bK3LssDxWko.js
IP 216.58.211.2:0
File type ASCII text, with very long lines (35905)
Hash 49d4167d625f546904588890c23a791b
a5de2fb40da15578821e77b702153995f354ce58
6f984a2dbd647a00f3c618b6c73d827b0c5dcb4353c22df189b7cbb61937d40c
GET /bg/D52GskfJOxf5PECSshYwDvZZSmyyoPi_bK3LssDxWko.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 15913
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 01:06:52 GMT
expires: Fri, 22 Sep 2023 01:06:52 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
content-type: text/javascript
age: 240562
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 23ba09c14e337ac70d877d2ed33dc795
175d5155889b45711d0a9050116591ad25e74891
cb117ac56fe205bfca3b512ed3d8ddb46a7115446d099739cc4d111c853696ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:56:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 513 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash ccd36e40dbc6052a2f7e81b6525bb880
e97154090cdc94c664faa2963da4e093ab22426d
ab3c8a50ecdb4016a9ee43e5c57eeeca2902a5c1ced1b8e1b570f1597e0ec298
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daominhha.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 24 Sep 2022 19:56:14 GMT
date: Sat, 24 Sep 2022 19:56:14 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-wZTHYXkrTPQdAjJuPhMp2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220921&jk=221710018683426&rc=
216.58.211.2204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220921&jk=221710018683426&rc=
IP 216.58.211.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&li=gda_r20220921&jk=221710018683426&rc= HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 24 Sep 2022 19:56:14 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220921&jk=221710018683426&bg=!FhWlFVHNAAYIxsuQKMY7ACkAdvg8WuTCj6HbguEh5MTm33zTsEeuGI4Js9Xp66F-m3b1-3qqAhIDlwIAAAB2UgAAAAJoAQeZAoLeLWIYFWJGtdLQU-JIfjO-wXrhflCfUBSLtXa5Z2Js4xeqf4BIQfud9zBUWzuktngm7_2mCH0mrbTsfgUR79rqP8srvWeM88B-SH4cFCPTpuoUXzDLNssfJu9tU0NU1ttLAjYOdGtevVFLhCHic6CLds1LBcccR2Fhp3wcoLHv_CdmUhDD2wQCSDiWwAm_rHVwHY4cxQI8AuJgbLQLuuMmnOqL3hJ2eqg3ekVWvgw35kwIzrFeKtLnbpkpQrTpns2qjBf6AKtlvbLRwISqkzN3MbhJgRPB5u9Toom42uJiWjYNMwduybv8jkrEDjEBr5xDrFLonoeLHec8wZEMu0RfRMJHipnBr3YmusZuP3OZHDIen3Rix_1ab7Ch3O6WIfRfGbbr8j7aRgtIfMRcxwNwqFI32yL3EewOPkNTEZ9gMf4d-IXd59jf-TvmTt1JtYd1SK1G7_e6EUxJjrtk3t1Rj8_1qrn_0XSJ6Cp0g0EcQ6ujdsSsuZm_fOjV9D1scRvwAIikBJahEbrvZeUZeVSWY9ZYug6NAJhrQjhjP2Xl6cVzp7r9f0dEYTHuSj0mI4hJK6KLXgcaeyW6WXrEau6TMAniJWrjQb3KCUxnFMSZadJuE_bJiWTmMtz7sM2yZKYryaUV1xBqTn0L840qpjyQTUrt47htbPpv8OZMt34viDvmjkfSdSAKwF_P3UKAvLcUsUPzALk48Kn0cQJGNdZPp64Y1GUY4qmxVdv-W23cDHkdcV5OaZuGjuCnqTcur7lmgbsno1mGT-gugmPjAzCtE3S03seXv52Z5hpAZy6KpW-q9NMLSm9K1KdUefIYi6lP3GrlXrftiImwJiZ1vR3Othg
216.58.211.2204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220921&jk=221710018683426&bg=!FhWlFVHNAAYIxsuQKMY7ACkAdvg8WuTCj6HbguEh5MTm33zTsEeuGI4Js9Xp66F-m3b1-3qqAhIDlwIAAAB2UgAAAAJoAQeZAoLeLWIYFWJGtdLQU-JIfjO-wXrhflCfUBSLtXa5Z2Js4xeqf4BIQfud9zBUWzuktngm7_2mCH0mrbTsfgUR79rqP8srvWeM88B-SH4cFCPTpuoUXzDLNssfJu9tU0NU1ttLAjYOdGtevVFLhCHic6CLds1LBcccR2Fhp3wcoLHv_CdmUhDD2wQCSDiWwAm_rHVwHY4cxQI8AuJgbLQLuuMmnOqL3hJ2eqg3ekVWvgw35kwIzrFeKtLnbpkpQrTpns2qjBf6AKtlvbLRwISqkzN3MbhJgRPB5u9Toom42uJiWjYNMwduybv8jkrEDjEBr5xDrFLonoeLHec8wZEMu0RfRMJHipnBr3YmusZuP3OZHDIen3Rix_1ab7Ch3O6WIfRfGbbr8j7aRgtIfMRcxwNwqFI32yL3EewOPkNTEZ9gMf4d-IXd59jf-TvmTt1JtYd1SK1G7_e6EUxJjrtk3t1Rj8_1qrn_0XSJ6Cp0g0EcQ6ujdsSsuZm_fOjV9D1scRvwAIikBJahEbrvZeUZeVSWY9ZYug6NAJhrQjhjP2Xl6cVzp7r9f0dEYTHuSj0mI4hJK6KLXgcaeyW6WXrEau6TMAniJWrjQb3KCUxnFMSZadJuE_bJiWTmMtz7sM2yZKYryaUV1xBqTn0L840qpjyQTUrt47htbPpv8OZMt34viDvmjkfSdSAKwF_P3UKAvLcUsUPzALk48Kn0cQJGNdZPp64Y1GUY4qmxVdv-W23cDHkdcV5OaZuGjuCnqTcur7lmgbsno1mGT-gugmPjAzCtE3S03seXv52Z5hpAZy6KpW-q9NMLSm9K1KdUefIYi6lP3GrlXrftiImwJiZ1vR3Othg
