Report - www.tsg.com.vn/@@@/

Report Overview

Submitted URL
www.tsg.com.vn/@@@/
IP
210.211.113.137
ASN
#38731 CHT Compamy Ltd
Submitted
2023-03-08 18:10:56
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
18

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
maxcdn.bootstrapcdn.com	724	2014-06-18T02:37:31Z	2023-03-25T05:18:47Z	392 B	917 B	188.114.99.234
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-24T18:20:20Z	413 B	5.9 kB	34.160.144.191
www.micstatic.com	120170	2015-07-22T23:43:48Z	2023-03-24T13:00:05Z	2.1 kB	68 kB	104.18.21.229
pylon.micstatic.com	156834	2021-01-28T23:23:12Z	2023-03-24T05:50:26Z	319 B	15 kB	104.18.21.229
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-25T05:22:40Z	394 B	87 kB	142.250.74.168
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-24T23:38:25Z	481 B	578 B	216.58.207.227
region1.analytics.google.com	unknown	2022-03-17T12:26:33Z	2023-03-25T05:09:35Z	759 B	444 B	216.239.32.36
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-25T03:27:58Z	1.1 kB	1.0 kB	209.85.233.156
stackpath.bootstrapcdn.com	2467	2018-06-15T22:36:43Z	2023-03-25T05:43:07Z	409 B	917 B	188.114.99.234
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-24T18:14:23Z	782 B	2.4 kB	35.241.9.150
www.tsg.com.vn	unknown	2015-06-21T13:07:50Z	2023-03-12T23:08:43Z	3.5 kB	151 kB	210.211.113.137
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-24T16:33:49Z	3.3 kB	63 kB	34.120.237.76
ocsp.dcocsp.cn	33518	2018-11-07T14:15:36Z	2023-03-25T05:38:30Z	338 B	1.1 kB	47.246.44.225
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-25T05:37:21Z	370 B	21 kB	216.58.211.14
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	606 B	349 B	31.13.72.36
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-24T18:17:07Z	606 B	127 B	54.184.15.26
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-25T05:09:34Z	3.8 kB	7.7 kB	142.250.74.3
googleads.g.doubleclick.net	42	2021-02-20T16:43:32Z	2023-03-25T03:33:52Z	689 B	2.1 kB	142.250.74.98
www.google.com	7	2015-05-10T13:11:19Z	2023-03-24T05:25:30Z	1.2 kB	1.2 kB	142.250.74.164
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-25T05:09:02Z	1.7 kB	4.4 kB	23.36.77.32
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-25T05:09:25Z	333 B	391 B	34.117.237.239
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-25T04:18:49Z	2.0 kB	4.6 kB	192.229.221.95
www.made-in-china.com	95945	2012-05-30T17:33:15Z	2023-03-24T14:20:56Z	882 B	30 kB	104.18.31.240
fa.micstatic.com	153248	2020-03-25T06:07:14Z	2023-03-24T05:50:26Z	6.0 kB	1.9 kB	104.18.25.206
bat.bing.com	387	2014-04-08T11:23:16Z	2023-03-25T05:10:32Z	1.4 kB	14 kB	204.79.197.200
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-24T18:12:14Z	371 B	29 kB	31.13.72.12

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-03-08	medium	www.tsg.com.vn/@@@/	Made-In-China

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-08	medium	www.tsg.com.vn/@@@/	Phishing
2023-03-08	medium	www.tsg.com.vn/@@@/js/jquery-3.3.1.js.pagespeed.ce.hdmzM_lBi9.js	Phishing
2023-03-08	medium	www.tsg.com.vn/@@@/js/jquery-3.1.1.min.js.pagespeed.jm.SQZXth9lpM.js	Phishing
2023-03-08	medium	www.tsg.com.vn/@@@/js/jquery.min.js.pagespeed.jm.pJg2D_p7ze.js	Phishing
2023-03-08	medium	www.tsg.com.vn/@@@/js/jquery-3.2.1.slim.min.js	Phishing
2023-03-08	medium	www.tsg.com.vn/@@@/js/popper.min.js	Phishing
2023-03-08	medium	www.tsg.com.vn/@@@/js/jquery-3.2.1.slim.min.js	Phishing
2023-03-08	medium	www.tsg.com.vn/@@@/js/popper.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (25)

	URL	Size	First Seen	Last Seen
	www.tsg.com.vn/@@@/	423 B	2023-03-07	2024-04-18
Pretty URL www.tsg.com.vn/@@@/ IP 210.211.113.137 ASN #38731 CHT Compamy Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-04-18 07:48:52 Times Seen209 Hash 8a09c565a275efe2ce5842ab478db31e 99b6847a2eb4bbda95e8e012628c0d7c0f616124 906d76ac0dcec17f85e4b663f14d199e7ddd704bbf3c30cd01b7e766db0ef2e7 Loading...

	www.micstatic.com/common/js/business/global/sensors_track.js?r=1634120031144&r=1634120031144	43 kB	2023-03-07	2023-08-21
Pretty URL www.micstatic.com/common/js/business/global/sensors_track.js?r=1634120031144&r=1634120031144 IP 104.18.21.229 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2023-08-21 13:26:16 Times Seen97 Hash 822ea3240b208f1f999f7b310a5822a5 45770ed738c820889f01b765d69ddb7fa11e0150 2d5936bdf065891a6b78defc315eaefd9c44360668642651b69341b23d13433f Loading...

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	49 kB	2023-03-07	2024-04-23
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP 188.114.99.234 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-23 19:01:01 Times Seen136342 Hash 14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Loading...

	www.tsg.com.vn/@@@/js/jquery.min.js.pagespeed.jm.pJg2D_p7ze.js	86 kB	2023-03-09	2024-03-21
Pretty URL www.tsg.com.vn/@@@/js/jquery.min.js.pagespeed.jm.pJg2D_p7ze.js IP 210.211.113.137 ASN #38731 CHT Compamy Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 21:44:26 Last Seen2024-03-21 11:15:22 Times Seen43 Hash a498360ffa7bcdeb9644e0d383d018b1 93b7f9e6efe9d4afe1676a774fcf14a6eeda936f a4a77b39749094c8cee18f51d59ee83b96e67a6ffea0ae9b60cf56955002175a Loading...

	pylon.micstatic.com/gb/js/assets/probe/probe.min.js?r=1634120031144	38 kB	2023-03-13	2023-03-26
Pretty URL pylon.micstatic.com/gb/js/assets/probe/probe.min.js?r=1634120031144 IP 104.18.21.229 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:11:28 Last Seen2023-03-26 09:55:31 Times Seen15 Hash b3d3c61f8a845445bef112b094a82023 7fd89c9dcad1091e23af5f270f104b7b3ce20882 dc36c7b22d553d35878fe03a31df321ef669b3da2f03b8328efc6e3bf3eaeac2 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-T39J99&r=1634120031144	275 kB	2023-03-25	2023-03-25
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-T39J99&r=1634120031144 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 23:42:13 Last Seen2023-03-25 23:42:13 Times Seen1 Hash 1bd2987d2315fcbe262f6d9ba565b90d 25ccc3becd1766db581d63af8e0a0312a50dd137 726a71ba36be574123ef1d82b38b96b90243961ed19fdf175c53285527e51062 Loading...

