urlquery - report: tinhbotnghenhungvan.com/oko/20605e21a427406/login.php?signin

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
scontent-arn2-2.xx.fbcdn.net (1)	87860	2018-12-13 19:32:03 UTC	2022-09-17 07:58:00 UTC	157.240.194.27
firefox.settings.services.mozilla.com (2)	867	2020-05-27 20:08:30 UTC	2022-09-17 08:11:16 UTC	143.204.55.35
r3.o.lencr.org (3)	344	2020-12-02 08:52:13 UTC	2022-09-17 04:50:33 UTC	23.36.77.32
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-09-17 04:54:02 UTC	34.117.237.239
tinhbotnghenhungvan.com (22)	0	2021-10-20 03:31:08 UTC	2022-09-17 10:59:05 UTC	103.171.113.239	Unknown ranking
ocsp.digicert.com (3)	86	2012-05-21 07:02:23 UTC	2022-09-17 08:47:22 UTC	93.184.220.29
static.xx.fbcdn.net (22)	661	2012-12-01 13:12:13 UTC	2022-09-17 04:52:11 UTC	31.13.72.12
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-09-17 06:12:04 UTC	143.204.55.25
push.services.mozilla.com (1)	2140	2015-09-03 10:29:36 UTC	2022-09-17 05:57:39 UTC	54.148.228.200
ocsp.pki.goog (4)	175	2017-06-14 07:23:31 UTC	2022-09-17 04:50:28 UTC	142.250.74.3
fonts.googleapis.com (2)	8877	2014-07-21 13:19:55 UTC	2022-09-17 08:08:43 UTC	142.250.74.10
ajax.googleapis.com (1)	12905	2019-10-15 17:52:08 UTC	2022-09-17 08:29:55 UTC	142.250.74.74
www.facebook.com (1)	99	2017-01-30 05:00:00 UTC	2022-09-17 04:15:47 UTC	31.13.72.36

Scan Date	Severity	Indicator	Comment
2022-09-17	2	tinhbotnghenhungvan.com/wp-content/plugins/contact-form-7/includes/css/styl (...)	Phishing
2022-09-17	2	tinhbotnghenhungvan.com/wp-content/themes/tinh-bot-he/style.css?ver=3.0	Phishing
2022-09-17	2	tinhbotnghenhungvan.com/wp-includes/js/hoverIntent.min.js?ver=1.10.1	Phishing
2022-09-17	2	tinhbotnghenhungvan.com/wp-content/themes/flatsome/assets/js/flatsome.js?ve (...)	Phishing
2022-09-17	2	tinhbotnghenhungvan.com/wp-includes/js/wp-embed.min.js?ver=5.8.5	Phishing
2022-09-17	2	tinhbotnghenhungvan.com/wp-content/themes/flatsome/inc/extensions/flatsome- (...)	Phishing
2022-09-17	2	tinhbotnghenhungvan.com/wp-content/themes/flatsome/assets/css/icons/fl-icon (...)	Phishing
2022-09-17	2	tinhbotnghenhungvan.com/wp-includes/css/dist/block-library/style.min.css?ve (...)	Phishing
2022-09-17	2	tinhbotnghenhungvan.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Phishing

Date	UQ / IDS / BL	URL	IP
2023-03-21 03:47:24 +0000	0 - 0 - 9	tinhbotnghenhungvan.com/oko/20605e21a427406/l (...)	103.171.113.239
2022-09-17 13:39:49 +0000	0 - 0 - 9	tinhbotnghenhungvan.com/oko/20605e21a427406/l (...)	103.171.113.239
2022-09-17 03:42:28 +0000	0 - 0 - 9	tinhbotnghenhungvan.com/oko/20605e21a427406/l (...)	103.171.113.239

Date	UQ / IDS / BL	URL	IP
2023-03-21 03:47:24 +0000	0 - 0 - 9	tinhbotnghenhungvan.com/oko/20605e21a427406/l (...)	103.171.113.239
2023-03-09 22:04:27 +0000	0 - 1 - 0	yulgangfree.com/autoupdate/Update/Client/YGFR (...)	103.175.143.226
2023-03-09 21:48:31 +0000	0 - 2 - 0	yulgangfree.com/autoupdate/Update/Client/ybfo (...)	103.175.143.226
2023-03-09 21:47:17 +0000	0 - 2 - 0	yulgangfree.com/autoupdate/Update/Client/ijl12.dll	103.175.143.226
2023-02-08 16:32:11 +0000	0 - 2 - 1	103.175.144.220/update/files/Client/Anti.dll	103.175.144.220

Date	UQ / IDS / BL	URL	IP
2023-03-21 03:47:24 +0000	0 - 0 - 9	tinhbotnghenhungvan.com/oko/20605e21a427406/l (...)	103.171.113.239
2022-09-17 13:39:49 +0000	0 - 0 - 9	tinhbotnghenhungvan.com/oko/20605e21a427406/l (...)	103.171.113.239
2022-09-17 03:42:28 +0000	0 - 0 - 9	tinhbotnghenhungvan.com/oko/20605e21a427406/l (...)	103.171.113.239

Date	UQ / IDS / BL	URL	IP
2022-09-17 03:42:28 +0000	0 - 0 - 9	tinhbotnghenhungvan.com/oko/20605e21a427406/l (...)	103.171.113.239
2023-03-21 03:47:24 +0000	0 - 0 - 9	tinhbotnghenhungvan.com/oko/20605e21a427406/l (...)	103.171.113.239

