Overview

URL bdsnamhoian.com/
IP112.78.1.150
ASNODS Joint Stock Company
Location Vietnam
Report completed2022-09-28 04:10:01 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-28 2 bdsnamhoian.com/ Phishing
2022-09-28 2 bdsnamhoian.com/assets/js/pace.min.js Phishing
2022-09-28 2 bdsnamhoian.com/assets/plugins/modernizr/modernizr-custom.js Phishing
2022-09-28 2 bdsnamhoian.com/assets/plugins/select2/js/i18n/vi.js Phishing
2022-09-28 2 bdsnamhoian.com/storage/app/categories/custom/541e2e157b7d3d3674b594fac9200 (...) Phishing
2022-09-28 2 bdsnamhoian.com/storage/app/categories/custom/95527628c89d26a573ea50401431b (...) Phishing
2022-09-28 2 bdsnamhoian.com/storage/app/categories/custom/e2e32c6e04a0f89903d819bca1e31 (...) Phishing
2022-09-28 2 bdsnamhoian.com/storage/app/categories/custom/adcc18ba0c3ce5a408958f5e47c47 (...) Phishing
2022-09-28 2 bdsnamhoian.com/storage/app/categories/custom/a906d168f02a006361ed0a26d5a24 (...) Phishing
2022-09-28 2 bdsnamhoian.com/storage/app/categories/custom/9b631f5a3f727a5dbd071c1a13a19 (...) Phishing
2022-09-28 2 bdsnamhoian.com/storage/files/vn/3/thumb-320x240-4488b178f69919901db0acd86a (...) Phishing
2022-09-28 2 bdsnamhoian.com/assets/fonts/fontello/fontello.woff?4089732 Phishing
2022-09-28 2 bdsnamhoian.com/assets/plugins/fontawesome/webfonts/fa-solid-900.woff2 Phishing
2022-09-28 2 bdsnamhoian.com/assets/plugins/fontawesome/webfonts/fa-brands-400.woff2 Phishing
2022-09-28 2 bdsnamhoian.com/assets/plugins/fontawesome/webfonts/fa-solid-900.woff Phishing
2022-09-28 2 bdsnamhoian.com/assets/plugins/fontawesome/webfonts/fa-brands-400.woff Phishing
2022-09-28 2 bdsnamhoian.com/assets/plugins/fontawesome/webfonts/fa-brands-400.ttf Phishing
2022-09-28 2 bdsnamhoian.com/assets/plugins/fontawesome/webfonts/fa-solid-900.ttf Phishing
2022-09-28 2 bdsnamhoian.com/ Phishing
2022-09-28 2 bdsnamhoian.com/css/app.css?id=b3afff2dbda1fa970b12 Phishing
2022-09-28 2 bdsnamhoian.com/js/app.js?id=803e69c3cbb5789208c5 Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (12)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS fonts.gstatic.com (18) 0 2014-08-29 13:43:22 UTC 2022-09-27 04:53:14 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS r3.o.lencr.org (8) 344 2020-12-02 08:52:13 UTC 2022-09-27 04:52:25 UTC 23.36.77.32
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-27 05:14:54 UTC 34.160.144.191
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-27 05:14:54 UTC 52.35.74.102
mnemonic passive DNS ocsp.pki.goog (10) 175 2017-06-14 07:23:31 UTC 2022-09-27 04:53:14 UTC 142.250.74.3
mnemonic passive DNS cdnjs.cloudflare.com (1) 235 2020-10-20 10:17:36 UTC 2022-09-27 05:23:18 UTC 104.17.25.14
mnemonic passive DNS img-getpocket.cdn.mozilla.net (7) 1631 2017-09-01 03:40:57 UTC 2022-09-27 13:22:33 UTC 34.120.237.76
mnemonic passive DNS fonts.googleapis.com (3) 8877 2013-06-10 20:14:26 UTC 2022-09-27 22:17:28 UTC 142.250.74.10
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-27 23:53:35 UTC 143.204.55.35
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-27 04:52:33 UTC 34.117.237.239
mnemonic passive DNS bdsnamhoian.com (37) 0 2019-03-06 02:56:49 UTC 2022-09-28 00:09:45 UTC 112.78.1.150 Unknown ranking
mnemonic passive DNS ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2022-09-27 21:28:46 UTC 93.184.220.29


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 112.78.1.150

Date UQ / IDS / BL URL IP
2022-11-27 07:03:26 +0000
0 - 0 - 1 giahungtrieu.net/ 112.78.1.150
2022-11-27 06:51:26 +0000
0 - 0 - 2 access.giahungtrieu.net/ 112.78.1.150
2022-11-27 06:40:54 +0000
0 - 0 - 1 demo.giahungtrieu.net/ 112.78.1.150
2022-11-27 06:35:14 +0000
0 - 0 - 4 3d.giahungtrieu.net/ 112.78.1.150
2022-11-27 06:15:13 +0000
0 - 0 - 226 bikkviz.com/ 112.78.1.150

Last 5 reports on ASN: ODS Joint Stock Company

Date UQ / IDS / BL URL IP
2022-11-27 07:03:26 +0000
0 - 0 - 1 giahungtrieu.net/ 112.78.1.150
2022-11-27 06:51:26 +0000
0 - 0 - 2 access.giahungtrieu.net/ 112.78.1.150
2022-11-27 06:40:54 +0000
0 - 0 - 1 demo.giahungtrieu.net/ 112.78.1.150
2022-11-27 06:35:14 +0000
0 - 0 - 4 3d.giahungtrieu.net/ 112.78.1.150
2022-11-27 06:15:13 +0000
0 - 0 - 226 bikkviz.com/ 112.78.1.150

Last 2 reports on domain: bdsnamhoian.com

Date UQ / IDS / BL URL IP
2022-09-28 04:10:01 +0000
0 - 0 - 21 bdsnamhoian.com/ 112.78.1.150
2022-09-02 03:09:42 +0000
0 - 0 - 20 bdsnamhoian.com/ 112.78.1.150

No other reports with similar screenshot



JavaScript

Executed Scripts (15)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (92)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 03:15:38 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: HsI701wclNWG5Cc3nzEHVIjOTtwzBnr7t0A-KJlQ_acFJprrEtG24A==
Age: 3251


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19106
Expires: Wed, 28 Sep 2022 09:28:15 GMT
Date: Wed, 28 Sep 2022 04:09:49 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E16E8B782B441ECB9A57C3FC3DB9884B5A3034967B846CCA67B2F53644FCABDF"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4321
Expires: Wed, 28 Sep 2022 05:21:50 GMT
Date: Wed, 28 Sep 2022 04:09:49 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: rl5kWCf5eIdVOTN4nCoAqC0Ghx2i00OMiXxrNbUfsPe8XjJCwVPYqpupTHjdPY8A+JXisXYyaeU=
x-amz-request-id: 9X5W02B96B4YSQPY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 28 Sep 2022 03:47:14 GMT
age: 1355
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 28 Sep 2022 04:09:49 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 03:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 28 Sep 2022 04:12:55 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: FewGpGKNB8G-RFOEKdZ5MNojzpGnU3sekVYqCLpYzmUepjf2e6qF_A==
Age: 2417