	www.tsg.com.vn/@@@/js/jquery-3.1.1.min.js.pagespeed.jm.SQZXth9lpM.js	87 kB	2023-03-08	2024-02-29
Pretty URL www.tsg.com.vn/@@@/js/jquery-3.1.1.min.js.pagespeed.jm.SQZXth9lpM.js IP 210.211.113.137 ASN #38731 CHT Compamy Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 07:33:52 Last Seen2024-02-29 01:05:04 Times Seen45 Hash 490657b61f65a4c220a10a1a52409a00 34e7708cb3f51eba868ff61d476c4d3938356f51 6679ae91d4ca66157cf116f25267f7c0bb6021d472bca24b3a32290061f3b7d4 Loading...

	www.tsg.com.vn/@@@/	624 B	2023-03-13	2023-04-29
Pretty URL www.tsg.com.vn/@@@/ IP 210.211.113.137 ASN #38731 CHT Compamy Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:24:40 Last Seen2023-04-29 20:06:04 Times Seen3 Hash e70b13e0cfd0a78c59d4f0d73e8528f8 5fff1cac8979d0e0a7cfe512fd12d0256df6e806 91117ed25f1ffee442e31c0c93272fca83918570d801eaa9b2fffa71499aae7f Loading...

	www.micstatic.com/common/js/libs/faw/faw.1.0.0.js?r=1634120031144	12 kB	2023-03-07	2024-04-18
Pretty URL www.micstatic.com/common/js/libs/faw/faw.1.0.0.js?r=1634120031144 IP 104.18.21.229 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-04-18 07:48:52 Times Seen339 Hash 95467c965832dc00267d2a325d82c001 29bf7b62fa29d3ecbde481d61b756367dddfec5d a1c95b6fb809e633322e011fe013c565faeb61264527ce028d53387fba3b4924 Loading...

	connect.facebook.net/en_US/fbevents.js	110 kB	2023-03-14	2024-03-21
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 17:32:51 Last Seen2024-03-21 21:10:25 Times Seen3047 Hash 43998db2f3a554f89cbcd180dbb3ea1e 06fae8bb316c67dfd3702577e743bc5ffc5b05a4 0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363 Loading...

	bat.bing.com/p/action/13001299.js	0 B	2023-03-07	2024-04-23
Pretty URL bat.bing.com/p/action/13001299.js IP 204.79.197.200 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-23 19:02:07 Times Seen37023804 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.tsg.com.vn/@@@/	4.2 kB	2023-03-13	2023-04-29
Pretty URL www.tsg.com.vn/@@@/ IP 210.211.113.137 ASN #38731 CHT Compamy Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:24:40 Last Seen2023-04-29 20:06:03 Times Seen3 Hash 9b716ed4cd05ca0a3050315a33c0b2ee df356c29851856fb0435189b7083244ff6f2cdf6 3e452ef7fa7a90cd23b311c5d898e79cf19c7bb1a822d164eaa803d82c542ddc Loading...

	www.micstatic.com/common/js/libs/sensors/sensorsdata.min-1.15.13_faw.js?r=1634120031144	85 kB	2023-03-07	2024-04-18
Pretty URL www.micstatic.com/common/js/libs/sensors/sensorsdata.min-1.15.13_faw.js?r=1634120031144 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-04-18 07:48:53 Times Seen155 Hash c727cdcf1f851383293dfa1bff462722 ada0c63651e642891f4fd5905eefcf28d3ad4baf 40707e9d2cf9581ad9fcc531e1626245a63ae9d25e8e9df268b9bc2106683653 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	bat.bing.com/bat.js	41 kB	2023-03-14	2023-04-13
Pretty URL bat.bing.com/bat.js IP 204.79.197.200 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 13:22:45 Last Seen2023-04-13 21:32:40 Times Seen28 Hash 1f54a3702fef2e7236fc6323eb43a933 181996a01b327039e264e2fe62d82b604e7803a6 fd950cb8a6d31a66c86264671999670b5b5dd36f2ae647ae1247c021922603ce Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/731984560/?random=1678299048061&cv=11&fst=1678299048061&bg=ffffff&guid=ON&async=1&gtm=45He3360&u_w=1280&u_h=1024&label=v7ktCOKJmaMBELDlhN0C&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.tsg.com.vn%2F%40%40%40%2F&tiba=Messages%20%7C%20Made%20ln%20Chlna&auid=184139041.1678299048&rfmt=3&fmt=4	2.6 kB	2023-03-25	2023-03-25
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/731984560/?random=1678299048061&cv=11&fst=1678299048061&bg=ffffff&guid=ON&async=1&gtm=45He3360&u_w=1280&u_h=1024&label=v7ktCOKJmaMBELDlhN0C&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.tsg.com.vn%2F%40%40%40%2F&tiba=Messages%20%7C%20Made%20ln%20Chlna&auid=184139041.1678299048&rfmt=3&fmt=4 IP 142.250.74.98 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 23:42:13 Last Seen2023-03-25 23:42:13 Times Seen1 Hash 6d70e860f6d2d3c593aa50c6cfc33d9e e7e8e4789e5680abf66539035837f1713bb1478d 120df3020f779fa6692f89bcbaa9be6c01c4ccf8a8f61b56460a2ed61f872554 Loading...

	connect.facebook.net/signals/config/2037053586588160?v=2.9.98&r=stable	387 kB	2023-03-13	2023-04-06
Pretty URL connect.facebook.net/signals/config/2037053586588160?v=2.9.98&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:14:38 Last Seen2023-04-06 20:49:27 Times Seen38 Hash 0f2bfcdccc4270b80546b64703111d3f 1dc9bce743ca72a99b499d3a20f32eeaff3e0b11 ce0382468be29543ad03fee0904cafd396fa8c2fb608519d5da29643f042ce1d Loading...

	stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js	51 kB	2023-03-07	2024-04-23
Pretty URL stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js IP 188.114.99.234 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-23 18:54:39 Times Seen243573 Hash 67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Loading...

	www.tsg.com.vn/@@@/	1.9 kB	2023-03-13	2023-03-25
Pretty URL www.tsg.com.vn/@@@/ IP 210.211.113.137 ASN #38731 CHT Compamy Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:24:40 Last Seen2023-03-25 23:42:13 Times Seen2 Hash 4ecd9676081bcc450e5883d6662f8615 903a1a1628f81ca31eda717645ac50b9999839cf b6df7228290bb44882b473847f7e9e8a96952dd259a97c3d099c226ebcb3a3af Loading...

	www.made-in-china.com/faw-store.html	1.3 kB	2023-03-07	2023-04-05
Pretty URL www.made-in-china.com/faw-store.html IP 104.18.31.240 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2023-04-05 02:01:11 Times Seen31 Hash b9499081fdda5abcccaf45ded37dea11 0e4a72d1fa8e1f868df6c11cd68ab904d59653dd 2c52a305241ca743835be48315d9913e2d3857e826a9c5a8a74bec0157907e21 Loading...

	www.googletagmanager.com/gtag/js?id=G-VEFCZRQMG4&l=dataLayer&cx=c	244 kB	2023-03-25	2023-03-25
Pretty URL www.googletagmanager.com/gtag/js?id=G-VEFCZRQMG4&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 23:42:13 Last Seen2023-03-25 23:42:13 Times Seen1 Hash 169e4b97170be4c7d1fef98331c06c90 d81810010d11b69c9291155d0b49945d4c056a39 fe527c6455beee08cc5a5a03a021c125e664296eca59488825c5138b7dda030b Loading...

		Size	First Seen	Last Seen
	#1 Eval - 5f06f61cf6ac55db29f1bfd302257331	232 B	2023-03-07	2023-06-26
Pretty Observations First Seen2023-03-07 12:02:41 Last Seen2023-06-26 03:19:43 Times Seen99 Hash 5f06f61cf6ac55db29f1bfd302257331 78de01e817370cb8310801e2f66be0d33099f82c 7d700ca9f03f467b4a3f58a598871f71c4bc8ae368b6a986e41b3e6584670165 Loading...