Request	Response
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.35 HASH: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a 143.204.55.35 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Sat, 17 Sep 2022 13:11:24 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: ka-VIWPrrtUzckarTO-0y75HIFJl_u97pEK15XDWaTSMNMQHVu4Rlw== Age: 1694 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40 Sha1: 57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2 Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: fef9ce9f75ec19e7ae2ccbffb6654db2473a2b4acc94c1b4303e5ec24149465f 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "FEF9CE9F75EC19E7AE2CCBFFB6654DB2473A2B4ACC94C1B4303E5EC24149465F" Last-Modified: Thu, 15 Sep 2022 18:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3951 Expires: Sat, 17 Sep 2022 14:45:29 GMT Date: Sat, 17 Sep 2022 13:39:38 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 96daaf84cd2c07756756caf7a2724a29 Sha1: d24d47c68eec98d44bf341dab9d893df97103e1a Sha256: fef9ce9f75ec19e7ae2ccbffb6654db2473a2b4acc94c1b4303e5ec24149465f
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 143.204.55.25 HASH: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345 143.204.55.25 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Sat, 20 Aug 2022 23:18:05 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Sat, 17 Sep 2022 04:35:16 GMT etag: "742edb4038f38bc533514982f3d2e861" x-cache: Hit from cloudfront via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: 3YwUgOiMWW0PT13vfOHdAtNly7hGw6IjyopNdM99IkwxxQfHRg2KLg== age: 36536 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 742edb4038f38bc533514982f3d2e861 Sha1: cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1 Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Sat, 17 Sep 2022 13:39:38 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /oko/20605e21a427406/login.php?signin HTTP/1.1 Host: tinhbotnghenhungvan.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: tinhbotnghenhungvan.com/oko/20605e21a427406/login.php?signin FQDN: tinhbotnghenhungvan.com IP: 103.171.113.239 HASH: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a 103.171.113.239 HTTP/1.1 301 Moved Permanently Content-Type: text/html Server: nginx Date: Sat, 17 Sep 2022 13:39:38 GMT Content-Length: 162 Connection: keep-alive Location: https://tinhbotnghenhungvan.com/oko/20605e21a427406/login.php?signin --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 162 Md5: 4f8e702cc244ec5d4de32740c0ecbd97 Sha1: 3adb1f02d5b6054de0046e367c1d687b6cdf7aff Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.35 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 143.204.55.35 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Date: Sat, 17 Sep 2022 13:03:22 GMT Cache-Control: max-age=3600 Expires: Sat, 17 Sep 2022 13:41:05 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: q7sqRndmbwcRrzvo6JFqYKzyVK-0_ioLRxMv9FvllzAc8bP5ixUKug== Age: 2177 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 54987a5417af4a99d78532e502cf4685dd3372c1e9f717a8907f3d2b7c8926eb 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5549 Cache-Control: 'max-age=158059' Date: Sat, 17 Sep 2022 13:39:39 GMT Last-Modified: Sat, 17 Sep 2022 12:07:10 GMT Server: ECS (ska/F70C) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 9bf3402af9fef57aa11ffe2943728de4 Sha1: a3a443aab8226d212be9698623717dd06e46c720 Sha256: 54987a5417af4a99d78532e502cf4685dd3372c1e9f717a8907f3d2b7c8926eb
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: ce870bdbe26de443c942fad478b5b3f17baaf6576a02783c7ce32a926dc951d9 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "CE870BDBE26DE443C942FAD478B5B3F17BAAF6576A02783C7CE32A926DC951D9" Last-Modified: Thu, 15 Sep 2022 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21577 Expires: Sat, 17 Sep 2022 19:39:16 GMT Date: Sat, 17 Sep 2022 13:39:39 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 52c44b765690f530f6c2560a9ab16e76 Sha1: 62d7eca66981793f395d5be789fd346f8299c62f Sha256: ce870bdbe26de443c942fad478b5b3f17baaf6576a02783c7ce32a926dc951d9
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: lDN/N8qx5PamFnY4TGvNpA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 54.148.228.200 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 54.148.228.200 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: opQhayfP4FFW0Uwd3t67rWUqUHg= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: b1592dc8fc0d63052f66b7be9b5ff1f562f6fbd05f6365ce828758bfbb3f1a12 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 17 Sep 2022 13:39:40 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 4cc0aaf293fed6c16e1dde02c50c8f40 Sha1: e94f11cd8fa955f28856a02aa7115aa5f3626d98 Sha256: b1592dc8fc0d63052f66b7be9b5ff1f562f6fbd05f6365ce828758bfbb3f1a12
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: b1592dc8fc0d63052f66b7be9b5ff1f562f6fbd05f6365ce828758bfbb3f1a12 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 17 Sep 2022 13:39:40 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 4cc0aaf293fed6c16e1dde02c50c8f40 Sha1: e94f11cd8fa955f28856a02aa7115aa5f3626d98 Sha256: b1592dc8fc0d63052f66b7be9b5ff1f562f6fbd05f6365ce828758bfbb3f1a12
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: b1592dc8fc0d63052f66b7be9b5ff1f562f6fbd05f6365ce828758bfbb3f1a12 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 17 Sep 2022 13:39:40 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 4cc0aaf293fed6c16e1dde02c50c8f40 Sha1: e94f11cd8fa955f28856a02aa7115aa5f3626d98 Sha256: b1592dc8fc0d63052f66b7be9b5ff1f562f6fbd05f6365ce828758bfbb3f1a12
GET /wp-content/uploads/2021/10/hotline-1.png HTTP/1.1 Host: tinhbotnghenhungvan.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tinhbotnghenhungvan.com/oko/20605e21a427406/login.php?signin Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: tinhbotnghenhungvan.com/wp-content/uploads/2021/10/hotl (...) FQDN: tinhbotnghenhungvan.com IP: 103.171.113.239 HASH: 7ad609a64152d096681a5a726c69248c6ae38912bc10e7062fc618b41b06482f 103.171.113.239 HTTP/2 200 OK content-type: image/png server: nginx date: Sat, 17 Sep 2022 13:39:40 GMT content-length: 5938 last-modified: Wed, 20 Oct 2021 03:13:47 GMT etag: "616f896b-1732" x-powered-by: PleskLin accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 216 x 43, 8-bit/color RGBA, non-interlaced\012- data Size: 5938 Md5: 5570c68b0c4759409a55a6c75252a5a3 Sha1: 1e07ddf128588bbb2a17a5ffad65ce3663009574 Sha256: 7ad609a64152d096681a5a726c69248c6ae38912bc10e7062fc618b41b06482f
GET /wp-content/uploads/2021/09/logoo-tinhbotnghe.jpg HTTP/1.1 Host: tinhbotnghenhungvan.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tinhbotnghenhungvan.com/oko/20605e21a427406/login.php?signin Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: tinhbotnghenhungvan.com/wp-content/uploads/2021/09/logo (...) FQDN: tinhbotnghenhungvan.com IP: 103.171.113.239 HASH: e659e2bd2d6c791b4023e67365ea125c2a327de9ddb96e8f6dcd8f9393d3eee5 103.171.113.239 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Sat, 17 Sep 2022 13:39:40 GMT content-length: 17389 last-modified: Wed, 20 Oct 2021 03:13:47 GMT etag: "616f896b-43ed" x-powered-by: PleskLin accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 220x220, segment length 16, baseline, precision 8, 250x280, components 3\012- data Size: 17389 Md5: b7eb9182fc39778aefc37e5d8c1b7c36 Sha1: 411e5771da3a0caecce57a5511909cfb9a0aacc7 Sha256: e659e2bd2d6c791b4023e67365ea125c2a327de9ddb96e8f6dcd8f9393d3eee5
GET /css?family=Lobster HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tinhbotnghenhungvan.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css?family=Lobster FQDN: fonts.googleapis.com IP: 142.250.74.10 HASH: 1c4d7835c80311e6dec3050e3875aaf62e037f8cdb0ac571efcc3e502a2d2445 142.250.74.10 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Sat, 17 Sep 2022 13:39:40 GMT date: Sat, 17 Sep 2022 13:39:40 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 978 Md5: 7da0da8982d1cdab9523796ad74fb109 Sha1: 5a5a40e0e8f85533e20e3335961f1d676a412e96 Sha256: 1c4d7835c80311e6dec3050e3875aaf62e037f8cdb0ac571efcc3e502a2d2445
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.1 HTTP/1.1 Host: tinhbotnghenhungvan.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tinhbotnghenhungvan.com/oko/20605e21a427406/login.php?signin Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: tinhbotnghenhungvan.com/wp-content/plugins/contact-form (...) FQDN: tinhbotnghenhungvan.com IP: 103.171.113.239 HASH: ae1cc50e70cc1cb29e0de89ab2d6f6fc65b58fc7b58116b0f3af9eda0f34135e 103.171.113.239 HTTP/2 200 OK content-type: text/css server: nginx date: Sat, 17 Sep 2022 13:39:40 GMT last-modified: Wed, 20 Oct 2021 03:13:46 GMT etag: W/"616f896a-695" x-powered-by: PleskLin content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 1064 Md5: 47e6ce8aa05d2c14d9f7c285d579f524 Sha1: 869f2dd7a575f2f094d913fe233785454879e1c9 Sha256: ae1cc50e70cc1cb29e0de89ab2d6f6fc65b58fc7b58116b0f3af9eda0f34135e Alerts: Blocklists: - fortinet: Phishing
GET /wp-content/themes/tinh-bot-he/style.css?ver=3.0 HTTP/1.1 Host: tinhbotnghenhungvan.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tinhbotnghenhungvan.com/oko/20605e21a427406/login.php?signin Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: tinhbotnghenhungvan.com/wp-content/themes/tinh-bot-he/s (...) FQDN: tinhbotnghenhungvan.com IP: 103.171.113.239 HASH: 6ed3d7ebd221d23eddbbc8bcdba5dd5e4ce9d462072e1bd1f18cc954b2b2a0ee 103.171.113.239 HTTP/2 200 OK content-type: text/css server: nginx date: Sat, 17 Sep 2022 13:39:40 GMT x-accel-version: 0.01 last-modified: Wed, 20 Oct 2021 03:13:47 GMT etag: W/"130-5cec02a94f0c0" x-powered-by: PleskLin content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 text Size: 683 Md5: 26eb969224e1a9328eb4353554746907 Sha1: 86ca93d4100eb86125194beafbd550193cc4d12e Sha256: 6ed3d7ebd221d23eddbbc8bcdba5dd5e4ce9d462072e1bd1f18cc954b2b2a0ee Alerts: Blocklists: - fortinet: Phishing
GET /wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.7.2 HTTP/1.1 Host: tinhbotnghenhungvan.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tinhbotnghenhungvan.com/oko/20605e21a427406/login.php?signin Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: tinhbotnghenhungvan.com/wp-content/themes/flatsome/asse (...) FQDN: tinhbotnghenhungvan.com IP: 103.171.113.239 HASH: f9d23f25cf5b2def34ef5aa12a9dd73c83672ce3b4f01fc75c6407fb0c2a1db9 103.171.113.239 HTTP/2 200 OK content-type: text/css server: nginx date: Sat, 17 Sep 2022 13:39:40 GMT last-modified: Wed, 20 Oct 2021 03:13:47 GMT etag: W/"616f896b-2136c" x-powered-by: PleskLin content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65536), with no line terminators Size: 26256 Md5: 038b0db3de1c2702b0d556832c5664a2 Sha1: 0a3ea58ffc60c8b986d4628c1ce95e9d31e5ab78 Sha256: f9d23f25cf5b2def34ef5aa12a9dd73c83672ce3b4f01fc75c6407fb0c2a1db9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02" Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15453 Expires: Sat, 17 Sep 2022 17:57:13 GMT Date: Sat, 17 Sep 2022 13:39:40 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 4abe181b1d086cd7e122d7de32f63fb6 Sha1: e3482d4df0d59c247109ff7fb97f20ec6f142c4d Sha256: 63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
GET /wp-includes/js/hoverIntent.min.js?ver=1.10.1 HTTP/1.1 Host: tinhbotnghenhungvan.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tinhbotnghenhungvan.com/oko/20605e21a427406/login.php?signin Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: tinhbotnghenhungvan.com/wp-includes/js/hoverIntent.min. (...) FQDN: tinhbotnghenhungvan.com IP: 103.171.113.239 HASH: 8d6f2d806e8468ba6b3f693995ea1d22c0afffdc927091274f17c739f7637042 103.171.113.239 HTTP/2 200 OK content-type: application/javascript server: nginx date: Sat, 17 Sep 2022 13:39:40 GMT last-modified: Wed, 10 Mar 2021 15:25:20 GMT etag: W/"6048e4e0-5c8" x-powered-by: PleskLin content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1445) Size: 9156 Md5: 8a7056871f860089c0a1f0283bc474aa Sha1: 44ae1dfb483598bb7929369e3bb3cb766bd601ec Sha256: 8d6f2d806e8468ba6b3f693995ea1d22c0afffdc927091274f17c739f7637042 Alerts: Blocklists: - fortinet: Phishing
GET /wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.7.2 HTTP/1.1 Host: tinhbotnghenhungvan.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tinhbotnghenhungvan.com/oko/20605e21a427406/login.php?signin Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: tinhbotnghenhungvan.com/wp-content/themes/flatsome/asse (...) FQDN: tinhbotnghenhungvan.com IP: 103.171.113.239 HASH: 9c8b6d2d62f36ca6dca9018318e4d9716183c2f44475588357a5102d186cd183 103.171.113.239 HTTP/2 200 OK content-type: application/javascript server: nginx date: Sat, 17 Sep 2022 13:39:40 GMT last-modified: Wed, 20 Oct 2021 03:13:47 GMT etag: W/"616f896b-2765b" x-powered-by: PleskLin content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (19155) Size: 52696 Md5: 93b754a58d7360f3be9906004194170a Sha1: 1c9c0e8b4e49837a682b51608dcc5625791b431a Sha256: 9c8b6d2d62f36ca6dca9018318e4d9716183c2f44475588357a5102d186cd183 Alerts: Blocklists: - fortinet: Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.8.5 HTTP/1.1 Host: tinhbotnghenhungvan.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tinhbotnghenhungvan.com/oko/20605e21a427406/login.php?signin Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: tinhbotnghenhungvan.com/wp-includes/js/wp-emoji-release (...) FQDN: tinhbotnghenhungvan.com IP: 103.171.113.239 HASH: 005dd58c295c1adc8a4b3eae4e42311f1c8fe2e67ae88e2929f0f82fcf48a189 103.171.113.239 HTTP/2 200 OK content-type: application/javascript server: nginx date: Sat, 17 Sep 2022 13:39:40 GMT last-modified: Tue, 08 Jun 2021 22:15:12 GMT etag: W/"60bfebf0-4705" x-powered-by: PleskLin content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (15224) Size: 14635 Md5: dba86f197fe53f3911ab6266b98af76b Sha1: 9dca20829e9469ecc3301f9238612a12d475a3f8 Sha256: 005dd58c295c1adc8a4b3eae4e42311f1c8fe2e67ae88e2929f0f82fcf48a189