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET / HTTP/1.1 
Host: bdsnamhoian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         112.78.1.150
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Wed, 28 Sep 2022 04:09:50 GMT
Content-Length: 9824
Connection: keep-alive
X-Powered-By: PHP/7.3.5
Cache-Control: private, must-revalidate
pragma: no-cache
expires: -1
Set-Cookie: ip_country_code=no; expires=Fri, 02-Jan-1970 00:00:00 GMT; Max-Age=0; path=/; domain=bdsnamhoian.com X-XSRF-TOKEN=fyTToyfMw8Ko9VKdsusJm1clwyVYp2B3S9RfwL1I; path=/; domain=bdsnamhoian.com laravel_session=eyJpdiI6IldtYnhsclwvd3BnV2FnS21mdW0zckZBPT0iLCJ2YWx1ZSI6Ik42ejRUVFJySlpicVNvRVpxRkVOYmJPOStWTk4zQ3VIbzVNSlkyMHBLd3JZOXllZFwvUVBtZ1wvUFFtc1R5YnZxYUhYc0N2eTRRUE84Z1NiNTR2UDRHV0E9PSIsIm1hYyI6ImVmYmJiY2U3MjQ2MTA3Y2RkM2NhODJhMDUxMDc2MDk2MTMxM2UyNjc1MWE0NGEyZWE0MjM5NDRiZTQ1YmYwNjgifQ%3D%3D; expires=Wed, 05-Oct-2022 04:09:50 GMT; Max-Age=604800; path=/; httponly
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1994)
Size:   9824
Md5:    663f0bceeb5be56ea4886767d8c887cf
Sha1:   c76f512f229a3fc2a6f08b69473c1dd4ba07b8d5
Sha256: e59a08a8715c58dba883bb36794336fe34c9c396bb77c399a750cf9ec9dca18c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6219
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 04:09:50 GMT
Last-Modified: Wed, 28 Sep 2022 02:26:11 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5137
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 04:09:50 GMT
Last-Modified: Wed, 28 Sep 2022 02:44:13 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /ajax/libs/jquery/3.3.1/jquery.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bdsnamhoian.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 28 Sep 2022 04:09:50 GMT
content-length: 66920
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-42587"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2156534
expires: Mon, 18 Sep 2023 04:09:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KrlAkOFTOVy56a%2FDfiTQ8HgrmMfLBAc%2B6CH1NAQU%2BBSInIsT02uRRE%2Fq0BIR3obenwhfyx5EynlSHtAu8fXyYT73cDIaTLtokXKt3rWGdfer8dcsDDOg3Z3XTHaCNNfI5h8eEnOg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7519a03b4a55b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   66920
Md5:    36e48ae8231943f6636f72952f966a7b
Sha1:   65055988863b901f2fd0bca024cfade5a6922625
Sha256: 3f0fd104cbebc81ac4a4f52a9acc4d0eed10297660b5951fceb3df57c66a134d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 812
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 04:09:50 GMT
Last-Modified: Wed, 28 Sep 2022 03:56:19 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YAapKFZm7aAb2LRQhZLXUQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.35.74.102
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: f4PqIH7kwd4dWldW3AkGsZxA5Z0=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7F23CF1FB90A83BF56A4A2970434ED22E04C77377F6DEDF37D30D4D1F5F60DDF"
Last-Modified: Wed, 28 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 28 Sep 2022 10:09:51 GMT
Date: Wed, 28 Sep 2022 04:09:51 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7F23CF1FB90A83BF56A4A2970434ED22E04C77377F6DEDF37D30D4D1F5F60DDF"
Last-Modified: Wed, 28 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21565
Expires: Wed, 28 Sep 2022 10:09:16 GMT
Date: Wed, 28 Sep 2022 04:09:51 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7F23CF1FB90A83BF56A4A2970434ED22E04C77377F6DEDF37D30D4D1F5F60DDF"
Last-Modified: Wed, 28 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21562
Expires: Wed, 28 Sep 2022 10:09:13 GMT
Date: Wed, 28 Sep 2022 04:09:51 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7F23CF1FB90A83BF56A4A2970434ED22E04C77377F6DEDF37D30D4D1F5F60DDF"
Last-Modified: Wed, 28 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 28 Sep 2022 10:09:51 GMT
Date: Wed, 28 Sep 2022 04:09:51 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7F23CF1FB90A83BF56A4A2970434ED22E04C77377F6DEDF37D30D4D1F5F60DDF"
Last-Modified: Wed, 28 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 28 Sep 2022 10:09:51 GMT
Date: Wed, 28 Sep 2022 04:09:51 GMT
Connection: keep-alive