	#2 Eval - 4d12a11d93617efa27441f47869d156d	401 B	2023-03-07	2024-04-23
Pretty Observations First Seen2023-03-07 12:02:41 Last Seen2024-04-23 18:48:20 Times Seen625 Hash 4d12a11d93617efa27441f47869d156d 70dd822485874fe16f334468bfffe5dad153abbd 91c16639d04eaf68a0a87c022519be74068014b8ace744930ec7727afa2fa41d Loading...

	#3 Eval - 8c6111627570105b72c66ae4a136ad6c	232 B	2023-03-07	2023-06-26
Pretty Observations First Seen2023-03-07 12:02:41 Last Seen2023-06-26 03:19:43 Times Seen99 Hash 8c6111627570105b72c66ae4a136ad6c 6b7122f256493ff4b4288c01b1766b772797be96 e1ecbf397014aadd393ea098a3d9c9e4f2e75fc8d2466ee3823302b0855e3afd Loading...

	#4 Eval - 8e535fdc93d8214dc44f3555fb9b7430	232 B	2023-03-07	2023-06-26
Pretty Observations First Seen2023-03-07 12:02:41 Last Seen2023-06-26 03:19:43 Times Seen99 Hash 8e535fdc93d8214dc44f3555fb9b7430 656c3b48682e3158985a8c4101ebe29158ec0e79 deaf1dce980857d82e49407063fc48aad4b2fb87e45f46b4c81aaf02fff1075a Loading...

HTTP Transactions (74)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8f33f56c329fe0b1570d2ee3e000ce4e
b11fcecd7cc1210d3f3b4e1426a37d3cd138119e
ebcb744a032452533c000c0a9f193fd2566b2389729c41b6c5ed69b9e4cd42d4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBCB744A032452533C000C0A9F193FD2566B2389729C41B6C5ED69B9E4CD42D4"
Last-Modified: Tue, 07 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6456
Expires: Wed, 08 Mar 2023 19:58:21 GMT
Date: Wed, 08 Mar 2023 18:10:45 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0f2c901fe04f9e3d18e9c3387b076780
3f0115cd05d7857a8119eff0479f5812df155d3d
84518fa2565f7f63933d3c552e1dc07f84c71f4a3df5d2821484c371ef57b924

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "84518FA2565F7F63933D3C552E1DC07F84C71F4A3DF5D2821484C371EF57B924"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13646
Expires: Wed, 08 Mar 2023 21:58:11 GMT
Date: Wed, 08 Mar 2023 18:10:45 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Type, Retry-After, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Mar 2023 18:08:50 GMT
content-type: application/json
age: 115
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6d096b44c5db01960a5d03dbb2a238c0
8e818de0e82041f2d9edeb14ddaf3916983b3729
8c69b4883e45e3e993ffdf24922c6ff7f0131f1eece0c3d0016137ca29f48d04

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8C69B4883E45E3E993FFDF24922C6FF7F0131F1EECE0C3D0016137CA29F48D04"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14579
Expires: Wed, 08 Mar 2023 22:13:44 GMT
Date: Wed, 08 Mar 2023 18:10:45 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 0teTXWayN5fYcYWmmrwfpXQA96EpqH/HI7jSN9eqYGCQ2eD82hzSpZ/COPrIp78cYIm0Wo8npjM=
x-amz-request-id: A3MGTQMJM9MCH1A1
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Mar 2023 17:35:43 GMT
age: 2102
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

www.tsg.com.vn/@@@/

210.211.113.137

200 OK

4.9 kB

URL HTTP/1.1
www.tsg.com.vn/@@@/
IP
210.211.113.137:0
ASN
#38731 CHT Compamy Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with very long lines (4240), with CRLF line terminators
Size
4.9 kB (4858 bytes)
Hash
c15da1fa5dc2ecc702f1042e47e6e4c2
3a87da03868ae112add711384fdaf80ced48bee0
731e944bde4268157fd7a5484feb3ca1f38dd3bc16a51ee17e41e9a2da1ef650

Detections

Analyzer	Verdict	Alert
openphish	Made-In-China
fortinet	Phishing

HTTP Headers

GET /@@@/ HTTP/1.1
Host: www.tsg.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Wed, 08 Mar 2023 18:10:45 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
X-Mod-Pagespeed: 1.13.35.2-0
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=0, no-cache, s-maxage=10
Content-Length: 4858
Keep-Alive: timeout=5, max=100
Content-Type: text/html; charset=gb2312

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 08 Mar 2023 18:10:45 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Type, Last-Modified, Retry-After, Expires, Pragma, Content-Length, Cache-Control, Alert, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Mar 2023 17:12:30 GMT
age: 3496
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

www.tsg.com.vn/@@@/js/jquery-3.3.1.js.pagespeed.ce.hdmzM_lBi9.js

210.211.113.137

200 OK

8.1 kB

URL HTTP/1.1
www.tsg.com.vn/@@@/js/jquery-3.3.1.js.pagespeed.ce.hdmzM_lBi9.js
IP
210.211.113.137:0
ASN
#38731 CHT Compamy Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11315), with CRLF line terminators
Size
8.1 kB (8053 bytes)
Hash
41dd44455bcf93c604c4feaa1b25222c
fc11eb6b8a6cb331078ff2a6f9415d83b1da9f27
9d316b235e0d282a0e3fe446804054228c435cd6be489c7b8525fd2bbcd7254e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /@@@/js/jquery-3.3.1.js.pagespeed.ce.hdmzM_lBi9.js HTTP/1.1
Host: www.tsg.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tsg.com.vn/@@@/

HTTP/1.1 200 OK
Date: Wed, 08 Mar 2023 18:10:46 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
X-Original-Content-Length: 19465
Last-Modified: Mon, 26 Dec 2022 23:10:21 GMT
Expires: Thu, 07 Mar 2024 18:10:46 GMT
Cache-Control: max-age=31536000
Etag: W/"0-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8053
Keep-Alive: timeout=5, max=100
Content-Type: application/javascript

www.tsg.com.vn/@@@/js/jquery-3.1.1.min.js.pagespeed.jm.SQZXth9lpM.js

210.211.113.137

200 OK

30 kB

URL HTTP/1.1
www.tsg.com.vn/@@@/js/jquery-3.1.1.min.js.pagespeed.jm.SQZXth9lpM.js
IP
210.211.113.137:0
ASN
#38731 CHT Compamy Ltd

File type
ASCII text, with very long lines (65536), with no line terminators
Size
30 kB (30022 bytes)
Hash
05a6cebbf00558cde3d3c7e6ec040c18
1cc7eacb131ca3b716e50c9f762bf058afe367c9
c65932ba41ed038ded95ffb46d3a0369e0e41171d38f8bcc5ed49d68df95903f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /@@@/js/jquery-3.1.1.min.js.pagespeed.jm.SQZXth9lpM.js HTTP/1.1
Host: www.tsg.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tsg.com.vn/@@@/

HTTP/1.1 200 OK
Date: Wed, 08 Mar 2023 18:10:45 GMT
Server: Apache
Accept-Ranges: bytes
Expires: Thu, 07 Mar 2024 17:48:48 GMT
Cache-Control: max-age=31536000
Etag: W/"0"
Last-Modified: Wed, 08 Mar 2023 17:48:48 GMT
X-Original-Content-Length: 86715
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30022
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

www.tsg.com.vn/@@@/js/jquery.min.js.pagespeed.jm.pJg2D_p7ze.js

210.211.113.137

200 OK

30 kB

URL HTTP/1.1
www.tsg.com.vn/@@@/js/jquery.min.js.pagespeed.jm.pJg2D_p7ze.js
IP
210.211.113.137:0
ASN
#38731 CHT Compamy Ltd