GET /wp-includes/js/wp-embed.min.js?ver=5.8.5 HTTP/1.1 Host: tinhbotnghenhungvan.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tinhbotnghenhungvan.com/oko/20605e21a427406/login.php?signin Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: tinhbotnghenhungvan.com/wp-includes/js/wp-embed.min.js? (...) FQDN: tinhbotnghenhungvan.com IP: 103.171.113.239 HASH: 92ce35638b34e233d1ab018384576db897925df85ac7e90fb3d13c59ad706efc 103.171.113.239 HTTP/2 200 OK content-type: application/javascript server: nginx date: Sat, 17 Sep 2022 13:39:40 GMT last-modified: Wed, 06 Jan 2021 15:29:24 GMT etag: W/"5ff5d754-592" x-powered-by: PleskLin content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1391) Size: 6773 Md5: 3613d3f8cc5389a255239e2dcad9ffc7 Sha1: 276fb1cfba63795e09ae2d99bfa5eff187cbf9fd Sha256: 92ce35638b34e233d1ab018384576db897925df85ac7e90fb3d13c59ad706efc Alerts: Blocklists: - fortinet: Phishing
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1 HTTP/1.1 Host: tinhbotnghenhungvan.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tinhbotnghenhungvan.com/oko/20605e21a427406/login.php?signin Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: tinhbotnghenhungvan.com/wp-content/plugins/contact-form (...) FQDN: tinhbotnghenhungvan.com IP: 103.171.113.239 HASH: 590640c7ee27416babf7101625fa9e77d83d5c2ba4b934aa22197b1083f2c341 103.171.113.239 HTTP/2 200 OK content-type: application/javascript server: nginx date: Sat, 17 Sep 2022 13:39:40 GMT last-modified: Wed, 20 Oct 2021 03:13:46 GMT etag: W/"616f896a-3868" x-powered-by: PleskLin content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 15948 Md5: 1089c40b4423a55f4e13c7b4b3e71efd Sha1: 0f27963274a0be99732719d8ff8fa34489496318 Sha256: 590640c7ee27416babf7101625fa9e77d83d5c2ba4b934aa22197b1083f2c341
GET /wp-content/themes/flatsome/inc/extensions/flatsome-lazy-load/flatsome-lazy-load.js?ver=1.0 HTTP/1.1 Host: tinhbotnghenhungvan.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tinhbotnghenhungvan.com/oko/20605e21a427406/login.php?signin Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: tinhbotnghenhungvan.com/wp-content/themes/flatsome/inc/ (...) FQDN: tinhbotnghenhungvan.com IP: 103.171.113.239 HASH: 9b5e89476803a5ee5991a8480b2d5873ef48e4cf9d270e788a0f9be15b56e707 103.171.113.239 HTTP/2 200 OK content-type: application/javascript server: nginx date: Sat, 17 Sep 2022 13:39:40 GMT last-modified: Wed, 20 Oct 2021 03:13:47 GMT etag: W/"616f896b-66b" x-powered-by: PleskLin content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 9659 Md5: da0a90e35038a002d51ce3363c2d2ab2 Sha1: a8b918846bed5febd519e35a790399219919b22e Sha256: 9b5e89476803a5ee5991a8480b2d5873ef48e4cf9d270e788a0f9be15b56e707 Alerts: Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: e55036d990bb7071b7e51e739b8650538ce67d821cc966b0baa99ff40220973b 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5279 Cache-Control: 'max-age=158059' Date: Sat, 17 Sep 2022 13:39:40 GMT Last-Modified: Sat, 17 Sep 2022 12:11:41 GMT Server: ECS (ska/F70C) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 924cca70f1f5ba02eb6af21a65e0bdd1 Sha1: 3baa75b1ea32068f96cfd5060e4e1eda71c61da8 Sha256: e55036d990bb7071b7e51e739b8650538ce67d821cc966b0baa99ff40220973b
GET /wp-content/uploads/2019/02/14348243-0-phone-calling-1528453278.gif HTTP/1.1 Host: tinhbotnghenhungvan.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tinhbotnghenhungvan.com/oko/20605e21a427406/login.php?signin Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: tinhbotnghenhungvan.com/wp-content/uploads/2019/02/1434 (...) FQDN: tinhbotnghenhungvan.com IP: 103.171.113.239 HASH: 60b5a7f8395205d2d4d8c1d53c7fe09d35266cd60ed0332510f77060ff530236 103.171.113.239 HTTP/2 200 OK content-type: image/gif server: nginx date: Sat, 17 Sep 2022 13:39:40 GMT content-length: 208813 last-modified: Wed, 20 Oct 2021 03:13:47 GMT etag: "616f896b-32fad" x-powered-by: PleskLin accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 800 x 600\012- data Size: 208813 Md5: 0a9b2f8be4b68c99266eac77d7de0a65 Sha1: 75239b25b00aac6f0de0e2e5847f0b45ad30d6b0 Sha256: 60b5a7f8395205d2d4d8c1d53c7fe09d35266cd60ed0332510f77060ff530236
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: e55036d990bb7071b7e51e739b8650538ce67d821cc966b0baa99ff40220973b 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5280 Cache-Control: 'max-age=158059' Date: Sat, 17 Sep 2022 13:39:41 GMT Last-Modified: Sat, 17 Sep 2022 12:11:41 GMT Server: ECS (ska/F70C) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 924cca70f1f5ba02eb6af21a65e0bdd1 Sha1: 3baa75b1ea32068f96cfd5060e4e1eda71c61da8 Sha256: e55036d990bb7071b7e51e739b8650538ce67d821cc966b0baa99ff40220973b
GET /rsrc.php/v3iLl54/y-/l/en_US/FcvJBB0C3rJ.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.facebook.com Connection: keep-alive Referer: https://www.facebook.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: static.xx.fbcdn.net/rsrc.php/v3iLl54/y-/l/en_US/FcvJBB0 (...) FQDN: static.xx.fbcdn.net IP: 31.13.72.12 HASH: 9c68febd9ec67b45b9142a70128f1ab52fe3ec35b1d5749d15387ea514c8743a 31.13.72.12 HTTP/2 200 OK content-type: application/x-javascript; charset=utf-8 content-encoding: br last-modified: Mon, 01 Jan 2001 08:00:00 GMT expires: Sun, 17 Sep 2023 02:51:18 GMT cache-control: public,max-age=31536000,immutable x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff timing-allow-origin: * content-md5: /+e3nOfKJvb3CN3R047j5w== x-fb-debug: iyPckTxc3HTw2NX3Zyt7LgL09ujmTX3NgqOTW0nPcIDeIwhS47q65G5zcOnMNgvo1G6e2cTMHzfirBXAgbDqFg== priority: u=3,i content-length: 8455 x-fb-trip-id: 1904183273 date: Sat, 17 Sep 2022 13:39:41 GMT access-control-allow-origin: https://www.facebook.com vary: Origin alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (2973) Size: 8455 Md5: ffe7b79ce7ca26f6f708ddd1d38ee3e7 Sha1: 6380b17543d221a6934c145232fc385aa965fa1d Sha256: 9c68febd9ec67b45b9142a70128f1ab52fe3ec35b1d5749d15387ea514c8743a
GET /rsrc.php/v3/yC/r/5RJiTHn6lGN.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.facebook.com Connection: keep-alive Referer: https://www.facebook.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: static.xx.fbcdn.net/rsrc.php/v3/yC/r/5RJiTHn6lGN.js?_nc (...) FQDN: static.xx.fbcdn.net IP: 31.13.72.12 HASH: 0ffe4a73f2d08fa7dae5286e54d9e1f779422452cedfb44422a90ed24d409617 31.13.72.12 HTTP/2 200 OK content-type: application/x-javascript; charset=utf-8 content-encoding: br last-modified: Mon, 01 Jan 2001 08:00:00 GMT expires: Sun, 17 Sep 2023 00:05:18 GMT cache-control: public,max-age=31536000,immutable x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff timing-allow-origin: * content-md5: vmTNFzCQ46mOOKQi1ZMMVg== x-fb-debug: +vySrWjEndZQFSjiEyL/F/9BW8CB1W+6NhMx0Yc2urSt5vAda/cN8Cve3Gz+MmDQ92vwoF3fff4adaprcucqqQ== priority: u=3,i content-length: 9071 x-fb-trip-id: 1904183273 date: Sat, 17 Sep 2022 13:39:41 GMT access-control-allow-origin: https://www.facebook.com vary: Origin alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (9954) Size: 9071 Md5: be64cd173090e3a98e38a422d5930c56 Sha1: 5c196fb94edb4d634bad160a99f3918260d23be3 Sha256: 0ffe4a73f2d08fa7dae5286e54d9e1f779422452cedfb44422a90ed24d409617
GET /rsrc.php/v3/yM/r/a3eZamQ9G_u.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.facebook.com Connection: keep-alive Referer: https://www.facebook.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: static.xx.fbcdn.net/rsrc.php/v3/yM/r/a3eZamQ9G_u.js?_nc (...) FQDN: static.xx.fbcdn.net IP: 31.13.72.12 HASH: dda01b644519466b782011bfbd33c652b8b7a691145ac1dfb314ba14ff86077d 31.13.72.12 HTTP/2 200 OK content-type: application/x-javascript; charset=utf-8 content-encoding: br last-modified: Mon, 01 Jan 2001 08:00:00 GMT expires: Sun, 17 Sep 2023 03:05:26 GMT cache-control: public,max-age=31536000,immutable x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff timing-allow-origin: * content-md5: RJohu9F/SyjiCbYqUg8owA== x-fb-debug: xLHNhHLkr178H32HmhWjyNtmtDdH79gwx6Ov+KRXz+EHsvrsVt1+4OrKPgTmc0jMt0ylpISYrIqLJwoevWef/A== content-length: 91358 x-fb-trip-id: 1904183273 date: Sat, 17 Sep 2022 13:39:41 GMT access-control-allow-origin: https://www.facebook.com vary: Origin alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (18569) Size: 91358 Md5: 449a21bbd17f4b28e209b62a520f28c0 Sha1: b63a99e69f6ed688707a0f4851c0a88fe5cb6faa Sha256: dda01b644519466b782011bfbd33c652b8b7a691145ac1dfb314ba14ff86077d
GET /rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.facebook.com Connection: keep-alive Referer: https://www.facebook.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc (...) FQDN: static.xx.fbcdn.net IP: 31.13.72.12 HASH: 74dcbe026002f10b703960a500b50dabe518862e568a9e689dec7afa243fa44d 31.13.72.12 HTTP/2 200 OK content-type: application/x-javascript; charset=utf-8 content-encoding: br last-modified: Mon, 01 Jan 2001 08:00:00 GMT expires: Sat, 16 Sep 2023 23:45:42 GMT cache-control: public,max-age=31536000,immutable x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff timing-allow-origin: * content-md5: dvWT6EJnf3PNCgYjKHSyww== x-fb-debug: lM3KJYxm5gRN0ZwSObgg0TF11Hk8r7NRw/G9YTck8t7gcNgsvzkJ52o8Yvy0CGSVTVDE00fYfn0by83tLznRgA== content-length: 338 x-fb-trip-id: 1904183273 date: Sat, 17 Sep 2022 13:39:41 GMT access-control-allow-origin: https://www.facebook.com vary: Origin alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (327) Size: 338 Md5: 76f593e842677f73cd0a06232874b2c3 Sha1: 25a13f79478d5a0e286a2299dca2f3b296463079 Sha256: 74dcbe026002f10b703960a500b50dabe518862e568a9e689dec7afa243fa44d
GET /rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.facebook.com Connection: keep-alive Referer: https://www.facebook.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/4_8X-2u0CD (...) FQDN: static.xx.fbcdn.net IP: 31.13.72.12 HASH: 476822c80e0a0ee078edb7a74db59378f8b1d43d2de844e28a9e9c2f68a4c8d8 31.13.72.12 HTTP/2 200 OK content-type: text/css; charset=utf-8 content-encoding: br last-modified: Mon, 01 Jan 2001 08:00:00 GMT expires: Sun, 17 Sep 2023 02:34:03 GMT cache-control: public,max-age=31536000,immutable x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff timing-allow-origin: * content-md5: KZc887Dvnxb+Me2YGy9lcw== x-fb-debug: yHaVsWKUn5XaCek7JWQWqBHp73k4n7rZGOKYjUAlCOgsl3pJ5HBerO7+9gE7Ns+HF/UbPGzI6RNEuJW+jkzCFw== priority: u=3,i content-length: 827 x-fb-trip-id: 1904183273 date: Sat, 17 Sep 2022 13:39:41 GMT access-control-allow-origin: https://www.facebook.com vary: Origin alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (724) Size: 827 Md5: 29973cf3b0ef9f16fe31ed981b2f6573 Sha1: f22eb80b89b5e0ae9ace854aab6676d56eaef6a1 Sha256: 476822c80e0a0ee078edb7a74db59378f8b1d43d2de844e28a9e9c2f68a4c8d8
GET /rsrc.php/v3/yx/r/kl5QvbCz5Lo.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.facebook.com Connection: keep-alive Referer: https://www.facebook.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: static.xx.fbcdn.net/rsrc.php/v3/yx/r/kl5QvbCz5Lo.js?_nc (...) FQDN: static.xx.fbcdn.net IP: 31.13.72.12 HASH: 3c2783c57f48e1b749c1065ddcdf2f5184582a2bc799b1ee832fdf79c62b9557 31.13.72.12 HTTP/2 200 OK content-type: application/x-javascript; charset=utf-8 content-encoding: br last-modified: Mon, 01 Jan 2001 08:00:00 GMT expires: Sun, 17 Sep 2023 00:25:08 GMT cache-control: public,max-age=31536000,immutable x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff timing-allow-origin: * content-md5: dhTvumF+I1roZJEeFaY6Jw== x-fb-debug: qPt6wiIL6JTzYGXa8ZfctEouna6ChUt49gSNDx3TJM7bSdbfeVgZ0zb+AvTRx7X09aQsrdDD23ldd6Zj1qMekg== content-length: 7311 x-fb-trip-id: 1904183273 date: Sat, 17 Sep 2022 13:39:41 GMT access-control-allow-origin: https://www.facebook.com vary: Origin alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (4129) Size: 7311 Md5: 7614efba617e235ae864911e15a63a27 Sha1: 5eb6ee4e1d2db3866ebcbc35b76352c719c36255 Sha256: 3c2783c57f48e1b749c1065ddcdf2f5184582a2bc799b1ee832fdf79c62b9557
GET /rsrc.php/v3iEpO4/y4/l/en_US/aToexfaV0S1.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.facebook.com Connection: keep-alive Referer: https://www.facebook.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: static.xx.fbcdn.net/rsrc.php/v3iEpO4/y4/l/en_US/aToexfa (...) FQDN: static.xx.fbcdn.net IP: 31.13.72.12 HASH: b49ba6b6ba373668ac5d82d37a0aa689d913579384477b5a7b8be059c2c2bd96 31.13.72.12 HTTP/2 200 OK content-type: application/x-javascript; charset=utf-8 content-encoding: br last-modified: Mon, 01 Jan 2001 08:00:00 GMT expires: Sat, 16 Sep 2023 00:46:52 GMT cache-control: public,max-age=31536000,immutable x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff timing-allow-origin: * content-md5: WNvusaI7tE+r8sUOCIShcA== x-fb-debug: jLvJQ5kQiAJbbOztlhwuWfCptGnDxGZ0+x683Fce/lG1zDVU7bx3FFe6M9HBasUZnjzVFWmpI3CSMmdJE1JptA== content-length: 23388 x-fb-trip-id: 1904183273 date: Sat, 17 Sep 2022 13:39:41 GMT access-control-allow-origin: https://www.facebook.com vary: Origin alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (42045) Size: 23388 Md5: 58dbeeb1a23bb44fabf2c50e0884a170 Sha1: c3c6a7b58d90c4b7b135758d99911465794dd9a2 Sha256: b49ba6b6ba373668ac5d82d37a0aa689d913579384477b5a7b8be059c2c2bd96
GET /rsrc.php/v3/yS/l/0,cross/y-fVScwktOf.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.facebook.com Connection: keep-alive Referer: https://www.facebook.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/y-fVScwktO (...) FQDN: static.xx.fbcdn.net IP: 31.13.72.12 HASH: 6c28becc9f55376dcbc55265c5ce4342816239c60c65e9c1b41cbb2106ff7e2c 31.13.72.12 HTTP/2 200 OK content-type: text/css; charset=utf-8 content-encoding: br last-modified: Mon, 01 Jan 2001 08:00:00 GMT expires: Sun, 17 Sep 2023 02:44:33 GMT cache-control: public,max-age=31536000,immutable x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff timing-allow-origin: * content-md5: itpayv6mWWuOkL8QvAAMRg== x-fb-debug: I7nrLw/M+PWM31t/qhRnG7aUiudZRnlD4tQmOGkBblfNWxWUDTF5j/mOifGxdPfmfPYFzsuIMQNsGaYs5WukDg== content-length: 5175 x-fb-trip-id: 1904183273 date: Sat, 17 Sep 2022 13:39:41 GMT access-control-allow-origin: https://www.facebook.com vary: Origin alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (4093) Size: 5175 Md5: 8ada5acafea6596b8e90bf10bc000c46 Sha1: 8b07405e279aaaa7e10831e606d6da4571e5c8da Sha256: 6c28becc9f55376dcbc55265c5ce4342816239c60c65e9c1b41cbb2106ff7e2c