                                        
                                            GET /css/custom.css HTTP/1.1 
Host: bdsnamhoian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bdsnamhoian.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         112.78.1.150
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Wed, 28 Sep 2022 04:09:51 GMT
content-length: 1734
last-modified: Wed, 13 Jul 2022 02:19:02 GMT
etag: "165f-5e3a668919180-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1734
Md5:    38b458cf14434df534a593b9802d73e1
Sha1:   5f337adb59a5290477d6865aa10c63ef12ec786f
Sha256: b789bf696206679248e77f73cd8dfd28e7943047df10c813ec218e89bec29ee3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17408
Expires: Wed, 28 Sep 2022 09:00:00 GMT
Date: Wed, 28 Sep 2022 04:09:52 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd9715fa-0606-41f2-b3fa-1c7048f24b48.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9710
x-amzn-requestid: 34553ef5-773c-4c06-835f-0382202b706d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDCWDE74IAMF0xA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63311759-3a8cc99a4d529adc23d1dfc1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 03:07:05 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6WtNGTt-HH__-2fhF-DwduAIhqNW2D0nB24FIIwmSuNVLsQuLDQy1g==
via: 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 05:04:56 GMT
age: 83096
etag: "5dcf4fbd065e0850c2602a5e8791ba7af1999d9f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9710
Md5:    c761355e3b9bdf64113c92591306b959
Sha1:   5dcf4fbd065e0850c2602a5e8791ba7af1999d9f
Sha256: 03464d30ae3a3199bb3b19e1c730385fc8f68444d41eb0099542bd83108e6ed5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13299
x-amzn-requestid: 926df8b6-beec-470d-b0b3-33be326cd379
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF8YIAMF3Nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-343e91e735af43d01fc83ddd;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: fcxclGRP3zfWwb6opjYU2bL9VAq_mCSNjFtfp9iMLq6tbZu57EDqpQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:50:04 GMT
etag: "651600f2ef18cecc2e38370069bbb5e1d86f68e0"
age: 22788
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13299
Md5:    ad84ed0c5b2090df7996007514cf1984
Sha1:   651600f2ef18cecc2e38370069bbb5e1d86f68e0
Sha256: a3d0729e1d43afeadd2dd8273c858b8839d9e476f773c8ec9d96b5969a9e0b4a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12016
x-amzn-requestid: ec1b3715-5d0f-4045-aa5b-b70a55c81d72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3EtyIAMFdZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-201dd1ef1426a09965c68dab;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pR4b1-lZZRMnWf-PdXFGXaHBCGAfOyp3AjeuCvtu5imWmf9N9l2wKQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:38 GMT
age: 22874
etag: "a54803cca7d3c509c195f65961e1110c8ec56f55"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12016
Md5:    4b794c6812cb546de0295e087ebe66a7
Sha1:   a54803cca7d3c509c195f65961e1110c8ec56f55
Sha256: 6a207f75eb3951f3dea5252bc8d185cd604d3d657f15b838774e8087e91f37f5
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 04:09:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 04:09:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 04:09:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 04:09:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c254fe7-b89c-4a2c-a79c-4a6a0fe2d17c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7020
x-amzn-requestid: 1258ee7b-987a-4454-8963-e76b7c1470f3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e4EVxIAMFrmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-7a1fbaa251600686757f9583;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _ISJfVYtY7kLIm87GZEvqMmEr3D4vYcZDi-WJAu4GyaxLQKRUDbVjg==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:03 GMT
age: 23029
etag: "2351d2547f4bd0aac45bb21a5aa8277e80ef15f2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7020
Md5:    ccfb4931d41ca01aa55b4b8e9ef6b4e1
Sha1:   2351d2547f4bd0aac45bb21a5aa8277e80ef15f2
Sha256: 89de9954ee2874b476c907810189812efe13234a46910180f34f68082429260f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11314
x-amzn-requestid: 0ceafc65-764c-4367-b031-257061eb65d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF00oAMFUpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-0d46481b7394081b14a81131;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ve8l6PxpMuBLt5BxwywNpqM2ISt0zy2r_gweYnVw4X65PBEhpMbckg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:00 GMT
age: 23032
etag: "8ad289a77705358ab660b6123e9d90de991b6c13"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11314
Md5:    ee83d08d024d127fad5918e1ffacb78b
Sha1:   8ad289a77705358ab660b6123e9d90de991b6c13
Sha256: aaab3590ef3777ce8b7a9a34f18866fa20ecaa554cbcdcdb3f1fa3c34c88ceb4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc40456fc-e6ad-484b-8754-8b2b0e7abc7c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5944
x-amzn-requestid: 040b4452-4120-4ae5-9ad2-c5b341abbb13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI34BFdmIAMFmew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336cff-103adde82b57535e4f3fb16a;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:37:04 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: q03mXCSikJcsTBGqk1Xq7452EiDz4t9PFbp5Qj4xwobiFgqtPwGCBw==
via: 1.1 d2575afea3774df33dcf5e5ff475025e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:21:35 GMT
age: 20897
etag: "1aec1d67a36867bee8069a144fb1b0d95ff2cb54"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5944
Md5:    1fa8cb4f4be5057788cd1a2a4d0e76d6
Sha1:   1aec1d67a36867bee8069a144fb1b0d95ff2cb54
Sha256: 5193131db8040ef254554d59109002ec7b8cfc2eab1e872b63e5f65db7cf5105
                                        
                                            GET /assets/js/pace.min.js HTTP/1.1 
Host: bdsnamhoian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bdsnamhoian.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         112.78.1.150
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Wed, 28 Sep 2022 04:09:51 GMT
content-length: 4133
last-modified: Sun, 12 May 2019 12:29:46 GMT
etag: "2f19-588aff47c6280-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12038)
Size:   4133
Md5:    28512381a9d063b5190a2d61b1bdd17a
Sha1:   7509ba6741bea34df41f8dd15d4d12066a75743c
Sha256: 035fdf764959a11002aa4c05609e91b40d9702be2c74bc29d2891bcd2283e298

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /assets/plugins/modernizr/modernizr-custom.js HTTP/1.1 
Host: bdsnamhoian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bdsnamhoian.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         112.78.1.150
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Wed, 28 Sep 2022 04:09:51 GMT
content-length: 3881
last-modified: Sun, 12 May 2019 12:29:46 GMT
etag: "2308-588aff47c6280-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8796)
Size:   3881
Md5:    6f6d1ec0809b8072040432f279eca45c
Sha1:   0f9519f7dd40def5249a2d8909e4b1dd2502d27d
Sha256: 022c5865b9e0ae103cb2c86fc16e29f0a9d51ad50521a7a0de8ae1a0eaac51b7

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /assets/plugins/select2/js/i18n/vi.js HTTP/1.1 
Host: bdsnamhoian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bdsnamhoian.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         112.78.1.150
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Wed, 28 Sep 2022 04:09:51 GMT
content-length: 476
last-modified: Sun, 12 May 2019 12:29:46 GMT
etag: "321-588aff47c6280-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (665)
Size:   476
Md5:    f4c7c6f19b5caa7efbbfed64c2bfa304
Sha1:   573ced931886cadcafeec62462eeebf7af0a0f9e
Sha256: b5ad010721d1e86722fb8c6acad4eb80d65e87bac519aa2a89108ad6ff1b15d0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 04:09:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 04:09:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css?family=Roboto+Condensed:400,300,700,400italic,700italic HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdsnamhoian.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Sep 2022 04:09:52 GMT
date: Wed, 28 Sep 2022 04:09:52 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1300
Md5:    1f91e1ebdc235494cf02c0f07b481e0d
Sha1:   eed2d02efa06f8ba921cb030ebd9e479fb26454d
Sha256: 976d7537fa090fa299d3914bd63cb32e6ee2c7a007b58870102d3ef44492d7b7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 04:09:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 04:09:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bdsnamhoian.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 549344
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bdsnamhoian.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 18:14:12 GMT
expires: Mon, 25 Sep 2023 18:14:12 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
age: 208540
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size:   15920
Md5:    3a44e06eb954b96aa043227f3534189d
Sha1:   23cef6993ddb2b2979e8e7647fc3763694e2ba7d
Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bdsnamhoian.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11800
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:35:48 GMT
expires: Thu, 21 Sep 2023 19:35:48 GMT
cache-control: public, max-age=31536000
age: 549244
last-modified: Wed, 11 May 2022 19:25:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 11800, version 1.0\012- data
Size:   11800
Md5:    e36fccd06262bef92e7a9841e2202225
Sha1:   b907dd02819497b3942220e0aa160c167195506b
Sha256: 7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 04:09:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bdsnamhoian.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:35:48 GMT
expires: Thu, 21 Sep 2023 19:35:48 GMT
cache-control: public, max-age=31536000
age: 549244
last-modified: Wed, 11 May 2022 19:25:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 11872, version 1.0\012- data
Size:   11872
Md5:    87ace20058325aa069320aa4af875dff
Sha1:   b743548770c46d905ae1ba06310bc001c587fe8e
Sha256: 3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
                                        