File type
ASCII text, with very long lines (65536), with no line terminators
Size
30 kB (29761 bytes)
Hash
6f15ba43884527fda173e87dc25ac655
01a7c823f6b640b6d6b770b4606e2c8c5ec1f3bf
001fca0aa9f41d7098661bee084490bc92ef357dd425ca4f3b2eb77c7b8b6615

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /@@@/js/jquery.min.js.pagespeed.jm.pJg2D_p7ze.js HTTP/1.1
Host: www.tsg.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tsg.com.vn/@@@/

HTTP/1.1 200 OK
Date: Wed, 08 Mar 2023 18:10:45 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Expires: Thu, 07 Mar 2024 17:48:48 GMT
Cache-Control: max-age=31536000
Etag: W/"0"
Last-Modified: Wed, 08 Mar 2023 17:48:48 GMT
X-Original-Content-Length: 85584
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 29761
Keep-Alive: timeout=5, max=100
Content-Type: application/javascript

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e40f37168f4abba1e0efa6ca4de1e709
731d36cf841f1b889d9dca71abf406a186325aed
a9d8a1030ec5e70745f085f90e35a4b8832956ff20bd6719f3dbe6dd7291fc05

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A9D8A1030EC5E70745F085F90E35A4B8832956FF20BD6719F3DBE6DD7291FC05"
Last-Modified: Tue, 07 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13639
Expires: Wed, 08 Mar 2023 21:58:05 GMT
Date: Wed, 08 Mar 2023 18:10:46 GMT
Connection: keep-alive

www.tsg.com.vn/@@@/js/jquery-3.2.1.slim.min.js

210.211.113.137

404 Not Found

70 B

URL HTTP/1.1
www.tsg.com.vn/@@@/js/jquery-3.2.1.slim.min.js
IP
210.211.113.137:0
ASN
#38731 CHT Compamy Ltd

File type
ASCII text
Size
70 B (70 bytes)
Hash
d530c90f8568c6325a5f2559df38c0d5
07fa1d8ff12821c26c60bdf735b047fb3aaf9b2f
6d10157d721435fe9f59fe15a2297a1ab113997462ef2cce9cf23d4c62f25701

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /@@@/js/jquery-3.2.1.slim.min.js HTTP/1.1
Host: www.tsg.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tsg.com.vn/@@@/

HTTP/1.1 404 Not Found
Date: Wed, 08 Mar 2023 18:10:46 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

www.tsg.com.vn/@@@/js/popper.min.js

210.211.113.137

404 Not Found

70 B

URL HTTP/1.1
www.tsg.com.vn/@@@/js/popper.min.js
IP
210.211.113.137:0
ASN
#38731 CHT Compamy Ltd

File type
ASCII text
Size
70 B (70 bytes)
Hash
d530c90f8568c6325a5f2559df38c0d5
07fa1d8ff12821c26c60bdf735b047fb3aaf9b2f
6d10157d721435fe9f59fe15a2297a1ab113997462ef2cce9cf23d4c62f25701

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /@@@/js/popper.min.js HTTP/1.1
Host: www.tsg.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tsg.com.vn/@@@/

HTTP/1.1 404 Not Found
Date: Wed, 08 Mar 2023 18:10:46 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

www.tsg.com.vn/@@@/css/logon_40922b23.css

210.211.113.137

200 OK

20 kB

URL HTTP/1.1
www.tsg.com.vn/@@@/css/logon_40922b23.css
IP
210.211.113.137:0
ASN
#38731 CHT Compamy Ltd

File type
ASCII text, with very long lines (65536), with no line terminators
Size
20 kB (19652 bytes)
Hash
d616e5834d63c26a1ec9d5af3e4bafb7
4cbb03171d72b9b3cbb8d2c2d989acfb42c2f294
ffb37fdcebc0b4577c6c8af31002ade5ab0a7a07f3592ea1c8a18372cab4fa07

HTTP Headers

GET /@@@/css/logon_40922b23.css HTTP/1.1
Host: www.tsg.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tsg.com.vn/@@@/

HTTP/1.1 200 OK
Date: Wed, 08 Mar 2023 18:10:46 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Content-Length: 19652
Last-Modified: Mon, 26 Dec 2022 23:10:21 GMT
Accept-Ranges: bytes
Etag: W/"PSA-Fx_wrh7tEQ"
Vary: Accept-Encoding
X-Original-Content-Length: 128804
Content-Encoding: gzip
Expires: Wed, 08 Mar 2023 18:12:47 GMT
Cache-Control: max-age=300, s-maxage=10
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=100
Content-Type: text/css

push.services.mozilla.com/

54.184.15.26

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.184.15.26:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SlD4xuL1JNkRkpARtssIqQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: F+XVurVUJUwJM1neTwtIqK+zlb8=

www.tsg.com.vn/@@@/js/jquery-3.2.1.slim.min.js

210.211.113.137

404 Not Found

70 B

URL HTTP/1.1
www.tsg.com.vn/@@@/js/jquery-3.2.1.slim.min.js
IP
210.211.113.137:0
ASN
#38731 CHT Compamy Ltd

File type
ASCII text
Size
70 B (70 bytes)
Hash
d530c90f8568c6325a5f2559df38c0d5
07fa1d8ff12821c26c60bdf735b047fb3aaf9b2f
6d10157d721435fe9f59fe15a2297a1ab113997462ef2cce9cf23d4c62f25701

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /@@@/js/jquery-3.2.1.slim.min.js HTTP/1.1
Host: www.tsg.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tsg.com.vn/@@@/

HTTP/1.1 404 Not Found
Date: Wed, 08 Mar 2023 18:10:46 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

www.tsg.com.vn/@@@/images/sign-default-buyer.jpg

210.211.113.137

200 OK

51 kB

URL HTTP/1.1
www.tsg.com.vn/@@@/images/sign-default-buyer.jpg
IP
210.211.113.137:0
ASN
#38731 CHT Compamy Ltd

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 400x400, components 3\012- data
Size
51 kB (50601 bytes)
Hash
13135ad92eb99d07c327ff74ce20aee9
d9f2b8f3cfa44573e7572756453ee928d8500dc8
c057f03b4b7b6815aa46b4b3e03e8566a3bb5998e33eed75dcacdefb53f07747

HTTP Headers

GET /@@@/images/sign-default-buyer.jpg HTTP/1.1
Host: www.tsg.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tsg.com.vn/@@@/

HTTP/1.1 200 OK
Date: Wed, 08 Mar 2023 18:10:46 GMT
Server: Apache
Content-Length: 50601
Last-Modified: Mon, 26 Dec 2022 23:10:21 GMT
Accept-Ranges: bytes
Etag: W/"PSA-ExNa2S65nQ"
Expires: Wed, 08 Mar 2023 18:12:47 GMT
Cache-Control: max-age=300, s-maxage=10
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
afbc9408ba50644d252e0f7cf7d15594
7df48784837d23c2f004eaaad0b86194292db292
e05816224cee6b81473d2c5ea5257f7528d98549d78ff04b5e1289b3b6cffd67