GET /rsrc.php/v3/yI/r/p7aKdtolv_W.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.facebook.com Connection: keep-alive Referer: https://www.facebook.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: static.xx.fbcdn.net/rsrc.php/v3/yI/r/p7aKdtolv_W.js?_nc (...) FQDN: static.xx.fbcdn.net IP: 31.13.72.12 HASH: e6456b195e1064b44db169404417d1c68777133c14d6188bd9ffdfc60e70393c 31.13.72.12 HTTP/2 200 OK content-type: application/x-javascript; charset=utf-8 content-encoding: br last-modified: Mon, 01 Jan 2001 08:00:00 GMT expires: Sun, 17 Sep 2023 00:25:07 GMT cache-control: public,max-age=31536000,immutable x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff timing-allow-origin: * content-md5: rc0BsZdUmrBe1UdGqBFR+A== x-fb-debug: 84dM+XUG+EjSql7h2FLj/hqPiaU/uyBnOSbpTFJ85zbVoO5Tv/aYtpwsZtfH/Nmcvj9P6DfgpBtdBVgP4AR8Rw== priority: u=3,i content-length: 12252 x-fb-trip-id: 1904183273 date: Sat, 17 Sep 2022 13:39:41 GMT access-control-allow-origin: https://www.facebook.com vary: Origin alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (5329) Size: 12252 Md5: adcd01b197549ab05ed54746a81151f8 Sha1: edb56528c008d8a431e350179ff6df1aa40c2ae6 Sha256: e6456b195e1064b44db169404417d1c68777133c14d6188bd9ffdfc60e70393c
GET /rsrc.php/v3/yd/r/ntijSEq_uQT.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.facebook.com Connection: keep-alive Referer: https://www.facebook.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: static.xx.fbcdn.net/rsrc.php/v3/yd/r/ntijSEq_uQT.js?_nc (...) FQDN: static.xx.fbcdn.net IP: 31.13.72.12 HASH: d78f36b2062bcb9f609e318cb082657e04ad0d1c89b090d7a88b44d1b390fcd1 31.13.72.12 HTTP/2 200 OK content-type: application/x-javascript; charset=utf-8 content-encoding: br last-modified: Mon, 01 Jan 2001 08:00:00 GMT expires: Sat, 16 Sep 2023 23:21:31 GMT cache-control: public,max-age=31536000,immutable x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff timing-allow-origin: * content-md5: LmuPtcmfZfApCRChCNcLWQ== x-fb-debug: Zt64ASrpp5OUDfsLnVtdGRz6nuLFvNqeyvJ9ptFXxfm3Gak9Sv0oA6QVzyp61RxzloPXUkNx11XOWElmUGtD9w== content-length: 15970 x-fb-trip-id: 1904183273 date: Sat, 17 Sep 2022 13:39:41 GMT access-control-allow-origin: https://www.facebook.com vary: Origin alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: C source, ASCII text, with very long lines (7367) Size: 15970 Md5: 2e6b8fb5c99f65f0290910a108d70b59 Sha1: 259614e8da07b8bb8f9f97145960c80d5a3a8301 Sha256: d78f36b2062bcb9f609e318cb082657e04ad0d1c89b090d7a88b44d1b390fcd1
GET /wp-content/uploads/2019/02/thong-bao.png HTTP/1.1 Host: tinhbotnghenhungvan.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tinhbotnghenhungvan.com/oko/20605e21a427406/login.php?signin Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: tinhbotnghenhungvan.com/wp-content/uploads/2019/02/thon (...) FQDN: tinhbotnghenhungvan.com IP: 103.171.113.239 HASH: 0a3984617bdd26e8134a871437d390b1a0d42e80c27b4050d9a9f5096336e9a6 103.171.113.239 HTTP/2 200 OK content-type: image/png server: nginx date: Sat, 17 Sep 2022 13:39:41 GMT content-length: 9806 last-modified: Wed, 20 Oct 2021 03:13:47 GMT etag: "616f896b-264e" x-powered-by: PleskLin accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 130 x 49, 8-bit/color RGBA, non-interlaced\012- data Size: 9806 Md5: 6932d216ddf510c48550cc171fa3021d Sha1: 7bca7eed81ce5bfc882f61cf98495a257ca61e0d Sha256: 0a3984617bdd26e8134a871437d390b1a0d42e80c27b4050d9a9f5096336e9a6
GET /wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2 HTTP/1.1 Host: tinhbotnghenhungvan.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: https://tinhbotnghenhungvan.com/wp-content/themes/flatsome/assets/css/fl-icons.css Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: tinhbotnghenhungvan.com/wp-content/themes/flatsome/asse (...) FQDN: tinhbotnghenhungvan.com IP: 103.171.113.239 HASH: f9ddd585e9e65c686ae9ea771a5c9ec9cb17445fe27e8ff68cfb77750fb8cd0e 103.171.113.239 HTTP/2 200 OK content-type: font/woff2 server: nginx date: Sat, 17 Sep 2022 13:39:41 GMT content-length: 5496 last-modified: Wed, 20 Oct 2021 03:13:47 GMT etag: "616f896b-1578" x-powered-by: PleskLin accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 5496, version 1.0\012- data Size: 5496 Md5: 7c6fbd8a2fc6d6788ac753dabb971aff Sha1: 39d1384aa489b5d4616f8ecfe5b9f682f1a7a40a Sha256: f9ddd585e9e65c686ae9ea771a5c9ec9cb17445fe27e8ff68cfb77750fb8cd0e Alerts: Blocklists: - fortinet: Phishing
GET /ajax/libs/webfont/1/webfont.js HTTP/1.1 Host: ajax.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tinhbotnghenhungvan.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: ajax.googleapis.com/ajax/libs/webfont/1/webfont.js FQDN: ajax.googleapis.com IP: 142.250.74.74 HASH: 4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b 142.250.74.74 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers" report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} timing-allow-origin: * content-length: 5437 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 14 Sep 2022 19:36:43 GMT expires: Thu, 14 Sep 2023 19:36:43 GMT cache-control: public, max-age=31536000, stale-while-revalidate=2592000 age: 237778 last-modified: Tue, 03 Mar 2020 19:15:00 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (2134) Size: 5437 Md5: 30ca3165d143baf2835023bfcf463450 Sha1: 62c662c0873b79a314c040fef28dcd29abb14480 Sha256: 4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b
GET /rsrc.php/v3/yH/r/xgVgalBG80z.png HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/y-fVScwktOf.css?_nc_x=Ij3Wp8lg5Kz Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png FQDN: static.xx.fbcdn.net IP: 31.13.72.12 HASH: 446fe17053663555bb6e7fe3ef126484f4d64bb109b0226e28e7042bb95c26df 31.13.72.12 HTTP/2 200 OK content-type: image/png access-control-allow-origin: * last-modified: Mon, 01 Jan 2001 08:00:00 GMT content-md5: rB4cTW8WNZcBsFntToJGtA== expires: Sat, 16 Sep 2023 23:53:26 GMT cache-control: public,max-age=31536000,immutable x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff timing-allow-origin: * x-fb-debug: 1DfSeFMget/+jUtg3eO7B8onAj4coBQBhZkn3RaHK5kyVXciAmeHS8fNYStirCkLA5zU0e+WfgNQ3rjj6+Twqg== content-length: 1315 x-fb-trip-id: 1904183273 date: Sat, 17 Sep 2022 13:39:41 GMT alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: gzip compressed data, max compression\012- data Size: 2104 Md5: 2e81e9467eed1885ee8330b4774bc274 Sha1: e7fc6a4b2c20de48cbcbc5788ac019f77f9cf456 Sha256: 446fe17053663555bb6e7fe3ef126484f4d64bb109b0226e28e7042bb95c26df Alerts: File Analyzers: - virustotal: 0/0
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 2b9cd0f540eb0916ad5c3ee63dbc8ee57570c3eaae7aeabca5c8cb03a3c73c32 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 17 Sep 2022 13:39:41 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 8fb510c0e0fbff6302a68eb385520e3f Sha1: cd5149c6ffc7ee3d90e9e6884af8e02f44c7ab00 Sha256: 2b9cd0f540eb0916ad5c3ee63dbc8ee57570c3eaae7aeabca5c8cb03a3c73c32
GET /wp-content/uploads/2021/09/cropped-logoo-tinhbotnghe-192x192.jpg HTTP/1.1 Host: tinhbotnghenhungvan.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tinhbotnghenhungvan.com/oko/20605e21a427406/login.php?signin Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: tinhbotnghenhungvan.com/wp-content/uploads/2021/09/crop (...) FQDN: tinhbotnghenhungvan.com IP: 103.171.113.239 HASH: aaa9c3fa5289da5f52acc49688392c42f2f39a107d5487572532c3209077ecdd 103.171.113.239 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Sat, 17 Sep 2022 13:39:41 GMT content-length: 7454 last-modified: Wed, 20 Oct 2021 03:13:47 GMT etag: "616f896b-1d1e" x-powered-by: PleskLin accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 220x220, segment length 16, baseline, precision 8, 192x192, components 3\012- data Size: 7454 Md5: fbd484558afe9ac66d909569757d7d19 Sha1: ca79b318196f07b54acbf856ed7b4d87c5b2ae91 Sha256: aaa9c3fa5289da5f52acc49688392c42f2f39a107d5487572532c3209077ecdd
GET /wp-content/uploads/2021/09/cropped-logoo-tinhbotnghe-32x32.jpg HTTP/1.1 Host: tinhbotnghenhungvan.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tinhbotnghenhungvan.com/oko/20605e21a427406/login.php?signin Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: tinhbotnghenhungvan.com/wp-content/uploads/2021/09/crop (...) FQDN: tinhbotnghenhungvan.com IP: 103.171.113.239 HASH: b6f74386908d39eab9cdf68b3ef27b9d323a2621bccea32e59c65c49449618ae 103.171.113.239 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Sat, 17 Sep 2022 13:39:41 GMT content-length: 756 x-accel-version: 0.01 last-modified: Wed, 20 Oct 2021 03:13:47 GMT etag: "2f4-5cec02a94f0c0" accept-ranges: bytes x-powered-by: PleskLin X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 220x220, segment length 16, baseline, precision 8, 32x32, components 3\012- data Size: 756 Md5: 5084eb2f7ab38fdd13843cf7fc609957 Sha1: 4f54ca81bbcd564d3182f13bb97f769017a8ba4f Sha256: b6f74386908d39eab9cdf68b3ef27b9d323a2621bccea32e59c65c49449618ae
GET /rsrc.php/v3/yF/l/0,cross/I_DGZeWwnml.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.facebook.com Connection: keep-alive Referer: https://www.facebook.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/I_DGZeWwnm (...) FQDN: static.xx.fbcdn.net IP: 31.13.72.12 HASH: 064e887f9f9c30f3d45ce79a8d344a7cf6f83164ee979105f0d03088fe3626d2 31.13.72.12 HTTP/2 200 OK content-type: text/css; charset=utf-8 content-encoding: br last-modified: Mon, 01 Jan 2001 08:00:00 GMT expires: Sun, 17 Sep 2023 03:10:20 GMT cache-control: public,max-age=31536000,immutable x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff timing-allow-origin: * content-md5: b/Cv+5Oss+IQ1otQ1n3UPA== x-fb-debug: 1k0YT61gEOsVo+gRLdCvZDZ+4jMl7aJP0BxpBHXfOn4A9E5meFGYePVhRdOUNi2wCow/hQZVxW5CdauFrCe1Fw== content-length: 4606 x-fb-trip-id: 1904183273 date: Sat, 17 Sep 2022 13:39:42 GMT access-control-allow-origin: https://www.facebook.com vary: Origin alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: assembler source, ASCII text, with very long lines (2642) Size: 4606 Md5: 6ff0affb93acb3e210d68b50d67dd43c Sha1: 932473e9c54275389c9ffd6bb3d088800e4f154a Sha256: 064e887f9f9c30f3d45ce79a8d344a7cf6f83164ee979105f0d03088fe3626d2
GET /rsrc.php/v3/yu/r/tLeBibDCksM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.facebook.com Connection: keep-alive Referer: https://www.facebook.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: static.xx.fbcdn.net/rsrc.php/v3/yu/r/tLeBibDCksM.js?_nc (...) FQDN: static.xx.fbcdn.net IP: 31.13.72.12 HASH: 891f8a911ac14dd94fd9304ec212936b923edf1241926038498366b4e613e693 31.13.72.12 HTTP/2 200 OK content-type: application/x-javascript; charset=utf-8 content-encoding: br last-modified: Mon, 01 Jan 2001 08:00:00 GMT expires: Sun, 17 Sep 2023 00:14:19 GMT cache-control: public,max-age=31536000,immutable x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff timing-allow-origin: * content-md5: 6XkQh/QDXD+NA3ZGMVuDrw== x-fb-debug: MvXjV9/5gGdNaS36plzHbFplJPqAmNtDJi5ITRkToK3GqEB5kRsJrn1H9ye74hPy03uEvBncry3k+lCZFnlezQ== priority: u=3,i content-length: 5589 x-fb-trip-id: 1904183273 date: Sat, 17 Sep 2022 13:39:42 GMT access-control-allow-origin: https://www.facebook.com vary: Origin alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65536), with no line terminators Size: 31949 Md5: 965cd2250d2293334bc6011467e1e424 Sha1: 43f1888010dfd74e495ea35a5bf75a16d617b1e6 Sha256: 891f8a911ac14dd94fd9304ec212936b923edf1241926038498366b4e613e693
GET /rsrc.php/v3/ye/r/XDHvEcqWdwa.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.facebook.com Connection: keep-alive Referer: https://www.facebook.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: static.xx.fbcdn.net/rsrc.php/v3/ye/r/XDHvEcqWdwa.js?_nc (...) FQDN: static.xx.fbcdn.net IP: 31.13.72.12 HASH: e24d9fbdc6030d69085c14404dcd88b0e76b840006a525a8db70a7c09112dea5 31.13.72.12 HTTP/2 200 OK content-type: application/x-javascript; charset=utf-8 content-encoding: br last-modified: Mon, 01 Jan 2001 08:00:00 GMT expires: Sat, 16 Sep 2023 23:57:32 GMT cache-control: public,max-age=31536000,immutable x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff timing-allow-origin: * content-md5: /ypceFcN0/V7NRsUc4GGGA== x-fb-debug: WsIfWr2iECSuVYDDdCJF635w1GMivonw6bT0RVtTBuAJhcistrf/gf93egzo8CGh5VZ71myutgUJlcMQRHa/qg== content-length: 5267 x-fb-trip-id: 1904183273 date: Sat, 17 Sep 2022 13:39:42 GMT access-control-allow-origin: https://www.facebook.com vary: Origin alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 5366 Md5: deab418cf90b4bdc8c47ce76af962d81 Sha1: b91733fa7cb98c08e465b82540dcc70286c31838 Sha256: e24d9fbdc6030d69085c14404dcd88b0e76b840006a525a8db70a7c09112dea5
GET /rsrc.php/v3/yb/l/0,cross/cwBc1FhMd71.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.facebook.com Connection: keep-alive Referer: https://www.facebook.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: static.xx.fbcdn.net/rsrc.php/v3/yb/l/0,cross/cwBc1FhMd7 (...) FQDN: static.xx.fbcdn.net IP: 31.13.72.12 HASH: 4b8a4e5210ff0605bf57f43ea41b0ca2af6ca9aac060626a5457150810db8f2a 31.13.72.12 HTTP/2 200 OK content-type: text/css; charset=utf-8 content-encoding: br last-modified: Mon, 01 Jan 2001 08:00:00 GMT expires: Sat, 16 Sep 2023 23:56:46 GMT cache-control: public,max-age=31536000,immutable x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff timing-allow-origin: * content-md5: QqSj4c8oBYvCLrg3tPfTlA== x-fb-debug: ZK4FegtReklFyOti2CUmqNJXnQeims2Y/ADk68aBiH5/nP1INtn48koCwS5bEz5Xc41g5JlOudoHrSdC5+jEJw== content-length: 4392 x-fb-trip-id: 1904183273 date: Sat, 17 Sep 2022 13:39:42 GMT access-control-allow-origin: https://www.facebook.com vary: Origin alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (10262) Size: 4392 Md5: 42a4a3e1cf28058bc22eb837b4f7d394 Sha1: 94a1e3b3ef7b5b78bc4212044f67677eb3b91c48 Sha256: 4b8a4e5210ff0605bf57f43ea41b0ca2af6ca9aac060626a5457150810db8f2a
GET /rsrc.php/v3/yb/l/0,cross/XoZYMn1tCJX.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.facebook.com Connection: keep-alive Referer: https://www.facebook.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: static.xx.fbcdn.net/rsrc.php/v3/yb/l/0,cross/XoZYMn1tCJ (...) FQDN: static.xx.fbcdn.net IP: 31.13.72.12 HASH: 1a897babe25dd7a40fe559da449b5f07506f35aa8ead0115bbd55819d6b0c6d2 31.13.72.12 HTTP/2 200 OK content-type: text/css; charset=utf-8 content-encoding: br last-modified: Mon, 01 Jan 2001 08:00:00 GMT expires: Sun, 17 Sep 2023 00:42:27 GMT cache-control: public,max-age=31536000,immutable x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff timing-allow-origin: * content-md5: cVJelglnJTCt90SftyDe1A== x-fb-debug: mP41lqS+bCSjOJ3wdwDIyrOCmQzQMINU7Zs1nnODb/cgLjK9K88qjS4vDurpJNVDbbGBL7MFGAp/vYCibZTKZg== priority: u=1,i content-length: 830 x-fb-trip-id: 1904183273 date: Sat, 17 Sep 2022 13:39:42 GMT access-control-allow-origin: https://www.facebook.com vary: Origin alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1754) Size: 830 Md5: 71525e9609672530adf7449fb720ded4 Sha1: 1e15747b57136f6cb2793b0503836e4f8aa12b05 Sha256: 1a897babe25dd7a40fe559da449b5f07506f35aa8ead0115bbd55819d6b0c6d2