                                            GET /s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuvMR6WR.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bdsnamhoian.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11512
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 02:01:17 GMT
expires: Thu, 28 Sep 2023 02:01:17 GMT
cache-control: public, max-age=31536000
age: 7715
last-modified: Tue, 19 Apr 2022 18:07:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 11512, version 1.0\012- data
Size:   11512
Md5:    e460f5ce80316b520bec6807317be2d0
Sha1:   6e88ca766af25131675de023f504d0be9f962fe0
Sha256: 542d343d39243359b90273983d90e0d211a2e1f2a09518d6f1746c3a3d2ba3fe
                                        
                                            GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bdsnamhoian.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 22:17:40 GMT
expires: Wed, 27 Sep 2023 22:17:40 GMT
cache-control: public, max-age=31536000
age: 21132
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15660, version 1.0\012- data
Size:   15660
Md5:    d7b0b953a50fddaa88089b5b787cf719
Sha1:   2f85bc568b27659a3d6452f58f9fd7678450326d
Sha256: e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
                                        
                                            GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCoYb8td.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bdsnamhoian.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 22:19:37 GMT
expires: Wed, 27 Sep 2023 22:19:37 GMT
cache-control: public, max-age=31536000
age: 21015
last-modified: Tue, 19 Apr 2022 19:07:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 11760, version 1.0\012- data
Size:   11760
Md5:    f54251ea804647e0203e453359a69fb1
Sha1:   c02db1a2028be922135239168d270579220844a0
Sha256: b7eaf0683081d1ec178eafefff2c407475fe4e69e0d7104e0121f72dcdd1c4d2
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bdsnamhoian.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 549344
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bdsnamhoian.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11824
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:50:35 GMT
expires: Thu, 21 Sep 2023 19:50:35 GMT
cache-control: public, max-age=31536000
age: 548357
last-modified: Wed, 11 May 2022 19:24:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 11824, version 1.0\012- data
Size:   11824
Md5:    deb26e9b1a25438118e5d39d741ae6b6
Sha1:   a2801defb4c8bed8e4083dfde0b2a5a9c0537020
Sha256: fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
                                        
                                            GET /s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuvMR6WR.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bdsnamhoian.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12388
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 01:24:01 GMT
expires: Thu, 28 Sep 2023 01:24:01 GMT
cache-control: public, max-age=31536000
age: 9951
last-modified: Tue, 19 Apr 2022 18:00:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 12388, version 1.0\012- data
Size:   12388
Md5:    81fa753f79d8bb8e3ba128bd7d1d0806
Sha1:   a7b3a08bed83fdc9fa65a2cd1281c30d3f060f36
Sha256: c000066f2b27add17d55cfec67196d43c6a529f550da7877663e34632c927bcf
                                        
                                            GET /s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bdsnamhoian.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14964
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 22:47:41 GMT
expires: Wed, 27 Sep 2023 22:47:41 GMT
cache-control: public, max-age=31536000
age: 19331
last-modified: Tue, 19 Apr 2022 18:08:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 14964, version 1.0\012- data
Size:   14964
Md5:    44b4e1e6aecc684d11fe7501dd36df19
Sha1:   59e2710168a0d6889a24eaaa5134114f7e258461
Sha256: 6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a
                                        
                                            GET /s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bdsnamhoian.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 22:19:54 GMT
expires: Wed, 27 Sep 2023 22:19:54 GMT
cache-control: public, max-age=31536000
age: 20998
last-modified: Tue, 19 Apr 2022 18:08:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16324, version 1.0\012- data
Size:   16324
Md5:    f43fa5b4f6366eae0039e4e49db645de
Sha1:   d7fec074ba8b6e69bec4a995ea722d3d1513ad43
Sha256: 0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bdsnamhoian.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 20:01:06 GMT
expires: Thu, 21 Sep 2023 20:01:06 GMT
cache-control: public, max-age=31536000
age: 547726
last-modified: Wed, 11 May 2022 19:24:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 5604, version 1.0\012- data
Size:   5604
Md5:    7cda2cfee99d697daf8c14819d9004eb
Sha1:   76f4002863493c93454a9f17424942f321287cba
Sha256: 0948409a22b5979aa7e1ec20da9e61f12e7d403800b541ece053881bd2542b70
                                        
                                            GET /storage/app/categories/custom/541e2e157b7d3d3674b594fac9200008.jpeg HTTP/1.1 
Host: bdsnamhoian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bdsnamhoian.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         112.78.1.150
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 28 Sep 2022 04:09:51 GMT
content-length: 49543
last-modified: Mon, 11 Jul 2022 01:43:18 GMT
etag: "c187-5e37dad17f980"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 400x300, components 3\012- data
Size:   49543
Md5:    0340334f884ad1434ed2d2ed672e17c6
Sha1:   7f2d4b251bb3b18c694a3a031a53a8d9c038a2c1
Sha256: b21ce2f3c942795534a129a32c07a7675b1ca4c9084dcfd9e23fa8d6145ae69c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /storage/app/categories/custom/95527628c89d26a573ea50401431b8fb.jpeg HTTP/1.1 
Host: bdsnamhoian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bdsnamhoian.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         112.78.1.150
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 28 Sep 2022 04:09:51 GMT
content-length: 28884
last-modified: Mon, 11 Jul 2022 01:42:57 GMT
etag: "70d4-5e37dabd78a40"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 400x225, components 3\012- data
Size:   28884
Md5:    ed229475b3d2b68ead1abc9ea329da54
Sha1:   49cd98f768f173c406b07e13ba4996bd9d2ca7cf
Sha256: 5875328723ec2f12d90b0fc1a7ecd455e68c44f6954395324c38312684511557

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /storage/app/categories/custom/e2e32c6e04a0f89903d819bca1e31b0e.jpeg HTTP/1.1 
Host: bdsnamhoian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bdsnamhoian.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         112.78.1.150
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 28 Sep 2022 04:09:51 GMT
content-length: 36738
last-modified: Mon, 11 Jul 2022 01:43:33 GMT
etag: "8f82-5e37dadfcdb40"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 400x225, components 3\012- data
Size:   36738
Md5:    ff4d9247fb681a09b2335ee5676d5a77
Sha1:   9a5865b6efc6fe40461a0cb9d658df14390c5232
Sha256: b64cdd82885b3bc462b846e790692950963e01f62d7706646a0f0918fa6d5b04