IP 216.58.211.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220921&jk=221710018683426&bg=!FhWlFVHNAAYIxsuQKMY7ACkAdvg8WuTCj6HbguEh5MTm33zTsEeuGI4Js9Xp66F-m3b1-3qqAhIDlwIAAAB2UgAAAAJoAQeZAoLeLWIYFWJGtdLQU-JIfjO-wXrhflCfUBSLtXa5Z2Js4xeqf4BIQfud9zBUWzuktngm7_2mCH0mrbTsfgUR79rqP8srvWeM88B-SH4cFCPTpuoUXzDLNssfJu9tU0NU1ttLAjYOdGtevVFLhCHic6CLds1LBcccR2Fhp3wcoLHv_CdmUhDD2wQCSDiWwAm_rHVwHY4cxQI8AuJgbLQLuuMmnOqL3hJ2eqg3ekVWvgw35kwIzrFeKtLnbpkpQrTpns2qjBf6AKtlvbLRwISqkzN3MbhJgRPB5u9Toom42uJiWjYNMwduybv8jkrEDjEBr5xDrFLonoeLHec8wZEMu0RfRMJHipnBr3YmusZuP3OZHDIen3Rix_1ab7Ch3O6WIfRfGbbr8j7aRgtIfMRcxwNwqFI32yL3EewOPkNTEZ9gMf4d-IXd59jf-TvmTt1JtYd1SK1G7_e6EUxJjrtk3t1Rj8_1qrn_0XSJ6Cp0g0EcQ6ujdsSsuZm_fOjV9D1scRvwAIikBJahEbrvZeUZeVSWY9ZYug6NAJhrQjhjP2Xl6cVzp7r9f0dEYTHuSj0mI4hJK6KLXgcaeyW6WXrEau6TMAniJWrjQb3KCUxnFMSZadJuE_bJiWTmMtz7sM2yZKYryaUV1xBqTn0L840qpjyQTUrt47htbPpv8OZMt34viDvmjkfSdSAKwF_P3UKAvLcUsUPzALk48Kn0cQJGNdZPp64Y1GUY4qmxVdv-W23cDHkdcV5OaZuGjuCnqTcur7lmgbsno1mGT-gugmPjAzCtE3S03seXv52Z5hpAZy6KpW-q9NMLSm9K1KdUefIYi6lP3GrlXrftiImwJiZ1vR3Othg HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daominhha.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 24 Sep 2022 19:56:14 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85d1d130-04e1-43f4-81d7-b15e9286f813.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85d1d130-04e1-43f4-81d7-b15e9286f813.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e1087dcce202bbbc8c84196bd2050662
670d89082f8da643e1196b11fb64bf71707f0e8d
f6a7b6e07177431d7845e2f2b7b1b3b76088671db32aeef580a72e9bd3ddae00
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85d1d130-04e1-43f4-81d7-b15e9286f813.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8354
x-amzn-requestid: 3ec3470c-2268-4102-af88-27dcfed76bfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPCGOcoAMF2xQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-481aa98b413690636fc3a2f0;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dXqPCGTGK8gW86McTltPuNYKXQgUuSqcL_XbyRQitinH5LsUscmU2w==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:47:49 GMT
age: 79710
etag: "670d89082f8da643e1196b11fb64bf71707f0e8d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
daominhha.net/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
103.97.124.72200 OK 0 B URL HTTP/2 daominhha.net/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
IP 103.97.124.72:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js HTTP/1.1
Host: daominhha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daominhha.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:56:12 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 20 Oct 2021 06:50:10 GMT
vary: Accept-Encoding
cache-control: max-age=31536000, public
expires: Sun, 24 Sep 2023 19:56:12 GMT
etag: W/"616fbc22-1ed2"
content-encoding: gzip
X-Firefox-Spdy: h2