GET /rsrc.php/v3/yx/r/OnlkVBHmhU5.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.facebook.com Connection: keep-alive Referer: https://www.facebook.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: static.xx.fbcdn.net/rsrc.php/v3/yx/r/OnlkVBHmhU5.js?_nc (...) FQDN: static.xx.fbcdn.net IP: 31.13.72.12 HASH: 835037446a5392ff50b01617d33122a078a8ad886e9d07dbabeb91f02b4c9999 31.13.72.12 HTTP/2 200 OK content-type: application/x-javascript; charset=utf-8 content-encoding: br last-modified: Mon, 01 Jan 2001 08:00:00 GMT expires: Sun, 17 Sep 2023 02:58:18 GMT cache-control: public,max-age=31536000,immutable x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff timing-allow-origin: * content-md5: I7j9bD9KUVSjPzweNdy5Dw== x-fb-debug: UnZ2Cv2TL5uX5gNe/yS92prZJ8zrFO3tDBKvWQAClcsy12q0QV0eYMDGGJQvIKq+cgk62D4iK/EmU4RF5FYScw== priority: u=3,i content-length: 16371 x-fb-trip-id: 1904183273 date: Sat, 17 Sep 2022 13:39:42 GMT access-control-allow-origin: https://www.facebook.com vary: Origin alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (15853) Size: 16371 Md5: 23b8fd6c3f4a5154a33f3c1e35dcb90f Sha1: 4423853ce11522c7524269013e7753c7f6213c8c Sha256: 835037446a5392ff50b01617d33122a078a8ad886e9d07dbabeb91f02b4c9999
GET /rsrc.php/v3iEBX4/yV/l/en_US/CBpXBwkeiMb.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.facebook.com Connection: keep-alive Referer: https://www.facebook.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: static.xx.fbcdn.net/rsrc.php/v3iEBX4/yV/l/en_US/CBpXBwk (...) FQDN: static.xx.fbcdn.net IP: 31.13.72.12 HASH: af75b48fdd20abff68ab1328c1ac768b379ca856e881928999b2d53ee0de519a 31.13.72.12 HTTP/2 200 OK content-type: application/x-javascript; charset=utf-8 content-encoding: br last-modified: Mon, 01 Jan 2001 08:00:00 GMT expires: Sat, 16 Sep 2023 01:02:19 GMT cache-control: public,max-age=31536000,immutable x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff timing-allow-origin: * content-md5: juxbgiLk4grn/enp7AP6Ww== x-fb-debug: Lk9lGO4hcjoz7yFDlh1s1kWXNiUf6JXVbnVUOF348Bd2vsYv1TzCiB0upjtANr3JPV+lBP0eTjPUTf3ro8RtzA== content-length: 8502 x-fb-trip-id: 1904183273 date: Sat, 17 Sep 2022 13:39:42 GMT access-control-allow-origin: https://www.facebook.com vary: Origin alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (6030) Size: 8502 Md5: 8eec5b8222e4e20ae7fde9e9ec03fa5b Sha1: 0d86a7995567e84f483559569f6dff454ece6c24 Sha256: af75b48fdd20abff68ab1328c1ac768b379ca856e881928999b2d53ee0de519a
GET /rsrc.php/v3/yb/r/DVU7dWqvHXN.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.facebook.com Connection: keep-alive Referer: https://www.facebook.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: static.xx.fbcdn.net/rsrc.php/v3/yb/r/DVU7dWqvHXN.js?_nc (...) FQDN: static.xx.fbcdn.net IP: 31.13.72.12 HASH: 2c84d5c120c9f219e31da05011207463d935bbeface344f9cb09879c3b8ba9ce 31.13.72.12 HTTP/2 200 OK content-type: application/x-javascript; charset=utf-8 content-encoding: br last-modified: Mon, 01 Jan 2001 08:00:00 GMT expires: Sat, 16 Sep 2023 23:46:28 GMT cache-control: public,max-age=31536000,immutable x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff timing-allow-origin: * content-md5: KUV0aVPtfyqt2RvAsrHM/g== x-fb-debug: /QCvyVkQHoC+/lFWhSIq2B5DxMzkB91qucFQAva5uouapGl5nJuh0WOH2PilbnqUN/RXb86T/oT8ru3Ky+5kug== content-length: 5550 x-fb-trip-id: 1904183273 date: Sat, 17 Sep 2022 13:39:42 GMT access-control-allow-origin: https://www.facebook.com vary: Origin alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: C source, ASCII text, with very long lines (4719) Size: 5550 Md5: 2945746953ed7f2aadd91bc0b2b1ccfe Sha1: 3639a712bb93ae69c53b001ad51d193cbeece74a Sha256: 2c84d5c120c9f219e31da05011207463d935bbeface344f9cb09879c3b8ba9ce
GET /rsrc.php/v3/yp/r/pOP_Kv5w2u7.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.facebook.com Connection: keep-alive Referer: https://www.facebook.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: static.xx.fbcdn.net/rsrc.php/v3/yp/r/pOP_Kv5w2u7.js?_nc (...) FQDN: static.xx.fbcdn.net IP: 31.13.72.12 HASH: 47c71ed2fcab851ed8947c4313bdeb44188d6c0f27810ea109bcf515eee1b6f4 31.13.72.12 HTTP/2 200 OK content-type: application/x-javascript; charset=utf-8 content-encoding: br last-modified: Mon, 01 Jan 2001 08:00:00 GMT expires: Sat, 16 Sep 2023 00:47:07 GMT cache-control: public,max-age=31536000,immutable x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff timing-allow-origin: * content-md5: euryPx0NuBR0gJLJSU5GIw== x-fb-debug: coG0PkmBb/aLBxhF1bKkY7k1w8xrRKpEz0E/fx3s8HU7tBiB4eKzKfOptprSVLEi1drl2VHmaZrU+FNlCNg/Xw== content-length: 1248 x-fb-trip-id: 1904183273 date: Sat, 17 Sep 2022 13:39:42 GMT access-control-allow-origin: https://www.facebook.com vary: Origin alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1404) Size: 1248 Md5: 7aeaf23f1d0db814748092c9494e4623 Sha1: 4929104daa8a00ab222b12c5fb4802f10672ffd1 Sha256: 47c71ed2fcab851ed8947c4313bdeb44188d6c0f27810ea109bcf515eee1b6f4
GET /wp-content/uploads/2021/09/logo-tinhbotnghe-vannhung-1.png HTTP/1.1 Host: tinhbotnghenhungvan.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tinhbotnghenhungvan.com/oko/20605e21a427406/login.php?signin Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: tinhbotnghenhungvan.com/wp-content/uploads/2021/09/logo (...) FQDN: tinhbotnghenhungvan.com IP: 103.171.113.239 HASH: 141314a07b3470d7bbbec5a711fb10382865d915a1450620c15de95501b96606 103.171.113.239 HTTP/2 200 OK content-type: image/png server: nginx date: Sat, 17 Sep 2022 13:39:41 GMT content-length: 96548 last-modified: Wed, 20 Oct 2021 03:13:47 GMT etag: "616f896b-17924" x-powered-by: PleskLin accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 10426 Md5: fa4ad18d1fc36fa88e3680c20e1d1a61 Sha1: bde4d3abf73cbd341a347979ac28fad8b2835910 Sha256: 141314a07b3470d7bbbec5a711fb10382865d915a1450620c15de95501b96606
GET /v/t39.30808-6/307152551_3271882666433351_2428457916423439123_n.png?stp=dst-png_p110x80&_nc_cat=100&ccb=1-7&_nc_sid=8024bb&_nc_ohc=YNVBtpLPaxEAX9JorCA&_nc_ht=scontent-arn2-2.xx&oh=00_AT8ajH46JXC0ijZ3-dYakCy9NP-6hJZwnlHHUPKXUENXFw&oe=632AD854 HTTP/1.1 Host: scontent-arn2-2.xx.fbcdn.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.facebook.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: scontent-arn2-2.xx.fbcdn.net/v/t39.30808-6/307152551_32 (...) FQDN: scontent-arn2-2.xx.fbcdn.net IP: 157.240.194.27 HASH: c53c75e5fca210b42ecc1564752064495e99386f98fe0f2b7a4a277553f32ac5 157.240.194.27 HTTP/2 200 OK content-type: image/png x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS last-modified: Thu, 15 Sep 2022 08:48:25 GMT x-haystack-needlechecksum: 1028275525 x-needle-checksum: 3328787811 content-digest: adler32=1517394343 timing-allow-origin: * cross-origin-resource-policy: cross-origin access-control-allow-origin: * cache-control: max-age=1209600, no-transform content-length: 26479 x-fb-trip-id: 1904183273 date: Sat, 17 Sep 2022 13:39:42 GMT alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 110 x 147, 8-bit/color RGB, non-interlaced\012- data Size: 26479 Md5: 940aa2f6de9c48866b8734ec8502ff65 Sha1: a132101e7be25245e2db8005a087b9b22f0cf09d Sha256: c53c75e5fca210b42ecc1564752064495e99386f98fe0f2b7a4a277553f32ac5
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1 Host: tinhbotnghenhungvan.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tinhbotnghenhungvan.com/oko/20605e21a427406/login.php?signin Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: tinhbotnghenhungvan.com/wp-includes/js/jquery/jquery.mi (...) FQDN: tinhbotnghenhungvan.com IP: 103.171.113.239 HASH: c66016f25a961e2e9164564a5a47b27df9f78c3af2effbce0d4a571de1247650 103.171.113.239 HTTP/2 200 OK content-type: application/javascript server: nginx date: Sat, 17 Sep 2022 13:39:40 GMT last-modified: Wed, 10 Mar 2021 15:07:24 GMT etag: W/"6048e0ac-15db1" x-powered-by: PleskLin content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65447) Size: 32793 Md5: 40eeed45ee843ad59fd2bffd28cb78ed Sha1: 95c7a21199447848cf118cd96f98e7784f82c2f5 Sha256: c66016f25a961e2e9164564a5a47b27df9f78c3af2effbce0d4a571de1247650
GET /rsrc.php/v3/yD/r/MKQzjVd1bVq.png HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/y-fVScwktOf.css?_nc_x=Ij3Wp8lg5Kz Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: static.xx.fbcdn.net/rsrc.php/v3/yD/r/MKQzjVd1bVq.png FQDN: static.xx.fbcdn.net IP: 31.13.72.12 HASH: 83b7d2afe243941c2527b2d875836ad2cb864290690dd1b253389de3f7bc7da4 31.13.72.12 HTTP/2 200 OK content-type: image/png access-control-allow-origin: * last-modified: Mon, 01 Jan 2001 08:00:00 GMT content-md5: l20F61ct/3QC2rM+eGjRow== expires: Sat, 16 Sep 2023 13:09:15 GMT cache-control: public,max-age=31536000,immutable x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin x-content-type-options: nosniff timing-allow-origin: * x-fb-debug: E4S3Cp1Ru1svhaBU4Tte4QzwsArEd6EtOOS68eB+wzLfPJxoWdVgflZDmGjBON3Qj+AVV18AlCGT2pDg/PlLnA== priority: u=3,i content-length: 548 x-fb-trip-id: 1904183273 date: Sat, 17 Sep 2022 13:39:42 GMT alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 12 x 12, 8-bit colormap, non-interlaced\012- data Size: 548 Md5: 976d05eb572dff7402dab33e7868d1a3 Sha1: 6de347f502856325e90de1fd137382cc2f61dc75 Sha256: 83b7d2afe243941c2527b2d875836ad2cb864290690dd1b253389de3f7bc7da4
GET /images/emoji.php/v9/t34/1/16/23f0.png HTTP/1.1 Host: static.xx.fbcdn.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.facebook.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: static.xx.fbcdn.net/images/emoji.php/v9/t34/1/16/23f0.png FQDN: static.xx.fbcdn.net IP: 31.13.72.12 HASH: 842e505a67f3b39a40a56760ca14b1aad7df6f33ca530a3c9f8c594cf082287e 31.13.72.12 HTTP/2 200 OK content-type: image/png access-control-allow-origin: * last-modified: Mon, 01 Jan 2001 08:00:00 GMT content-md5: hn/ucKTkDbeQ5FjY77AlsA== expires: Sun, 17 Sep 2023 02:34:47 GMT cache-control: public,max-age=31536000,immutable x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin x-content-type-options: nosniff timing-allow-origin: * strict-transport-security: max-age=31536000; preload; includeSubDomains x-fb-debug: dQ9scqyCzXVuaA6MSMxTG91Gr8YwQLiOWwZO9iUBGpq+A+Mv1BjdibOaUfasd0Uw06mHPM9ZP+/9jO3lMedxtQ== priority: u=3,i content-length: 653 x-fb-trip-id: 1904183273 date: Sat, 17 Sep 2022 13:39:42 GMT alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data Size: 653 Md5: 867fee70a4e40db790e458d8efb025b0 Sha1: eb614d71e5532d239bacc1a666deb11e40b29519 Sha256: 842e505a67f3b39a40a56760ca14b1aad7df6f33ca530a3c9f8c594cf082287e
GET /css?family=Baloo HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tinhbotnghenhungvan.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css?family=Baloo FQDN: fonts.googleapis.com IP: 142.250.74.10 142.250.74.10 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Sat, 17 Sep 2022 13:39:40 GMT date: Sat, 17 Sep 2022 13:39:40 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.8.5 HTTP/1.1 Host: tinhbotnghenhungvan.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tinhbotnghenhungvan.com/oko/20605e21a427406/login.php?signin Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: tinhbotnghenhungvan.com/wp-includes/css/dist/block-libr (...) FQDN: tinhbotnghenhungvan.com IP: 103.171.113.239 103.171.113.239 HTTP/2 200 OK content-type: text/css server: nginx date: Sat, 17 Sep 2022 13:39:40 GMT last-modified: Wed, 01 Sep 2021 04:05:58 GMT etag: W/"612efc26-13abe" x-powered-by: PleskLin content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - fortinet: Phishing
GET /plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fvsisnetidc&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=948110208640186 HTTP/1.1 Host: www.facebook.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tinhbotnghenhungvan.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: www.facebook.com/plugins/page.php?href=https%3A%2F%2Fww (...) FQDN: www.facebook.com IP: 31.13.72.36 31.13.72.36 HTTP/2 200 OK content-type: text/html; charset="utf-8" vary: Accept-Encoding content-encoding: br report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} content-security-policy-report-only: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; content-security-policy: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-opener-policy: unsafe-none pragma: no-cache cache-control: private, no-cache, no-store, must-revalidate expires: Sat, 01 Jan 2000 00:00:00 GMT x-content-type-options: nosniff x-xss-protection: 0 strict-transport-security: max-age=15552000; preload x-fb-debug: ev0/DetXSz+ymrhaR96/83zzk4lCyPOMecSucu7KSERJ3NrzBPZtFMB5LfrKc7viRXjxh+zWGTpy2StCXZcIog== date: Sat, 17 Sep 2022 13:39:41 GMT alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 Host: tinhbotnghenhungvan.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tinhbotnghenhungvan.com/oko/20605e21a427406/login.php?signin Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: tinhbotnghenhungvan.com/wp-includes/js/jquery/jquery-mi (...) FQDN: tinhbotnghenhungvan.com IP: 103.171.113.239 103.171.113.239 HTTP/2 200 OK content-type: application/javascript server: nginx date: Sat, 17 Sep 2022 13:39:40 GMT last-modified: Wed, 18 Nov 2020 09:06:06 GMT etag: W/"5fb4e3fe-2bd8" x-powered-by: PleskLin content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - fortinet: Phishing
GET /oko/20605e21a427406/login.php?signin HTTP/1.1 Host: tinhbotnghenhungvan.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: tinhbotnghenhungvan.com/oko/20605e21a427406/login.php?signin FQDN: tinhbotnghenhungvan.com IP: 103.171.113.239 103.171.113.239 HTTP/2 404 Not Found content-type: text/html; charset=UTF-8 server: nginx date: Sat, 17 Sep 2022 13:39:39 GMT x-powered-by: PHP/7.4.30 expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 link: <https://tinhbotnghenhungvan.com/wp-json/>; rel="https://api.w.org/" content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "FEF9CE9F75EC19E7AE2CCBFFB6654DB2473A2B4ACC94C1B4303E5EC24149465F" 