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /storage/app/categories/custom/adcc18ba0c3ce5a408958f5e47c47e8a.jpeg HTTP/1.1 
Host: bdsnamhoian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bdsnamhoian.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         112.78.1.150
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 28 Sep 2022 04:09:51 GMT
content-length: 36033
last-modified: Mon, 11 Jul 2022 01:43:52 GMT
etag: "8cc1-5e37daf1ec600"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 400x234, components 3\012- data
Size:   36033
Md5:    5b74d961e4534cd31c954558fa94a1de
Sha1:   e71ed0738eb8d5b8e04d54de5862190cb1a86c89
Sha256: ca2939c3f21db2c5038e4e21b805521e5421e29d750ba051edddb830914700db

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 04:09:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bdsnamhoian.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5548
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 21:33:01 GMT
expires: Thu, 21 Sep 2023 21:33:01 GMT
cache-control: public, max-age=31536000
age: 542211
last-modified: Wed, 11 May 2022 19:24:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 5548, version 1.0\012- data
Size:   5548
Md5:    cdaab83619fcacd4027a77c99dd51e69
Sha1:   9e6eae8554f8cc2309b2dae2d9fa217e34eed6a4
Sha256: 4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9
                                        
                                            GET /s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDurMR6WR.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bdsnamhoian.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 6724
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 02:46:54 GMT
expires: Fri, 22 Sep 2023 02:46:54 GMT
cache-control: public, max-age=31536000
age: 523378
last-modified: Tue, 19 Apr 2022 18:20:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 6724, version 1.0\012- data
Size:   6724
Md5:    56eeb54771c5d85ff4d9682f114925ad
Sha1:   a2b8a3bf824b590a2e2e4f535807de938e26f6c4
Sha256: 3b5bacd677f193b76ddc1dfbb17ac72ddf29712adbba16270a2b8c5316daee2b
                                        
                                            GET /s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDurMR6WR.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bdsnamhoian.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 6156
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 05:33:52 GMT
expires: Fri, 22 Sep 2023 05:33:52 GMT
cache-control: public, max-age=31536000
age: 513360
last-modified: Tue, 19 Apr 2022 18:07:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 6156, version 1.0\012- data
Size:   6156
Md5:    fcfadfd2ff026dd67dd4868e5d0b09fd
Sha1:   3e7961773509b451a7c30fc9089f18414952e4f7
Sha256: f77e0253633f52b87bfb2a7568c445659e2e6ee22126cf179c72c038bc4771c1
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bdsnamhoian.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5560
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:36:26 GMT
expires: Thu, 21 Sep 2023 19:36:26 GMT
cache-control: public, max-age=31536000
age: 549206
last-modified: Wed, 11 May 2022 19:24:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 5560, version 1.0\012- data
Size:   5560
Md5:    ca3b09b62fda648a4511700413313fd0
Sha1:   109cd4c5435bd6614391bb8722c47c287c96b2ec
Sha256: 77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
                                        
                                            GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCsYb8td.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bdsnamhoian.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5564
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 06:09:49 GMT
expires: Thu, 21 Sep 2023 06:09:49 GMT
cache-control: public, max-age=31536000
age: 597603
last-modified: Tue, 19 Apr 2022 19:11:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 5564, version 1.0\012- data
Size:   5564
Md5:    d4d88a25c6405b91c0d8cb3fa6c9ca7b
Sha1:   06a7623d5b742d64372240e2c63c1c1330e63b90
Sha256: bf3fbb19e9654fa5727bc1312cd4b8bd54d23adb70168da4315cead4666f7dc8
                                        
                                            GET /storage/app/categories/custom/a906d168f02a006361ed0a26d5a2421f.jpeg HTTP/1.1 
Host: bdsnamhoian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bdsnamhoian.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         112.78.1.150
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 28 Sep 2022 04:09:51 GMT
content-length: 35854
last-modified: Mon, 11 Jul 2022 01:44:28 GMT
etag: "8c0e-5e37db1441700"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 400x267, components 3\012- data
Size:   35854
Md5:    1a095c010d50d05549d6d88791efb85d
Sha1:   ac708038363d7042c8248b1bb9ceec61f5aed288
Sha256: 9d87cd4076c27f1acd247cf1942b8a81118422637a3c045d939434d252b0d4e9

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /storage/app/categories/custom/9b631f5a3f727a5dbd071c1a13a195c4.jpeg HTTP/1.1 
Host: bdsnamhoian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bdsnamhoian.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         112.78.1.150
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 28 Sep 2022 04:09:51 GMT
content-length: 16435
last-modified: Mon, 11 Jul 2022 01:44:55 GMT
etag: "4033-5e37db2e013c0"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 400x225, components 3\012- data
Size:   16435
Md5:    4b42f766e662c928a4543df51f03065d
Sha1:   54abef57ee00b5ccb3fbfb8b4c5016fa71670c94
Sha256: 0236d5b440c493a6db5b17ac28d6d56621dfa908b158689fc6708c4eaa5d31b2

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /storage/files/vn/9/thumb-320x240-193fd40aea61868d5993698960f4cdb3.jpg HTTP/1.1 
Host: bdsnamhoian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bdsnamhoian.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         112.78.1.150
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 28 Sep 2022 04:09:51 GMT
content-length: 17131
last-modified: Wed, 21 Sep 2022 09:00:52 GMT
etag: "42eb-5e92c2e8fab1d"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 320x240, components 3\012- data
Size:   17131
Md5:    6168114ff09d0b5f1e3519fa93ede6ab
Sha1:   4b304b393f42279a74fe6f4f8b014b3fe8935434
Sha256: 1cbdb875ed7554f31a98853ed2f8da8885206b64d92e628b8e54a54696f4fd4c
                                        
                                            GET /storage/files/vn/10/thumb-320x240-770119022932a2f01f9a751b2a1e85f5.jpg HTTP/1.1 
Host: bdsnamhoian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bdsnamhoian.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         112.78.1.150
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 28 Sep 2022 04:09:51 GMT
content-length: 19712
last-modified: Wed, 21 Sep 2022 10:25:39 GMT
etag: "4d00-5e92d5dbf7544"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 320x240, components 3\012- data
Size:   19712
Md5:    74f55e145b0da79878fa61f233e3330c
Sha1:   b4b5537c0bed7c472e043aaf52725a73229613e5
Sha256: 0a887c0902bd554d309ee94a6080ba8f07207a3e26d94d6ccdf3060aeef41162
                                        