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6547
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Mar 2023 18:10:46 GMT
Last-Modified: Wed, 08 Mar 2023 16:21:39 GMT
Server: ECAcc (ska/F6E1)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
afbc9408ba50644d252e0f7cf7d15594
7df48784837d23c2f004eaaad0b86194292db292
e05816224cee6b81473d2c5ea5257f7528d98549d78ff04b5e1289b3b6cffd67

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3860
Cache-Control: max-age=135737
Content-Type: application/ocsp-response
Date: Wed, 08 Mar 2023 18:10:46 GMT
Etag: "64082fcb-1d7"
Expires: Fri, 10 Mar 2023 07:53:03 GMT
Last-Modified: Wed, 08 Mar 2023 06:48:43 GMT
Server: ECAcc (ska/F7A3)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
afbc9408ba50644d252e0f7cf7d15594
7df48784837d23c2f004eaaad0b86194292db292
e05816224cee6b81473d2c5ea5257f7528d98549d78ff04b5e1289b3b6cffd67

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2638
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Mar 2023 18:10:46 GMT
Last-Modified: Wed, 08 Mar 2023 17:26:48 GMT
Server: ECAcc (ska/F749)
X-Cache: HIT
Content-Length: 471

www.micstatic.com/common/img/logo-2019/logo_d0822075.png?v=2

104.18.21.229

200 OK

4.6 kB

URL HTTP/2
www.micstatic.com/common/img/logo-2019/logo_d0822075.png?v=2
IP
104.18.21.229:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 257 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size
4.6 kB (4621 bytes)
Hash
b173e18fb61eb3d489bfad3b2ea570fe
71703d796c502703619ec696e447c937f700b605
488ea251bdaf29ab45c94699fef89ad3368bfef0c0f24b671dcbefd4e474679d

HTTP Headers

GET /common/img/logo-2019/logo_d0822075.png?v=2 HTTP/1.1
Host: www.micstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tsg.com.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 08 Mar 2023 18:10:46 GMT
content-type: image/png
content-length: 4621
last-modified: Wed, 16 Jun 2021 11:14:07 GMT
etag: "60c9dcff-120d"
expires: Sat, 05 Mar 2033 18:10:46 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
origin-agent-cluster: ?0
cf-cache-status: HIT
age: 237922
accept-ranges: bytes
set-cookie: __cf_bm=vNTLDlHQ2YxVd03_BoUtGAwTQCNT0eneZJX0dHR.e8s-1678299046-0-AYr4UTXXB6N5VYCXU9m+bopVft5NcBwLClbl57AqPriNJK9rtfMQMIEL9ZiP3xwQNi0uM0yoS9VXih3Deit5BXw=; path=/; expires=Wed, 08-Mar-23 18:40:46 GMT; domain=.micstatic.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a4d09739e04b512-OSL
X-Firefox-Spdy: h2

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
afbc9408ba50644d252e0f7cf7d15594
7df48784837d23c2f004eaaad0b86194292db292
e05816224cee6b81473d2c5ea5257f7528d98549d78ff04b5e1289b3b6cffd67

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1224
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Mar 2023 18:10:46 GMT
Last-Modified: Wed, 08 Mar 2023 17:50:22 GMT
Server: ECAcc (amb/6AD1)
X-Cache: HIT
Content-Length: 471

www.tsg.com.vn/@@@/js/popper.min.js

210.211.113.137

404 Not Found

70 B

URL HTTP/1.1
www.tsg.com.vn/@@@/js/popper.min.js
IP
210.211.113.137:0
ASN
#38731 CHT Compamy Ltd

File type
ASCII text
Size
70 B (70 bytes)
Hash
d530c90f8568c6325a5f2559df38c0d5
07fa1d8ff12821c26c60bdf735b047fb3aaf9b2f
6d10157d721435fe9f59fe15a2297a1ab113997462ef2cce9cf23d4c62f25701

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /@@@/js/popper.min.js HTTP/1.1
Host: www.tsg.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tsg.com.vn/@@@/

HTTP/1.1 404 Not Found
Date: Wed, 08 Mar 2023 18:10:46 GMT
Server: Apache
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

www.micstatic.com/common/font/micon/micon-2/micon_3425a96d.woff2?v=20201103

104.18.21.229

200 OK

26 kB

URL HTTP/2
www.micstatic.com/common/font/micon/micon-2/micon_3425a96d.woff2?v=20201103
IP
104.18.21.229:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 25720, version 1.0\012- data
Size
26 kB (25720 bytes)
Hash
90c821175fe52b5e89497d4249dce3b6
0bbacc3050dcf88f37fd6042a6719f83ba6ad83a
18a097b5625eaee94db4a26223016d2f31b7b5f5529bc599ea183f551e5c13d3

HTTP Headers

GET /common/font/micon/micon-2/micon_3425a96d.woff2?v=20201103 HTTP/1.1
Host: www.micstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.tsg.com.vn
Connection: keep-alive
Referer: http://www.tsg.com.vn/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 08 Mar 2023 18:10:47 GMT
content-type: font/woff2
content-length: 25720
last-modified: Tue, 07 Jun 2022 11:17:37 GMT
etag: "629f33d1-6478"
expires: Sat, 05 Mar 2033 18:10:47 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
origin-agent-cluster: ?0
cf-cache-status: MISS
accept-ranges: bytes
set-cookie: __cf_bm=a46EQUfTmmGZRjMOtS2YqJMOdUWTaRH3rXdGeVxCxrA-1678299047-0-AWXriQluWn8rFeKkzMnRXUpwvY0Mk0oe0xhy23n+i2LDKQlDLRbRbIE1i0VUGKu4b3YC9i+s79Ea/TGuKlTPZcE=; path=/; expires=Wed, 08-Mar-23 18:40:47 GMT; domain=.micstatic.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a4d0973aa5ab51d-OSL
X-Firefox-Spdy: h2

www.micstatic.com/common/font/Roboto/400-regular/Roboto-Regular_c0bdb222.woff2

104.18.21.229

200 OK

20 kB

URL HTTP/2
www.micstatic.com/common/font/Roboto/400-regular/Roboto-Regular_c0bdb222.woff2
IP
104.18.21.229:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 19832, version 2.8978\012- data
Size
20 kB (19832 bytes)
Hash
ed2022705048507e5995ee72717e7fd4
570864c3bccc3e0e203fdd67be3cf850387faefb
e7f4f778ddb41b7be2d20810bb560acee79da55ed5d3eeac12f2bb8948f4453a

HTTP Headers

GET /common/font/Roboto/400-regular/Roboto-Regular_c0bdb222.woff2 HTTP/1.1
Host: www.micstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.tsg.com.vn
Connection: keep-alive
Referer: http://www.tsg.com.vn/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 08 Mar 2023 18:10:47 GMT
content-type: font/woff2
content-length: 19832
last-modified: Wed, 16 Jun 2021 11:14:08 GMT
etag: "60c9dd00-4d78"
expires: Sat, 05 Mar 2033 18:10:47 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
origin-agent-cluster: ?0
cf-cache-status: MISS
accept-ranges: bytes
set-cookie: __cf_bm=fXozRZbuavBFb8VoQzu81NCBPWFUAP7JNF5ICvNjRHk-1678299047-0-AXOXTAnwYWENUgJRoXZI0kbEz3fMfjCLrBrfWaAxZ9B+gCRIkwureFB0hJqyAHnv8/4V3x7DtQQEOtmBUKImSUo=; path=/; expires=Wed, 08-Mar-23 18:40:47 GMT; domain=.micstatic.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a4d0973cac8b51d-OSL
X-Firefox-Spdy: h2

www.micstatic.com/common/js/libs/faw/faw.1.0.0.js?r=1634120031144

104.18.21.229

200 OK

4.9 kB

URL HTTP/1.1
www.micstatic.com/common/js/libs/faw/faw.1.0.0.js?r=1634120031144
IP
104.18.21.229:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (12263)
Size
4.9 kB (4919 bytes)
Hash
c39de83ef51f8d1e60801ba805a75280
1e1306b6f18bffcd2e6b22067c6f5013d63b331c
d4eee3d5d7c0c0bc4aef62661633e75c06664f39dd7961ff485a4196e5ce893d