                                        
                                            
Last-Modified: Thu, 15 Sep 2022 18:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=3951 

                                        
                                            
Expires: Sat, 17 Sep 2022 14:45:29 GMT 

                                        
                                            
Date: Sat, 17 Sep 2022 13:39:38 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    96daaf84cd2c07756756caf7a2724a29

                                                Sha1:   d24d47c68eec98d44bf341dab9d893df97103e1a

                                                Sha256: fef9ce9f75ec19e7ae2ccbffb6654db2473a2b4acc94c1b4303e5ec24149465f

                                        
                                            GET /v1/tiles HTTP/1.1 

                                        
                                            
Host: contile.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.117.237.239

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sat, 17 Sep 2022 13:39:38 GMT 

                                        
                                            
content-length: 12 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   12

                                                Md5:    23e88fb7b99543fb33315b29b1fad9d6

                                                Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

                                                Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json

                                        

                                        
                                            
Content-Length: 329 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT 

                                        
                                            
Strict-Transport-Security: max-age=31536000 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Date: Sat, 17 Sep 2022 13:03:22 GMT 

                                        
                                            
Cache-Control: max-age=3600 

                                        
                                            
Expires: Sat, 17 Sep 2022 13:41:05 GMT 

                                        
                                            
ETag: "1648230346554" 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: q7sqRndmbwcRrzvo6JFqYKzyVK-0_ioLRxMv9FvllzAc8bP5ixUKug== 

                                        
                                            
Age: 2177 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators

                                                Size:   329

                                                Md5:    0333b0655111aa68de771adfcc4db243

                                                Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb

                                                Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "CE870BDBE26DE443C942FAD478B5B3F17BAAF6576A02783C7CE32A926DC951D9" 

                                        
                                            
Last-Modified: Thu, 15 Sep 2022 06:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=21577 

                                        
                                            
Expires: Sat, 17 Sep 2022 19:39:16 GMT 

                                        
                                            
Date: Sat, 17 Sep 2022 13:39:39 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    52c44b765690f530f6c2560a9ab16e76

                                                Sha1:   62d7eca66981793f395d5be789fd346f8299c62f

                                                Sha256: ce870bdbe26de443c942fad478b5b3f17baaf6576a02783c7ce32a926dc951d9

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sat, 17 Sep 2022 13:39:40 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    4cc0aaf293fed6c16e1dde02c50c8f40

                                                Sha1:   e94f11cd8fa955f28856a02aa7115aa5f3626d98

                                                Sha256: b1592dc8fc0d63052f66b7be9b5ff1f562f6fbd05f6365ce828758bfbb3f1a12

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sat, 17 Sep 2022 13:39:40 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    4cc0aaf293fed6c16e1dde02c50c8f40

                                                Sha1:   e94f11cd8fa955f28856a02aa7115aa5f3626d98

                                                Sha256: b1592dc8fc0d63052f66b7be9b5ff1f562f6fbd05f6365ce828758bfbb3f1a12

                                        
                                            GET /wp-content/uploads/2021/09/logoo-tinhbotnghe.jpg HTTP/1.1 

                                        
                                            
Host: tinhbotnghenhungvan.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://tinhbotnghenhungvan.com/oko/20605e21a427406/login.php?signin 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         103.171.113.239

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sat, 17 Sep 2022 13:39:40 GMT 

                                        
                                            
content-length: 17389 

                                        
                                            
last-modified: Wed, 20 Oct 2021 03:13:47 GMT 

                                        
                                            
etag: "616f896b-43ed" 

                                        
                                            
x-powered-by: PleskLin 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 220x220, segment length 16, baseline, precision 8, 250x280, components 3\012- data

                                                Size:   17389

                                                Md5:    b7eb9182fc39778aefc37e5d8c1b7c36

                                                Sha1:   411e5771da3a0caecce57a5511909cfb9a0aacc7

                                                Sha256: e659e2bd2d6c791b4023e67365ea125c2a327de9ddb96e8f6dcd8f9393d3eee5

                                        
                                            GET /wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.7.2 HTTP/1.1 

                                        
                                            
Host: tinhbotnghenhungvan.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://tinhbotnghenhungvan.com/oko/20605e21a427406/login.php?signin 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         103.171.113.239

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sat, 17 Sep 2022 13:39:40 GMT 

                                        
                                            
last-modified: Wed, 20 Oct 2021 03:13:47 GMT 

                                        
                                            
etag: W/"616f896b-2136c" 

                                        
                                            
x-powered-by: PleskLin 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (65536), with no line terminators

                                                Size:   26256

                                                Md5:    038b0db3de1c2702b0d556832c5664a2

                                                Sha1:   0a3ea58ffc60c8b986d4628c1ce95e9d31e5ab78

                                                Sha256: f9d23f25cf5b2def34ef5aa12a9dd73c83672ce3b4f01fc75c6407fb0c2a1db9

                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=5.8.5 HTTP/1.1 

                                        
                                            
Host: tinhbotnghenhungvan.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://tinhbotnghenhungvan.com/oko/20605e21a427406/login.php?signin 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         103.171.113.239

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sat, 17 Sep 2022 13:39:40 GMT 

                                        
                                            
last-modified: Tue, 08 Jun 2021 22:15:12 GMT 

                                        
                                            
etag: W/"60bfebf0-4705" 

                                        
                                            
x-powered-by: PleskLin 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (15224)

                                                Size:   14635

                                                Md5:    dba86f197fe53f3911ab6266b98af76b

                                                Sha1:   9dca20829e9469ecc3301f9238612a12d475a3f8

                                                Sha256: 005dd58c295c1adc8a4b3eae4e42311f1c8fe2e67ae88e2929f0f82fcf48a189

                                        
                                            GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1 HTTP/1.1 

                                        
                                            
Host: tinhbotnghenhungvan.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://tinhbotnghenhungvan.com/oko/20605e21a427406/login.php?signin 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         103.171.113.239

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sat, 17 Sep 2022 13:39:40 GMT 

                                        
                                            
last-modified: Wed, 20 Oct 2021 03:13:46 GMT 

                                        
                                            
etag: W/"616f896a-3868" 

                                        
                                            
x-powered-by: PleskLin 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text

                                                Size:   15948

                                                Md5:    1089c40b4423a55f4e13c7b4b3e71efd

                                                Sha1:   0f27963274a0be99732719d8ff8fa34489496318

                                                Sha256: 590640c7ee27416babf7101625fa9e77d83d5c2ba4b934aa22197b1083f2c341

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 5279 

                                        
                                            
Cache-Control: 'max-age=158059' 

                                        
                                            
Date: Sat, 17 Sep 2022 13:39:40 GMT 

                                        
                                            
Last-Modified: Sat, 17 Sep 2022 12:11:41 GMT 

                                        
                                            
Server: ECS (ska/F70C) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    924cca70f1f5ba02eb6af21a65e0bdd1