                                            GET /storage/files/vn/11/thumb-320x240-25a94a8476e41240f624fbe1dec806ab.jpg HTTP/1.1 
Host: bdsnamhoian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bdsnamhoian.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         112.78.1.150
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 28 Sep 2022 04:09:51 GMT
content-length: 21525
last-modified: Wed, 21 Sep 2022 10:34:17 GMT
etag: "5415-5e92d7c9f72de"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 320x240, components 3\012- data
Size:   21525
Md5:    b25c2c042ec3963a170931761db319a7
Sha1:   feb1b74de361a7ec18de8ac0b51c2e91b8581b92
Sha256: da141ad316f8acaeb7c04890ede6eee577bbecdad1333ec703b1b1cddeda3a1e
                                        
                                            GET /storage/files/vn/8/thumb-320x240-44468a374626fc7f937775469b0c494d.jpg HTTP/1.1 
Host: bdsnamhoian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bdsnamhoian.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         112.78.1.150
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 28 Sep 2022 04:09:51 GMT
content-length: 20615
last-modified: Wed, 21 Sep 2022 08:38:23 GMT
etag: "5087-5e92bde1fdb3b"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 320x240, components 3\012- data
Size:   20615
Md5:    16a58fe1570645bbcd27040570ae61ba
Sha1:   e6faea389ac6f3f38092e54bc34e94157bbe53b9
Sha256: 6c24a74d5954b5e76e51d5fb65af5a1661d31d19f63fb16ffbef495122b54e6f
                                        
                                            GET /images/ti_fixed_3_t.png HTTP/1.1 
Host: bdsnamhoian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bdsnamhoian.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         112.78.1.150
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Wed, 28 Sep 2022 04:09:51 GMT
content-length: 1853
last-modified: Thu, 07 Jul 2022 09:24:42 GMT
etag: "73d-5e333a7d2ca80"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 50 x 50, 8-bit/color RGB, non-interlaced\012- data
Size:   1853
Md5:    52f92fb490c085d025f905efcc1b2971
Sha1:   e3bc328f86850de0f1112346b74105ab023794e4
Sha256: 81255c51054fa995078a6d9cfbe7887111eafd8116cc7dc99ac4df48687332d2
                                        
                                            GET /storage/files/vn/3/thumb-320x240-4488b178f69919901db0acd86aa08c42.jpeg HTTP/1.1 
Host: bdsnamhoian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bdsnamhoian.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         112.78.1.150
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 28 Sep 2022 04:09:51 GMT
content-length: 26000
last-modified: Wed, 21 Sep 2022 03:40:23 GMT
etag: "6590-5e927b4717cd7"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 320x240, components 3\012- data
Size:   26000
Md5:    6dacfda457166a270813fd4efe89acb0
Sha1:   e8b6b9e7a01ab77b73f06538ff27cc742c1ba520
Sha256: b178fa25b6935fced764fd49dc394f4e11852647a1514f84eacdb9ee11dbd92a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /storage/files/vn/2/thumb-320x240-360bc3b4ad4b1377f508f50057c69603.jpg HTTP/1.1 
Host: bdsnamhoian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bdsnamhoian.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         112.78.1.150
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 28 Sep 2022 04:09:51 GMT
content-length: 14553
last-modified: Wed, 13 Jul 2022 08:06:10 GMT
etag: "38d9-5e3ab4203a080"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 320x240, components 3\012- data
Size:   14553
Md5:    941df183ddec0bc956f9827ca056d0cd
Sha1:   015da0ca8ee883df5b2d62a2b1c0a2f62dfb21f9
Sha256: ce0556e42095fd26ebf6a7184979bcf2af7ccbf7f2dadcbd856653f849d0eced
                                        
                                            GET /images/blank.gif HTTP/1.1 
Host: bdsnamhoian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bdsnamhoian.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         112.78.1.150
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Wed, 28 Sep 2022 04:09:51 GMT
content-length: 43
last-modified: Sun, 12 May 2019 12:29:46 GMT
etag: "2b-588aff47c6280"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    325472601571f31e1bf00674c368d335
Sha1:   2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
Sha256: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
                                        
                                            GET /images/ti_fixed_3.png HTTP/1.1 
Host: bdsnamhoian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bdsnamhoian.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         112.78.1.150
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Wed, 28 Sep 2022 04:09:51 GMT
content-length: 1350
last-modified: Thu, 07 Jul 2022 09:26:20 GMT
etag: "546-5e333adaa2700"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   1350
Md5:    b41936c17aabd8d92cc7a3bec39f8014
Sha1:   290899ea38dc4c8888f6baaa64345a109732168b
Sha256: 0b454a7059f90e478a5a870f00ad6172bb0011e32417f4e831117b6f84b3fe27
                                        
                                            GET /images/banner.jpg HTTP/1.1 
Host: bdsnamhoian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bdsnamhoian.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         112.78.1.150
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 28 Sep 2022 04:09:51 GMT
content-length: 159591
last-modified: Wed, 13 Jul 2022 02:16:55 GMT
etag: "26f67-5e3a660ffb3c0"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1162x313, components 3\012- data
Size:   159591
Md5:    346e796e8944bbac8488412b4888c071
Sha1:   ccb76aaefe39c8417d6ae1c826d62a6c5fe5b1c8
Sha256: d5c9ca35d3700a0f80d357bea49334b987c2608e08ee2e7013fa9313a5dc8b40
                                        
                                            GET /images/s2.jpg HTTP/1.1 
Host: bdsnamhoian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bdsnamhoian.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         112.78.1.150
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 28 Sep 2022 04:09:51 GMT
content-length: 185350
last-modified: Wed, 13 Jul 2022 07:27:06 GMT
etag: "2d406-5e3aab64d0680"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPCM), density 56x56, segment length 16, baseline, precision 8, 1161x444, components 3\012- data
Size:   185350
Md5:    532a8517495ddcd9e95349293b67b122
Sha1:   11f88b132054af79a7350da186651d7203f7d24f
Sha256: 5160e6aa45cb09bcb018efdf435e2721a30455837540764a7686a8551d8b7df0
                                        
                                            GET /images/s3.jpg HTTP/1.1 
Host: bdsnamhoian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bdsnamhoian.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         112.78.1.150
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 28 Sep 2022 04:09:51 GMT
content-length: 248321
last-modified: Wed, 13 Jul 2022 07:27:11 GMT
etag: "3ca01-5e3aab69951c0"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPCM), density 56x56, segment length 16, baseline, precision 8, 1162x445, components 3\012- data
Size:   248321
Md5:    11c19a7848acd34a7514c428ecfdd001
Sha1:   2e36f4e54c07d5aecae9ff0d2f78057932123d44
Sha256: 643bb978b8971b4fafb8f8187574c3df7660596793add552b792d60ec0b72d65
                                        