HTTP Headers

GET /common/js/libs/faw/faw.1.0.0.js?r=1634120031144 HTTP/1.1
Host: www.micstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tsg.com.vn/

HTTP/1.1 200 OK
Date: Wed, 08 Mar 2023 18:10:47 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 10 Sep 2021 13:44:55 GMT
ETag: W/"613b6157-3042"
Expires: Sat, 05 Mar 2033 18:10:47 GMT
Cache-Control: public, max-age=315360000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
CF-Cache-Status: HIT
Set-Cookie: __cf_bm=TfZ8sDwpGyRXwlMyZ8WS_Ufprqaec9M7UQm3jSFiGAo-1678299047-0-AW8I1m/dOReQZNjmlj3xBmTcmX9ZOYmlhKualflqLhy2edd+4lA7jnbsFMMgWaoQCIpTr8Q6IYHs0oQtBQ9HJB4=; path=/; expires=Wed, 08-Mar-23 18:40:47 GMT; domain=.micstatic.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a4d09740b0eb4fa-OSL

www.made-in-china.com/faw-store.html

104.18.31.240

301 Moved Permanently

178 B

URL HTTP/1.1
www.made-in-china.com/faw-store.html
IP
104.18.31.240:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /faw-store.html HTTP/1.1
Host: www.made-in-china.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tsg.com.vn/
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Wed, 08 Mar 2023 18:10:47 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.made-in-china.com/faw-store.html
Timing-Allow-Origin: *
Origin-Agent-Cluster: ?0
CF-Cache-Status: HIT
Expires: Wed, 08 Mar 2023 22:10:47 GMT
Cache-Control: public, max-age=14400
Set-Cookie: __cf_bm=180etw7IRAyE.lJTxGGu0knUA2oKsGNMvfvZAPMZtno-1678299047-0-Af3d3mz2qEKdugjyTLEjTUUoMCpWddSNKVZHqO/LNlDFn48EY7KHAbjjpPWMAi9tX5ibmzyKxVVyLGPVELu6AQE=; path=/; expires=Wed, 08-Mar-23 18:40:47 GMT; domain=.made-in-china.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a4d09751c9a1c0a-OSL

www.tsg.com.vn/@@@/images/favicon.ico

210.211.113.137

200 OK

4.3 kB

URL HTTP/1.1
www.tsg.com.vn/@@@/images/favicon.ico
IP
210.211.113.137:0
ASN
#38731 CHT Compamy Ltd

File type
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Size
4.3 kB (4286 bytes)
Hash
db52c84bd7417fdc629f75300e5ce80c
ce8036fbd7714ce312034d7702fd2904a39bf6c1
85c7cda25b4a324b82f4e0efd6ae2eee4d606b9552c24a47eab44155f4d620c7

HTTP Headers

GET /@@@/images/favicon.ico HTTP/1.1
Host: www.tsg.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tsg.com.vn/@@@/

HTTP/1.1 200 OK
Date: Wed, 08 Mar 2023 18:10:47 GMT
Server: Apache
Last-Modified: Mon, 26 Dec 2022 23:10:21 GMT
Accept-Ranges: bytes
Content-Length: 4286
Cache-Control: s-maxage=10
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/x-icon

pylon.micstatic.com/gb/js/assets/probe/probe.min.js?r=1634120031144

104.18.21.229

200 OK

15 kB

URL HTTP/1.1
pylon.micstatic.com/gb/js/assets/probe/probe.min.js?r=1634120031144
IP
104.18.21.229:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (38008)
Size
15 kB (14670 bytes)
Hash
cc849cf99ac1cbb4ce16dda28d858efb
51b30cc47132410a35aa114f9a07da93c185be0b
a6a1b541ef14661a4d286b7f37a238e364913c777d0c677a92013f6d9a19be12

HTTP Headers

GET /gb/js/assets/probe/probe.min.js?r=1634120031144 HTTP/1.1
Host: pylon.micstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tsg.com.vn/

HTTP/1.1 200 OK
Date: Wed, 08 Mar 2023 18:10:47 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 13 Jan 2023 08:07:37 GMT
ETag: W/"63c11149-9499"
test: mic_test
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 87296
Expires: Wed, 08 Mar 2023 22:10:47 GMT
Cache-Control: public, max-age=14400
Set-Cookie: __cf_bm=H2LT9ki1aDNwq2cwsNBHG5jS8t_ms0bV7LLFyT4zyY8-1678299047-0-ASfackH54Y5A4L0biodWJMauQlj5ERnwHabyXpdWCrzu3NHQo4qax7XSEIOEt8Jnxbi1Wp/zsaD+WgSIe/QnoKM=; path=/; expires=Wed, 08-Mar-23 18:40:47 GMT; domain=.micstatic.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a4d0975bcb5b4ff-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0ad01b9236cef16e2a27b5072869ce86
2080b5089717e80da4928358e628ec3a156889a8
8477ceae0d981e170d0d3e508fb9d4e4c73a48420faca79a6f7ee183d27603bb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8477CEAE0D981E170D0D3E508FB9D4E4C73A48420FACA79A6F7EE183D27603BB"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5457
Expires: Wed, 08 Mar 2023 19:41:44 GMT
Date: Wed, 08 Mar 2023 18:10:47 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cd018ed-7ccb-4718-8ca8-722523738a19.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cd018ed-7ccb-4718-8ca8-722523738a19.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10282 bytes)
Hash
3b4c2db9869c88bae7d0404c1dcec413
e7c7dcc46ce107a7a026c0d4b4f2628c8e9b2f00
bec9134b244ba67c17b521040803ab01fb15e20f51b5d2f087b78a5c21b871bd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cd018ed-7ccb-4718-8ca8-722523738a19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10282
x-amzn-requestid: 1e8e3352-2149-4709-a610-a2c2a0cffe21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Bbf_TFcEoAMFskw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6407ad2e-76c8b341197f21f532ad217b;Sampled=0
x-amzn-remapped-date: Tue, 07 Mar 2023 21:31:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 2aJLaEagp3pR99q8_TMMjt3XPS4xlu7L38AuW0huFinOlP4zh2bVAw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 f268a165a18929fd0a24a3189fbd16b2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Mar 2023 21:41:02 GMT
age: 73785
etag: "e7c7dcc46ce107a7a026c0d4b4f2628c8e9b2f00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd649076-65ef-4252-b786-9ca8da6a57a1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11558 bytes)
Hash
2d9b5552f48cd494bc8d5049b4791014
b06c25558644cabc6e36cef496e80a12db1557b8
3b11a6372e74805fff1099a6c719969f2093c0484d3746ddfbcd6fa393566c91