                                                Sha1:   3baa75b1ea32068f96cfd5060e4e1eda71c61da8

                                                Sha256: e55036d990bb7071b7e51e739b8650538ce67d821cc966b0baa99ff40220973b

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 5280 

                                        
                                            
Cache-Control: 'max-age=158059' 

                                        
                                            
Date: Sat, 17 Sep 2022 13:39:41 GMT 

                                        
                                            
Last-Modified: Sat, 17 Sep 2022 12:11:41 GMT 

                                        
                                            
Server: ECS (ska/F70C) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    924cca70f1f5ba02eb6af21a65e0bdd1

                                                Sha1:   3baa75b1ea32068f96cfd5060e4e1eda71c61da8

                                                Sha256: e55036d990bb7071b7e51e739b8650538ce67d821cc966b0baa99ff40220973b

                                        
                                            GET /rsrc.php/v3/yC/r/5RJiTHn6lGN.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 

                                        
                                            
Host: static.xx.fbcdn.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: https://www.facebook.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.facebook.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         31.13.72.12

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/x-javascript; charset=utf-8

                                        

                                        
                                            
content-encoding: br 

                                        
                                            
last-modified: Mon, 01 Jan 2001 08:00:00 GMT 

                                        
                                            
expires: Sun, 17 Sep 2023 00:05:18 GMT 

                                        
                                            
cache-control: public,max-age=31536000,immutable 

                                        
                                            
x-fb-rlafr: 0 

                                        
                                            
document-policy: force-load-at-top 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
content-md5: vmTNFzCQ46mOOKQi1ZMMVg== 

                                        
                                            
x-fb-debug: +vySrWjEndZQFSjiEyL/F/9BW8CB1W+6NhMx0Yc2urSt5vAda/cN8Cve3Gz+MmDQ92vwoF3fff4adaprcucqqQ== 

                                        
                                            
priority: u=3,i 

                                        
                                            
content-length: 9071 

                                        
                                            
x-fb-trip-id: 1904183273 

                                        
                                            
date: Sat, 17 Sep 2022 13:39:41 GMT 

                                        
                                            
access-control-allow-origin: https://www.facebook.com 

                                        
                                            
vary: Origin 

                                        
                                            
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (9954)

                                                Size:   9071

                                                Md5:    be64cd173090e3a98e38a422d5930c56

                                                Sha1:   5c196fb94edb4d634bad160a99f3918260d23be3

                                                Sha256: 0ffe4a73f2d08fa7dae5286e54d9e1f779422452cedfb44422a90ed24d409617

                                        
                                            GET /rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 

                                        
                                            
Host: static.xx.fbcdn.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: https://www.facebook.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.facebook.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         31.13.72.12

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/x-javascript; charset=utf-8

                                        

                                        
                                            
content-encoding: br 

                                        
                                            
last-modified: Mon, 01 Jan 2001 08:00:00 GMT 

                                        
                                            
expires: Sat, 16 Sep 2023 23:45:42 GMT 

                                        
                                            
cache-control: public,max-age=31536000,immutable 

                                        
                                            
x-fb-rlafr: 0 

                                        
                                            
document-policy: force-load-at-top 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
content-md5: dvWT6EJnf3PNCgYjKHSyww== 

                                        
                                            
x-fb-debug: lM3KJYxm5gRN0ZwSObgg0TF11Hk8r7NRw/G9YTck8t7gcNgsvzkJ52o8Yvy0CGSVTVDE00fYfn0by83tLznRgA== 

                                        
                                            
content-length: 338 

                                        
                                            
x-fb-trip-id: 1904183273 

                                        
                                            
date: Sat, 17 Sep 2022 13:39:41 GMT 

                                        
                                            
access-control-allow-origin: https://www.facebook.com 

                                        
                                            
vary: Origin 

                                        
                                            
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (327)

                                                Size:   338

                                                Md5:    76f593e842677f73cd0a06232874b2c3

                                                Sha1:   25a13f79478d5a0e286a2299dca2f3b296463079

                                                Sha256: 74dcbe026002f10b703960a500b50dabe518862e568a9e689dec7afa243fa44d

                                        
                                            GET /rsrc.php/v3/yx/r/kl5QvbCz5Lo.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 

                                        
                                            
Host: static.xx.fbcdn.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: https://www.facebook.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.facebook.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         31.13.72.12

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/x-javascript; charset=utf-8

                                        

                                        
                                            
content-encoding: br 

                                        
                                            
last-modified: Mon, 01 Jan 2001 08:00:00 GMT 

                                        
                                            
expires: Sun, 17 Sep 2023 00:25:08 GMT 

                                        
                                            
cache-control: public,max-age=31536000,immutable 

                                        
                                            
x-fb-rlafr: 0 

                                        
                                            
document-policy: force-load-at-top 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
content-md5: dhTvumF+I1roZJEeFaY6Jw== 

                                        
                                            
x-fb-debug: qPt6wiIL6JTzYGXa8ZfctEouna6ChUt49gSNDx3TJM7bSdbfeVgZ0zb+AvTRx7X09aQsrdDD23ldd6Zj1qMekg== 

                                        
                                            
content-length: 7311 

                                        
                                            
x-fb-trip-id: 1904183273 

                                        
                                            
date: Sat, 17 Sep 2022 13:39:41 GMT 

                                        
                                            
access-control-allow-origin: https://www.facebook.com 

                                        
                                            
vary: Origin 

                                        
                                            
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (4129)

                                                Size:   7311

                                                Md5:    7614efba617e235ae864911e15a63a27

                                                Sha1:   5eb6ee4e1d2db3866ebcbc35b76352c719c36255

                                                Sha256: 3c2783c57f48e1b749c1065ddcdf2f5184582a2bc799b1ee832fdf79c62b9557

                                        
                                            GET /rsrc.php/v3/yS/l/0,cross/y-fVScwktOf.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 

                                        
                                            
Host: static.xx.fbcdn.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: https://www.facebook.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.facebook.com/ 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         31.13.72.12

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css; charset=utf-8

                                        

                                        
                                            
content-encoding: br 

                                        
                                            
last-modified: Mon, 01 Jan 2001 08:00:00 GMT 

                                        
                                            
expires: Sun, 17 Sep 2023 02:44:33 GMT 

                                        
                                            
cache-control: public,max-age=31536000,immutable 

                                        
                                            
x-fb-rlafr: 0 

                                        
                                            
document-policy: force-load-at-top 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
content-md5: itpayv6mWWuOkL8QvAAMRg== 

                                        
                                            
x-fb-debug: I7nrLw/M+PWM31t/qhRnG7aUiudZRnlD4tQmOGkBblfNWxWUDTF5j/mOifGxdPfmfPYFzsuIMQNsGaYs5WukDg== 

                                        
                                            
content-length: 5175 

                                        
                                            
x-fb-trip-id: 1904183273 

                                        
                                            
date: Sat, 17 Sep 2022 13:39:41 GMT 

                                        
                                            
access-control-allow-origin: https://www.facebook.com 

                                        
                                            
vary: Origin 

                                        
                                            
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (4093)

                                                Size:   5175

                                                Md5:    8ada5acafea6596b8e90bf10bc000c46

                                                Sha1:   8b07405e279aaaa7e10831e606d6da4571e5c8da

                                                Sha256: 6c28becc9f55376dcbc55265c5ce4342816239c60c65e9c1b41cbb2106ff7e2c

                                        
                                            GET /rsrc.php/v3/yd/r/ntijSEq_uQT.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 

                                        
                                            
Host: static.xx.fbcdn.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: https://www.facebook.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.facebook.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         31.13.72.12

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/x-javascript; charset=utf-8

                                        

                                        
                                            
content-encoding: br 

                                        
                                            
last-modified: Mon, 01 Jan 2001 08:00:00 GMT 

                                        
                                            
expires: Sat, 16 Sep 2023 23:21:31 GMT 

                                        
                                            
cache-control: public,max-age=31536000,immutable 

                                        
                                            
x-fb-rlafr: 0 

                                        
                                            
document-policy: force-load-at-top 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
content-md5: LmuPtcmfZfApCRChCNcLWQ== 

                                        
                                            
x-fb-debug: Zt64ASrpp5OUDfsLnVtdGRz6nuLFvNqeyvJ9ptFXxfm3Gak9Sv0oA6QVzyp61RxzloPXUkNx11XOWElmUGtD9w== 

                                        
                                            
content-length: 15970 

                                        
                                            
x-fb-trip-id: 1904183273 

                                        
                                            
date: Sat, 17 Sep 2022 13:39:41 GMT 

                                        
                                            
access-control-allow-origin: https://www.facebook.com 

                                        
                                            
vary: Origin 

                                        
                                            
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  C source, ASCII text, with very long lines (7367)

                                                Size:   15970

                                                Md5:    2e6b8fb5c99f65f0290910a108d70b59

                                                Sha1:   259614e8da07b8bb8f9f97145960c80d5a3a8301

                                                Sha256: d78f36b2062bcb9f609e318cb082657e04ad0d1c89b090d7a88b44d1b390fcd1

                                        
                                            GET /rsrc.php/v3/yH/r/xgVgalBG80z.png HTTP/1.1 

                                        
                                            
Host: static.xx.fbcdn.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/y-fVScwktOf.css?_nc_x=Ij3Wp8lg5Kz 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         31.13.72.12

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
last-modified: Mon, 01 Jan 2001 08:00:00 GMT 

                                        
                                            
content-md5: rB4cTW8WNZcBsFntToJGtA== 

                                        
                                            
expires: Sat, 16 Sep 2023 23:53:26 GMT 

                                        
                                            
cache-control: public,max-age=31536000,immutable 

                                        
                                            
x-fb-rlafr: 0 

                                        
                                            
document-policy: force-load-at-top 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
x-fb-debug: 1DfSeFMget/+jUtg3eO7B8onAj4coBQBhZkn3RaHK5kyVXciAmeHS8fNYStirCkLA5zU0e+WfgNQ3rjj6+Twqg== 

                                        
                                            
content-length: 1315 

                                        
                                            
x-fb-trip-id: 1904183273 

                                        
                                            
date: Sat, 17 Sep 2022 13:39:41 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  gzip compressed data, max compression\012- data

                                                Size:   2104

                                                Md5:    2e81e9467eed1885ee8330b4774bc274

                                                Sha1:   e7fc6a4b2c20de48cbcbc5788ac019f77f9cf456

                                                Sha256: 446fe17053663555bb6e7fe3ef126484f4d64bb109b0226e28e7042bb95c26df

                                            

                                            
                                                
Alerts:

                                                

                                                
                                                
                                                

                                                
                                                      File Analyzers:

                                                    
                                                            - virustotal: 0/0

                                        
                                            GET /wp-content/uploads/2021/09/cropped-logoo-tinhbotnghe-192x192.jpg HTTP/1.1 

                                        
                                            
Host: tinhbotnghenhungvan.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://tinhbotnghenhungvan.com/oko/20605e21a427406/login.php?signin 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         103.171.113.239

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sat, 17 Sep 2022 13:39:41 GMT 

                                        
                                            
content-length: 7454 

                                        
                                            
last-modified: Wed, 20 Oct 2021 03:13:47 GMT 

                                        
                                            
etag: "616f896b-1d1e" 

                                        
                                            
x-powered-by: PleskLin 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 220x220, segment length 16, baseline, precision 8, 192x192, components 3\012- data

                                                Size:   7454

                                                Md5:    fbd484558afe9ac66d909569757d7d19

                                                Sha1:   ca79b318196f07b54acbf856ed7b4d87c5b2ae91

                                                Sha256: aaa9c3fa5289da5f52acc49688392c42f2f39a107d5487572532c3209077ecdd

                                        
                                            GET /rsrc.php/v3/yF/l/0,cross/I_DGZeWwnml.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 

                                        
                                            
Host: static.xx.fbcdn.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: https://www.facebook.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.facebook.com/ 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         31.13.72.12

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css; charset=utf-8

                                        

                                        
                                            
content-encoding: br 

                                        
                                            
last-modified: Mon, 01 Jan 2001 08:00:00 GMT 

                                        
                                            
expires: Sun, 17 Sep 2023 03:10:20 GMT 

                                        
                                            
cache-control: public,max-age=31536000,immutable 

                                        
                                            
x-fb-rlafr: 0 

                                        
                                            
document-policy: force-load-at-top 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
content-md5: b/Cv+5Oss+IQ1otQ1n3UPA== 

                                        
                                            
x-fb-debug: 1k0YT61gEOsVo+gRLdCvZDZ+4jMl7aJP0BxpBHXfOn4A9E5meFGYePVhRdOUNi2wCow/hQZVxW5CdauFrCe1Fw== 

                                        
                                            
content-length: 4606 

                                        
                                            
x-fb-trip-id: 1904183273 

                                        
                                            
date: Sat, 17 Sep 2022 13:39:42 GMT 

                                        
                                            
access-control-allow-origin: https://www.facebook.com 

                                        
                                            
vary: Origin 

                                        
                                            
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  assembler source, ASCII text, with very long lines (2642)