                                            GET /assets/fonts/fontello/fontello.woff?4089732 HTTP/1.1 
Host: bdsnamhoian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bdsnamhoian.com
Connection: keep-alive
Referer: https://bdsnamhoian.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         112.78.1.150
HTTP/2 200 OK
content-type: application/x-font-woff
                                        
server: nginx
date: Wed, 28 Sep 2022 04:09:52 GMT
content-length: 59484
last-modified: Sun, 12 May 2019 12:29:46 GMT
etag: "e85c-588aff47c6280"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 59484, version 1.0\012- data
Size:   59484
Md5:    cd66f803f770850d71e1976309b14a83
Sha1:   cf0366ba09058df2614c8c0531b1a7ce0a9f71aa
Sha256: 53aa8b90b07993a22709e908a884ff9f53976bfd1f32de290d136dadd45c49e8

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /assets/plugins/fontawesome/webfonts/fa-solid-900.woff2 HTTP/1.1 
Host: bdsnamhoian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bdsnamhoian.com
Connection: keep-alive
Referer: https://bdsnamhoian.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         112.78.1.150
HTTP/2 200 OK
                                        
server: nginx
date: Wed, 28 Sep 2022 04:09:52 GMT
content-length: 62472
last-modified: Sun, 12 May 2019 12:29:46 GMT
etag: "f408-588aff47c6280"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 62472, version 1.0\012- data
Size:   62472
Md5:    b75b4bfe0d58faeced5006c785eaae23
Sha1:   92da6e3c7121e21cdfde25ef08797a3937a683e1
Sha256: 5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /assets/plugins/fontawesome/webfonts/fa-brands-400.woff2 HTTP/1.1 
Host: bdsnamhoian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bdsnamhoian.com
Connection: keep-alive
Referer: https://bdsnamhoian.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         112.78.1.150
HTTP/2 200 OK
                                        
server: nginx
date: Wed, 28 Sep 2022 04:09:52 GMT
content-length: 64144
last-modified: Sun, 12 May 2019 12:29:46 GMT
etag: "fa90-588aff47c6280"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 64144, version 1.0\012- data
Size:   64144
Md5:    6814d0e8136d34e313623eb7129d538e
Sha1:   d902f8db3e021155f177f698a252fb98d6e61768
Sha256: 4d0130d314f1669c9ea5a911d401d6250f96386a52b0c38f7b3fb43cdcd10589

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /assets/plugins/fontawesome/webfonts/fa-solid-900.woff HTTP/1.1 
Host: bdsnamhoian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bdsnamhoian.com
Connection: keep-alive
Referer: https://bdsnamhoian.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         112.78.1.150
HTTP/2 200 OK
content-type: application/x-font-woff
                                        
server: nginx
date: Wed, 28 Sep 2022 04:09:53 GMT
content-length: 80484
last-modified: Sun, 12 May 2019 12:29:46 GMT
etag: "13a64-588aff47c6280"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 80484, version 1.0\012- data
Size:   80484
Md5:    2d0415fa29ea596b7a02c78eddeede20
Sha1:   80d33a73cbb60e206ef6f5c898988641576c7dda
Sha256: 48745629a252fb4e8d2750527c0d49341c2c17d5fe5bc6a37ec82b062ae84c9c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /assets/plugins/fontawesome/webfonts/fa-brands-400.woff HTTP/1.1 
Host: bdsnamhoian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bdsnamhoian.com
Connection: keep-alive
Referer: https://bdsnamhoian.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         112.78.1.150
HTTP/2 200 OK
content-type: application/x-font-woff
                                        
server: nginx
date: Wed, 28 Sep 2022 04:09:53 GMT
content-length: 74928
last-modified: Sun, 12 May 2019 12:29:46 GMT
etag: "124b0-588aff47c6280"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 74928, version 1.0\012- data
Size:   74928
Md5:    da408238128b876cbda6424391f1566f
Sha1:   f9d835a0f9248b1bb33d66968e87c4a50103ed8d
Sha256: 52d02d730e65f74a08e79ca39fadb061c14e59de2ffa830bcf05c030fcf700e9

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /assets/fonts/fontello/fontello.ttf?4089732 HTTP/1.1 
Host: bdsnamhoian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://bdsnamhoian.com
Connection: keep-alive
Referer: https://bdsnamhoian.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         112.78.1.150
HTTP/2 200 OK
                                        
server: nginx
date: Wed, 28 Sep 2022 04:09:53 GMT
content-length: 89564
last-modified: Sun, 12 May 2019 12:29:46 GMT
etag: "15ddc-588aff47c6280"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, 14 tables, 1st "OS/2", 18 names, Macintosh, Copyright (C) 2014 by original authors @ fontello.comfontelloRegularfontellofontelloVersion 1.0f\012- DOS 2.0-3.2 backed up sequence 1 of file \016\012- data
Size:   89564
Md5:    ce267183b9a83086f6e4f7ebc304b08a
Sha1:   2f18324278b541a3fd09ee2aea2cc828082322e0
Sha256: e6506e4c2043ddb6676b718a9992131f3cc708da7d6fdbecd60131171a4d1acb
                                        
                                            GET /assets/plugins/fontawesome/webfonts/fa-brands-400.ttf HTTP/1.1 
Host: bdsnamhoian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://bdsnamhoian.com
Connection: keep-alive
Referer: https://bdsnamhoian.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         112.78.1.150
HTTP/2 200 OK
                                        
server: nginx
date: Wed, 28 Sep 2022 04:09:53 GMT
content-length: 116280
last-modified: Sun, 12 May 2019 12:29:46 GMT
etag: "1c638-588aff47c6280"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, 11 tables, 1st "GSUB", 18 names, Macintosh, Font AwesomeFont Awesome 5 BrandsRegularFont Awesome 5 Brands RegularFont Awesome 5 Brands Regul\012- data
Size:   116280
Md5:    fdf44bc43e8fa2358bbb7d9165d78455
Sha1:   19e302760e39e25a5f8d90d6cd0164ef6cd74f8c
Sha256: 365163b706c8cef5fc6c69a0a0ddfc40b5c726d5a955fc2a2cec50deacd77928