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd649076-65ef-4252-b786-9ca8da6a57a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 11558
x-amzn-requestid: 8f14eb4d-f23a-4b96-b690-4a4132fb9ab3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Bbg_gHG5oAMFSIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6407aec9-06c2581d177b126b1ff419e1;Sampled=0
x-amzn-remapped-date: Tue, 07 Mar 2023 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: ek1xPUDd567z8bnk88r7AsL654AQ3yn2FjkVR9XqdZniAUyjL3a2hQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 e11ee4e3208082d534c251b36bbee268.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Mar 2023 21:53:10 GMT
age: 73057
etag: "b06c25558644cabc6e36cef496e80a12db1557b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd511f1e1-8fc5-4048-a520-e65229a96e81.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10664 bytes)
Hash
aa6deb90b0da01bce725870745a4b468
ae9c06fa4d60b48c9d9864422fa95ec2db8aa555
c2ce00a54a831ad47d01d3f660f38eafb7c2211a31e29c9c62922deb10edee71

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd511f1e1-8fc5-4048-a520-e65229a96e81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10664
x-amzn-requestid: 5a171fc8-0471-483f-afc5-61ea9c7a688b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Bbg_dGbsoAMFaFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6407aec9-7557d4d24d530d093862fcd1;Sampled=0
x-amzn-remapped-date: Tue, 07 Mar 2023 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: U7wTC0bBG8A338UwuBRUxDycwV1QQ36ECz1NF9b31rvtWNAOqr4wwA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f958a3846d80a3925f664b320dfad9c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Mar 2023 21:53:10 GMT
etag: "ae9c06fa4d60b48c9d9864422fa95ec2db8aa555"
content-type: image/jpeg
age: 73057
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2702b0-2374-4a7d-87af-c09842669e5d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7678 bytes)
Hash
7f46eff01f1bbc5549a10539f87bdbec
ea3bad22405cf50b779acddb510b256dd29a3ab8
294cfd20d9965260125b37f379364ba6f4ad008a38084b293f8e8a785d2510ec

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2702b0-2374-4a7d-87af-c09842669e5d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7678
x-amzn-requestid: 25220fb8-8b01-4916-bd21-da9d4955a2f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Bbf_MHBEoAMFebw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6407ad2d-1f3968821902468e7aa71a4b;Sampled=0
x-amzn-remapped-date: Tue, 07 Mar 2023 21:31:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: N_bIa74gORFHRCcWcqOUMTGfKyby7coLGYOQUsXuSgLCtlsoJg5Q3A==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 1f41b5f27f3ec2e93db2155dbc56900c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Mar 2023 21:41:19 GMT
age: 73768
etag: "ea3bad22405cf50b779acddb510b256dd29a3ab8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F270fed16-34b7-4928-b816-bcf1ffb2cf2f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10369 bytes)
Hash
cfd15f03193db8f6de68a3d73cea9c95
d8d3d4bd9bd2601bc487838ffd7318e4a90b5958
15fb1ecdf6261f61d6f997bf4309dacdc15677c71b46f7257f868cbaa8a8f8f5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F270fed16-34b7-4928-b816-bcf1ffb2cf2f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10369
x-amzn-requestid: 8ebe427e-b86a-46d9-853a-0d9ed575c97e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Bbg_EFZ6IAMFaWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6407aec6-7c86564d64e0192b2cf4ab2d;Sampled=0
x-amzn-remapped-date: Tue, 07 Mar 2023 21:38:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: kU_v-O71wDO8dRTV2OURSr8_qnfhA6kL1RuZ7Tqg5yQi-IejJzbLhw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 abbf2df97f9d83839470842dc2e68cb6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Mar 2023 22:11:26 GMT
age: 71961
etag: "d8d3d4bd9bd2601bc487838ffd7318e4a90b5958"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38c5365c-e953-4f7b-9671-8725bbef1913.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5730 bytes)
Hash
2ebfd75f1a70ab5e3778350233b7fd3b
ac3209fb137ca7109853c80d937c2a92d3c062c6
4aca1f2b4505b25c78ccf6176b951c90d14e6a7dd118c912befa626c8c4dfa38

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38c5365c-e953-4f7b-9671-8725bbef1913.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5730
x-amzn-requestid: dedd80e2-b3cf-4f26-9080-e7731733c41c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Bbf_MFJ4IAMFo0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6407ad2d-472f7a32073a686734574add;Sampled=0
x-amzn-remapped-date: Tue, 07 Mar 2023 21:31:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: KyE71dsl8UY18UIYcl-CI7cOVjDoCi7BouzqrjQuzNFbZDA2XFl68Q==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 cca7d60248a961ff8fc8c5640024b652.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Mar 2023 21:53:21 GMT
etag: "ac3209fb137ca7109853c80d937c2a92d3c062c6"
content-type: image/jpeg
age: 73046
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.dcocsp.cn/

47.246.44.225

200 OK

471 B

URL HTTP/1.1
ocsp.dcocsp.cn/
IP
47.246.44.225:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
8be45d6eadd66b2c2f391e7fccc2129b
c2ab479b13c7896d87c9264add0674d028d8b3a1
a824cc23c348d7309a60c1897ab0821a2fc72644f2cf0db10b16dfde712f3a48

HTTP Headers

POST / HTTP/1.1
Host: ocsp.dcocsp.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Wed, 08 Mar 2023 18:06:58 GMT
Last-Modified: Wed, 08 Mar 2023 00:25:18 GMT
ETag: "6407d5ee-1d7"
Expires: Fri, 10 Mar 2023 00:25:18 GMT
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1678298818
Via: cache21.l2de2[0,0,304-0,H], cache25.l2de2[0,0], cache3.se1[0,0,200-0,H], cache3.se1[1,0]
Age: 229
X-Cache: HIT TCP_MEM_HIT dirn:1:169875499
X-Swift-SaveTime: Wed, 08 Mar 2023 18:07:05 GMT
X-Swift-CacheTime: 3593
Timing-Allow-Origin: *
EagleId: 2ff62c9716782990478191850e

www.made-in-china.com/faw-store.html

104.18.31.240

200 OK

29 kB

URL HTTP/2
www.made-in-china.com/faw-store.html
IP
104.18.31.240:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (62054), with CRLF line terminators
Size
29 kB (28629 bytes)
Hash
b379c942df470c025c74d289a4ed1f34
bfd18b84cc9929c9185d9b1106eae66a7f4575c8
50f259df0d1aecee53ca74e24320c33e9c7f59a6fbcb11e1e23c4cc4cc59a22e

HTTP Headers

GET /faw-store.html HTTP/1.1
Host: www.made-in-china.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.tsg.com.vn/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 08 Mar 2023 18:10:47 GMT
content-type: text/html
last-modified: Thu, 28 Oct 2021 09:16:24 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 36499
expires: Wed, 08 Mar 2023 22:10:47 GMT
cache-control: public, max-age=14400
set-cookie: __cf_bm=xtiFrRvmNExAzbdpoGdyMFAhOOWQTsNESJIKDAj7QLM-1678299047-0-AfkYaduvGoq4BJR1W6NBX/CXKzA9LN7sMVZqe+4lymCanerQo0a//7yKxee6a7O7Q7zpqDSJ+1Y9w0aqDCsqS+8=; path=/; expires=Wed, 08-Mar-23 18:40:47 GMT; domain=.made-in-china.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a4d09791e4ab529-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9f963ad6104c08b0403759ec22008ace
7e2bf8de614c2b589093f5d90366d0b85ad989e4
a01488f649fa48674fc21cc847f180dbb70631c1338c8daf93b4e564fd868830

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Mar 2023 18:10:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-T39J99&r=1634120031144

142.250.74.168

200 OK

86 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-T39J99&r=1634120031144
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text, with very long lines (36974)
Size
86 kB (85950 bytes)
Hash
04ab4815fce789c1b11e950c0bca657d
8ce694c27d7565c726bf1aa8f7bf184c43341e15
e8a08a0b706808574acc7054d480ba8cd223d6ad9cbbf145bd82e6d7eafdede1