                                                Size:   4606

                                                Md5:    6ff0affb93acb3e210d68b50d67dd43c

                                                Sha1:   932473e9c54275389c9ffd6bb3d088800e4f154a

                                                Sha256: 064e887f9f9c30f3d45ce79a8d344a7cf6f83164ee979105f0d03088fe3626d2

                                        
                                            GET /rsrc.php/v3/ye/r/XDHvEcqWdwa.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 

                                        
                                            
Host: static.xx.fbcdn.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: https://www.facebook.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.facebook.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         31.13.72.12

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/x-javascript; charset=utf-8

                                        

                                        
                                            
content-encoding: br 

                                        
                                            
last-modified: Mon, 01 Jan 2001 08:00:00 GMT 

                                        
                                            
expires: Sat, 16 Sep 2023 23:57:32 GMT 

                                        
                                            
cache-control: public,max-age=31536000,immutable 

                                        
                                            
x-fb-rlafr: 0 

                                        
                                            
document-policy: force-load-at-top 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
content-md5: /ypceFcN0/V7NRsUc4GGGA== 

                                        
                                            
x-fb-debug: WsIfWr2iECSuVYDDdCJF635w1GMivonw6bT0RVtTBuAJhcistrf/gf93egzo8CGh5VZ71myutgUJlcMQRHa/qg== 

                                        
                                            
content-length: 5267 

                                        
                                            
x-fb-trip-id: 1904183273 

                                        
                                            
date: Sat, 17 Sep 2022 13:39:42 GMT 

                                        
                                            
access-control-allow-origin: https://www.facebook.com 

                                        
                                            
vary: Origin 

                                        
                                            
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with no line terminators

                                                Size:   5366

                                                Md5:    deab418cf90b4bdc8c47ce76af962d81

                                                Sha1:   b91733fa7cb98c08e465b82540dcc70286c31838

                                                Sha256: e24d9fbdc6030d69085c14404dcd88b0e76b840006a525a8db70a7c09112dea5

                                        
                                            GET /rsrc.php/v3/yb/l/0,cross/XoZYMn1tCJX.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 

                                        
                                            
Host: static.xx.fbcdn.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: https://www.facebook.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.facebook.com/ 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         31.13.72.12

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css; charset=utf-8

                                        

                                        
                                            
content-encoding: br 

                                        
                                            
last-modified: Mon, 01 Jan 2001 08:00:00 GMT 

                                        
                                            
expires: Sun, 17 Sep 2023 00:42:27 GMT 

                                        
                                            
cache-control: public,max-age=31536000,immutable 

                                        
                                            
x-fb-rlafr: 0 

                                        
                                            
document-policy: force-load-at-top 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
content-md5: cVJelglnJTCt90SftyDe1A== 

                                        
                                            
x-fb-debug: mP41lqS+bCSjOJ3wdwDIyrOCmQzQMINU7Zs1nnODb/cgLjK9K88qjS4vDurpJNVDbbGBL7MFGAp/vYCibZTKZg== 

                                        
                                            
priority: u=1,i 

                                        
                                            
content-length: 830 

                                        
                                            
x-fb-trip-id: 1904183273 

                                        
                                            
date: Sat, 17 Sep 2022 13:39:42 GMT 

                                        
                                            
access-control-allow-origin: https://www.facebook.com 

                                        
                                            
vary: Origin 

                                        
                                            
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (1754)

                                                Size:   830

                                                Md5:    71525e9609672530adf7449fb720ded4

                                                Sha1:   1e15747b57136f6cb2793b0503836e4f8aa12b05

                                                Sha256: 1a897babe25dd7a40fe559da449b5f07506f35aa8ead0115bbd55819d6b0c6d2

                                        
                                            GET /rsrc.php/v3iEBX4/yV/l/en_US/CBpXBwkeiMb.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 

                                        
                                            
Host: static.xx.fbcdn.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: https://www.facebook.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.facebook.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         31.13.72.12

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/x-javascript; charset=utf-8

                                        

                                        
                                            
content-encoding: br 

                                        
                                            
last-modified: Mon, 01 Jan 2001 08:00:00 GMT 

                                        
                                            
expires: Sat, 16 Sep 2023 01:02:19 GMT 

                                        
                                            
cache-control: public,max-age=31536000,immutable 

                                        
                                            
x-fb-rlafr: 0 

                                        
                                            
document-policy: force-load-at-top 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
content-md5: juxbgiLk4grn/enp7AP6Ww== 

                                        
                                            
x-fb-debug: Lk9lGO4hcjoz7yFDlh1s1kWXNiUf6JXVbnVUOF348Bd2vsYv1TzCiB0upjtANr3JPV+lBP0eTjPUTf3ro8RtzA== 

                                        
                                            
content-length: 8502 

                                        
                                            
x-fb-trip-id: 1904183273 

                                        
                                            
date: Sat, 17 Sep 2022 13:39:42 GMT 

                                        
                                            
access-control-allow-origin: https://www.facebook.com 

                                        
                                            
vary: Origin 

                                        
                                            
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (6030)

                                                Size:   8502

                                                Md5:    8eec5b8222e4e20ae7fde9e9ec03fa5b

                                                Sha1:   0d86a7995567e84f483559569f6dff454ece6c24

                                                Sha256: af75b48fdd20abff68ab1328c1ac768b379ca856e881928999b2d53ee0de519a

                                        
                                            GET /rsrc.php/v3/yp/r/pOP_Kv5w2u7.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1 

                                        
                                            
Host: static.xx.fbcdn.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: https://www.facebook.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.facebook.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         31.13.72.12

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/x-javascript; charset=utf-8

                                        

                                        
                                            
content-encoding: br 

                                        
                                            
last-modified: Mon, 01 Jan 2001 08:00:00 GMT 

                                        
                                            
expires: Sat, 16 Sep 2023 00:47:07 GMT 

                                        
                                            
cache-control: public,max-age=31536000,immutable 

                                        
                                            
x-fb-rlafr: 0 

                                        
                                            
document-policy: force-load-at-top 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
content-md5: euryPx0NuBR0gJLJSU5GIw== 

                                        
                                            
x-fb-debug: coG0PkmBb/aLBxhF1bKkY7k1w8xrRKpEz0E/fx3s8HU7tBiB4eKzKfOptprSVLEi1drl2VHmaZrU+FNlCNg/Xw== 

                                        
                                            
content-length: 1248 

                                        
                                            
x-fb-trip-id: 1904183273 

                                        
                                            
date: Sat, 17 Sep 2022 13:39:42 GMT 

                                        
                                            
access-control-allow-origin: https://www.facebook.com 

                                        
                                            
vary: Origin 

                                        
                                            
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (1404)

                                                Size:   1248

                                                Md5:    7aeaf23f1d0db814748092c9494e4623

                                                Sha1:   4929104daa8a00ab222b12c5fb4802f10672ffd1

                                                Sha256: 47c71ed2fcab851ed8947c4313bdeb44188d6c0f27810ea109bcf515eee1b6f4

                                        
                                            GET /v/t39.30808-6/307152551_3271882666433351_2428457916423439123_n.png?stp=dst-png_p110x80&_nc_cat=100&ccb=1-7&_nc_sid=8024bb&_nc_ohc=YNVBtpLPaxEAX9JorCA&_nc_ht=scontent-arn2-2.xx&oh=00_AT8ajH46JXC0ijZ3-dYakCy9NP-6hJZwnlHHUPKXUENXFw&oe=632AD854 HTTP/1.1 

                                        
                                            
Host: scontent-arn2-2.xx.fbcdn.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.facebook.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         157.240.194.27

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png

                                        

                                        
                                            
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS 

                                        
                                            
last-modified: Thu, 15 Sep 2022 08:48:25 GMT 

                                        
                                            
x-haystack-needlechecksum: 1028275525 

                                        
                                            
x-needle-checksum: 3328787811 

                                        
                                            
content-digest: adler32=1517394343 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cache-control: max-age=1209600, no-transform 

                                        
                                            
content-length: 26479 

                                        
                                            
x-fb-trip-id: 1904183273 

                                        
                                            
date: Sat, 17 Sep 2022 13:39:42 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 110 x 147, 8-bit/color RGB, non-interlaced\012- data

                                                Size:   26479

                                                Md5:    940aa2f6de9c48866b8734ec8502ff65

                                                Sha1:   a132101e7be25245e2db8005a087b9b22f0cf09d

                                                Sha256: c53c75e5fca210b42ecc1564752064495e99386f98fe0f2b7a4a277553f32ac5

                                        
                                            GET /rsrc.php/v3/yD/r/MKQzjVd1bVq.png HTTP/1.1 

                                        
                                            
Host: static.xx.fbcdn.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/y-fVScwktOf.css?_nc_x=Ij3Wp8lg5Kz 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         31.13.72.12

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
last-modified: Mon, 01 Jan 2001 08:00:00 GMT 

                                        
                                            
content-md5: l20F61ct/3QC2rM+eGjRow== 

                                        
                                            
expires: Sat, 16 Sep 2023 13:09:15 GMT 

                                        
                                            
cache-control: public,max-age=31536000,immutable 

                                        
                                            
x-fb-rlafr: 0 

                                        
                                            
document-policy: force-load-at-top 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
x-fb-debug: E4S3Cp1Ru1svhaBU4Tte4QzwsArEd6EtOOS68eB+wzLfPJxoWdVgflZDmGjBON3Qj+AVV18AlCGT2pDg/PlLnA== 

                                        
                                            
priority: u=3,i 

                                        
                                            
content-length: 548 

                                        
                                            
x-fb-trip-id: 1904183273 

                                        
                                            
date: Sat, 17 Sep 2022 13:39:42 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 12 x 12, 8-bit colormap, non-interlaced\012- data

                                                Size:   548

                                                Md5:    976d05eb572dff7402dab33e7868d1a3

                                                Sha1:   6de347f502856325e90de1fd137382cc2f61dc75

                                                Sha256: 83b7d2afe243941c2527b2d875836ad2cb864290690dd1b253389de3f7bc7da4

                                        
                                            GET /css?family=Baloo HTTP/1.1 

                                        
                                            
Host: fonts.googleapis.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://tinhbotnghenhungvan.com/ 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.10

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css; charset=utf-8

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
expires: Sat, 17 Sep 2022 13:39:40 GMT 

                                        
                                            
date: Sat, 17 Sep 2022 13:39:40 GMT 

                                        
                                            
cache-control: private, max-age=86400 

                                        
                                            
cross-origin-opener-policy: same-origin-allow-popups 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
content-encoding: gzip 

                                        
                                            
server: ESF 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
x-frame-options: SAMEORIGIN 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fvsisnetidc&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=948110208640186 HTTP/1.1 

                                        
                                            
Host: www.facebook.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://tinhbotnghenhungvan.com/ 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: iframe 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         31.13.72.36

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html; charset="utf-8"

                                        

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-encoding: br 

                                        
                                            
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} 

                                        
                                            
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; 

                                        
                                            
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; 

                                        
                                            
x-fb-rlafr: 0 

                                        
                                            
document-policy: force-load-at-top 

                                        
                                            
cross-origin-opener-policy: unsafe-none 

                                        
                                            
pragma: no-cache 

                                        
                                            
cache-control: private, no-cache, no-store, must-revalidate 

                                        
                                            
expires: Sat, 01 Jan 2000 00:00:00 GMT 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
strict-transport-security: max-age=15552000; preload 

                                        
                                            
x-fb-debug: ev0/DetXSz+ymrhaR96/83zzk4lCyPOMecSucu7KSERJ3NrzBPZtFMB5LfrKc7viRXjxh+zWGTpy2StCXZcIog== 

                                        
                                            
date: Sat, 17 Sep 2022 13:39:41 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /oko/20605e21a427406/login.php?signin HTTP/1.1 

                                        
                                            
Host: tinhbotnghenhungvan.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: none 

                                        
                                            
Sec-Fetch-User: ?1

                                         103.171.113.239

                                        
                                            HTTP/2 404 Not Found 

                                        
                                            
content-type: text/html; charset=UTF-8

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sat, 17 Sep 2022 13:39:39 GMT 

                                        
                                            
x-powered-by: PHP/7.4.30 

                                        
                                            
expires: Wed, 11 Jan 1984 05:00:00 GMT 

                                        
                                            
cache-control: no-cache, must-revalidate, max-age=0 

                                        
                                            
link: <https://tinhbotnghenhungvan.com/wp-json/>; rel="https://api.w.org/" 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

URL	tinhbotnghenhungvan.com/oko/20605e21a427406/login.php?signin
IP	103.171.113.239 (Vietnam)
ASN	#140822 ANPHATIDC
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-09-17 13:39:49 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	9
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (13)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

Recent reports on same IP/ASN/Domain/Screenshot

Last 3 reports on IP: 103.171.113.239

Last 5 reports on ASN: ANPHATIDC

Last 3 reports on domain: tinhbotnghenhungvan.com

Last 2 reports with similar screenshot

JavaScript

Executed Scripts (45)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (64)

Overview

Domain Summary (13)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

Recent reports on same IP/ASN/Domain/Screenshot

Last 3 reports on IP: 103.171.113.239

Last 5 reports on ASN: ANPHATIDC

Last 3 reports on domain: tinhbotnghenhungvan.com

Last 2 reports with similar screenshot

JavaScript

Executed Scripts (45)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (64)

Network Intrusion Detection Systems