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /assets/plugins/fontawesome/webfonts/fa-solid-900.ttf HTTP/1.1 
Host: bdsnamhoian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://bdsnamhoian.com
Connection: keep-alive
Referer: https://bdsnamhoian.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         112.78.1.150
HTTP/2 200 OK
                                        
server: nginx
date: Wed, 28 Sep 2022 04:09:53 GMT
content-length: 168176
last-modified: Sun, 12 May 2019 12:29:46 GMT
etag: "290f0-588aff47c6280"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, 11 tables, 1st "GSUB", 18 names, Macintosh, Font AwesomeFont Awesome 5 FreeSolidFont Awesome 5 Free SolidFont Awesome 5 Free SolidVersion 5.\012- data
Size:   168176
Md5:    132e9759d93e4eefd7cdde0d7a322991
Sha1:   c445864a9646948e0d7ff44930ad732ee61427d8
Sha256: 52f6d77a005727f4b92051119e76e9956b7ee71bf2c22385819afb1a86d28aa4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET / HTTP/1.1 
Host: bdsnamhoian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://bdsnamhoian.com/
Cookie: X-XSRF-TOKEN=fyTToyfMw8Ko9VKdsusJm1clwyVYp2B3S9RfwL1I; laravel_session=eyJpdiI6IldtYnhsclwvd3BnV2FnS21mdW0zckZBPT0iLCJ2YWx1ZSI6Ik42ejRUVFJySlpicVNvRVpxRkVOYmJPOStWTk4zQ3VIbzVNSlkyMHBLd3JZOXllZFwvUVBtZ1wvUFFtc1R5YnZxYUhYc0N2eTRRUE84Z1NiNTR2UDRHV0E9PSIsIm1hYyI6ImVmYmJiY2U3MjQ2MTA3Y2RkM2NhODJhMDUxMDc2MDk2MTMxM2UyNjc1MWE0NGEyZWE0MjM5NDRiZTQ1YmYwNjgifQ%3D%3D; listing_display_mode=.grid-view

                                         
                                         112.78.1.150
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Wed, 28 Sep 2022 04:09:53 GMT
Content-Length: 9824
Connection: keep-alive
X-Powered-By: PHP/7.3.5
Cache-Control: private, must-revalidate
pragma: no-cache
expires: -1
Set-Cookie: ip_country_code=no; expires=Fri, 02-Jan-1970 00:00:00 GMT; Max-Age=0; path=/; domain=bdsnamhoian.com X-XSRF-TOKEN=fyTToyfMw8Ko9VKdsusJm1clwyVYp2B3S9RfwL1I; path=/; domain=bdsnamhoian.com laravel_session=eyJpdiI6IkkxS1wvekQ2cHc2MGVzWXBkZXFQWW9nPT0iLCJ2YWx1ZSI6InMxcytKUldERDlDSFlcL1VLNEI5U2hQT3F0SlI0V0tDblJ6dElodzBuWFVvMnAzRTVzOTRqUHQ3WUNUVThZRXhwSU1pTnNyNEI2d2JTc3FEeFlDTVozZz09IiwibWFjIjoiYzY0YmJmNTFiY2IyYmQ5MzI2YTU1MzM0ZGFlYzY3NjQyNzg5YTBlMTllOGI5M2FkYmI3Y2VlMmYzZDkzMGY0ZCJ9; expires=Wed, 05-Oct-2022 04:09:53 GMT; Max-Age=604800; path=/; httponly
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1994)
Size:   9824
Md5:    663f0bceeb5be56ea4886767d8c887cf
Sha1:   c76f512f229a3fc2a6f08b69473c1dd4ba07b8d5
Sha256: e59a08a8715c58dba883bb36794336fe34c9c396bb77c399a750cf9ec9dca18c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /storage/app/default/ico/favicon.png HTTP/1.1 
Host: bdsnamhoian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bdsnamhoian.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         112.78.1.150
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Wed, 28 Sep 2022 04:09:53 GMT
content-length: 16807
last-modified: Sun, 12 May 2019 12:29:46 GMT
etag: "41a7-588aff47c6280"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   16807
Md5:    3c342d1bdd8767f7ce429b67437cdfc3
Sha1:   e5060c4dc4b1beb0beb0d0297c1c56797627b4d7
Sha256: 13d8d567f424d9cdb4074ff12387900919e011f4a0351ed0d1477b2b508c8602
                                        
                                            GET /storage/app/default/ico/apple-touch-icon-144-precomposed.png HTTP/1.1 
Host: bdsnamhoian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bdsnamhoian.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         112.78.1.150
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Wed, 28 Sep 2022 04:09:53 GMT
content-length: 29449
last-modified: Sun, 12 May 2019 12:29:46 GMT
etag: "7309-588aff47c6280"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 144 x 144, 8-bit/color RGBA, non-interlaced\012- data
Size:   29449
Md5:    43287bfd3f6998fbe3490eea604be915
Sha1:   36d1a0c4893092c57c7e3785702ca235292169ea
Sha256: 5c7fd9b41f6ffcdbb889eb24d00b51a69d1271b0c7a00a5fe9277dd455bf48d7
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7cfd0596-5b8b-4a41-a6fb-93e46d7eebaf.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10593
x-amzn-requestid: 165366e6-f7b6-4087-9370-1b4e413da9fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3VRFKzoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c21-6bf91447296a7b09770dc2fd;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:21 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: nih2VrFo_PgmAUnv6VpsLiSAhaHqQKNIt4jY_NGKOToa7MRMMH7Ubw==
via: 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:58 GMT
etag: "d311aa07fe9e05f84f6bcc4320c7bea6b95dd202"
age: 22861
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10593
Md5:    d569b3ae8d704ad9100ba4f11a632cb8
Sha1:   d311aa07fe9e05f84f6bcc4320c7bea6b95dd202
Sha256: 3425f374243fabdd434e2b555ec1561dd91c2bedbc187cf5c49ce38b4b7642da
                                        
                                            GET /css?family=Roboto:400,100,300,500,700,900|Roboto+Condensed:400,300,700,700italic|Montserrat:400,700 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdsnamhoian.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Sep 2022 04:09:52 GMT
date: Wed, 28 Sep 2022 04:09:52 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css/app.css?id=b3afff2dbda1fa970b12 HTTP/1.1 
Host: bdsnamhoian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bdsnamhoian.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         112.78.1.150
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Wed, 28 Sep 2022 04:09:51 GMT
last-modified: Thu, 14 Jul 2022 03:17:44 GMT
etag: "86c95-5e3bb58566600-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /css?family=Open+Sans+Condensed:300,700 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdsnamhoian.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Sep 2022 04:09:52 GMT
date: Wed, 28 Sep 2022 04:09:52 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/app.js?id=803e69c3cbb5789208c5 HTTP/1.1 
Host: bdsnamhoian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bdsnamhoian.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         112.78.1.150
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Wed, 28 Sep 2022 04:09:51 GMT
last-modified: Sun, 12 May 2019 12:29:46 GMT
etag: "d04ec-588aff47c6280-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /images/s1.jpg HTTP/1.1 
Host: bdsnamhoian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bdsnamhoian.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         112.78.1.150
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 28 Sep 2022 04:09:51 GMT
content-length: 264856
last-modified: Wed, 13 Jul 2022 07:27:00 GMT
etag: "40a98-5e3aab5f17900"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---