HTTP Headers

GET /gtm.js?id=GTM-T39J99&r=1634120031144 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tsg.com.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 Mar 2023 18:10:47 GMT
expires: Wed, 08 Mar 2023 18:10:47 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85950
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9f963ad6104c08b0403759ec22008ace
7e2bf8de614c2b589093f5d90366d0b85ad989e4
a01488f649fa48674fc21cc847f180dbb70631c1338c8daf93b4e564fd868830

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Mar 2023 18:10:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.micstatic.com/common/js/business/global/sensors_track.js?r=1634120031144&r=1634120031144

104.18.21.229

200 OK

9.5 kB

URL HTTP/1.1
www.micstatic.com/common/js/business/global/sensors_track.js?r=1634120031144&r=1634120031144
IP
104.18.21.229:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (42866)
Size
9.5 kB (9504 bytes)
Hash
4d6ce72ad9695254146290e6cedfa7b4
7111482b0f4386dcf9fef4cdbfe23deabcdc3094
5785808818423e9b15a9284c925cd8484e604709808d875a4dd1e1ea7bce4387

HTTP Headers

GET /common/js/business/global/sensors_track.js?r=1634120031144&r=1634120031144 HTTP/1.1
Host: www.micstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tsg.com.vn/

HTTP/1.1 200 OK
Date: Wed, 08 Mar 2023 18:10:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 19 Nov 2021 07:38:32 GMT
ETag: W/"61975478-a860"
Expires: Sat, 05 Mar 2033 18:10:48 GMT
Cache-Control: public, max-age=315360000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
CF-Cache-Status: HIT
Set-Cookie: __cf_bm=fhU0cIM5fwiVxKGAD3cMRxP8PpVp3U9vFjaewTMwJnA-1678299048-0-ASeELWpUIOIoA/OtEdofdC+FqfMSIdBCjx59guCdkkWXwger5wAjsPABGHAu+ZpUfuVvqskBTypUoIGdrebl/eg=; path=/; expires=Wed, 08-Mar-23 18:40:48 GMT; domain=.micstatic.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a4d097aae31b4fa-OSL

fa.micstatic.com/probe/map.gif?v=211112&t=a&d=%7Bpub%3A%7Bpuid%3A%221gr16m9cf399%22%2Clinkid%3A%221gr16m9cf399%22%2Curl%3A%22www.tsg.com.vn%252F%2540%2540%2540%252F%22%2Creferrer%3A%22%22%2Cpdr%3A%221%22%2Ctz%3A%220%22%2Clan%3A%22en-US%22%2Cbn%3A%22Firefox%22%2Cnv%3A%22105.0%22%2Con%3A%22Windows%22%2Cov%3A%2210%22%7D%2Ccookies%3A%7B%7D%2Ccore%3A%7Ba%3A%22-1%22%2Cb%3A%221%22%2Cc%3A%22242%22%2Cd%3A%221%22%2Ce%3A%22256%22%2Cf%3A%221%22%2Cst%3A%22-1%22%2Cg%3A%221342%22%2Ch%3A%222177%22%2Ci%3A%221860%22%2Cj%3A%22-1%22%2Cl%3A%2222%22%2Co%3A%220%22%2Clcp%3A%22-1%22%2Cfcp%3A%221361%22%2Cm%3A%220%22%2Ck%3A%222672%22%2Cp%3A%220%22%2Cx%3A%7B%7D%2Cs%3A%221280*1024%7C1280*939%22%7D%7D

104.18.25.206

204 No Content

0 B

URL HTTP/1.1
fa.micstatic.com/probe/map.gif?v=211112&t=a&d=%7Bpub%3A%7Bpuid%3A%221gr16m9cf399%22%2Clinkid%3A%221gr16m9cf399%22%2Curl%3A%22www.tsg.com.vn%252F%2540%2540%2540%252F%22%2Creferrer%3A%22%22%2Cpdr%3A%221%22%2Ctz%3A%220%22%2Clan%3A%22en-US%22%2Cbn%3A%22Firefox%22%2Cnv%3A%22105.0%22%2Con%3A%22Windows%22%2Cov%3A%2210%22%7D%2Ccookies%3A%7B%7D%2Ccore%3A%7Ba%3A%22-1%22%2Cb%3A%221%22%2Cc%3A%22242%22%2Cd%3A%221%22%2Ce%3A%22256%22%2Cf%3A%221%22%2Cst%3A%22-1%22%2Cg%3A%221342%22%2Ch%3A%222177%22%2Ci%3A%221860%22%2Cj%3A%22-1%22%2Cl%3A%2222%22%2Co%3A%220%22%2Clcp%3A%22-1%22%2Cfcp%3A%221361%22%2Cm%3A%220%22%2Ck%3A%222672%22%2Cp%3A%220%22%2Cx%3A%7B%7D%2Cs%3A%221280*1024%7C1280*939%22%7D%7D
IP
104.18.25.206:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /probe/map.gif?v=211112&t=a&d=%7Bpub%3A%7Bpuid%3A%221gr16m9cf399%22%2Clinkid%3A%221gr16m9cf399%22%2Curl%3A%22www.tsg.com.vn%252F%2540%2540%2540%252F%22%2Creferrer%3A%22%22%2Cpdr%3A%221%22%2Ctz%3A%220%22%2Clan%3A%22en-US%22%2Cbn%3A%22Firefox%22%2Cnv%3A%22105.0%22%2Con%3A%22Windows%22%2Cov%3A%2210%22%7D%2Ccookies%3A%7B%7D%2Ccore%3A%7Ba%3A%22-1%22%2Cb%3A%221%22%2Cc%3A%22242%22%2Cd%3A%221%22%2Ce%3A%22256%22%2Cf%3A%221%22%2Cst%3A%22-1%22%2Cg%3A%221342%22%2Ch%3A%222177%22%2Ci%3A%221860%22%2Cj%3A%22-1%22%2Cl%3A%2222%22%2Co%3A%220%22%2Clcp%3A%22-1%22%2Cfcp%3A%221361%22%2Cm%3A%220%22%2Ck%3A%222672%22%2Cp%3A%220%22%2Cx%3A%7B%7D%2Cs%3A%221280*1024%7C1280*939%22%7D%7D HTTP/1.1
Host: fa.micstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tsg.com.vn/

HTTP/1.1 204 No Content
Date: Wed, 08 Mar 2023 18:10:48 GMT
Connection: keep-alive
Timing-Allow-Origin: *, *
Origin-Agent-Cluster: ?0, ?0
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a4d097a8ff0b4ed-OSL

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
b6226f8474f583cf4df5f3542713463e
9073adfc25e047a98e3c77eb63baa0382ea25ae3
81a6eb4a2ba3f0d4e787164fb67561f815b0c1831c92c2b43c5f387aa21eaad8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4741
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Mar 2023 18:10:48 GMT
Last-Modified: Wed, 08 Mar 2023 16:51:47 GMT
Server: ECAcc (ska/F7AF)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
85a531e4ef4dd61d28516a0667448af9
7dc463a21584d29e2ff5f6767ee5e9beb0caf56c
2599274c079469bb7efe1809d620a63c1b0dd844fda3b9584795aecaaf236131

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Mar 2023 18:10:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/analytics.js

216.58.211.14

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
216.58.211.14:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tsg.com.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Wed, 08 Mar 2023 16:12:30 GMT
expires: Wed, 08 Mar 2023 18:12:30 GMT
cache-control: public, max-age=7200
age: 7098
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

104.18.25.206

200 OK

43 B

URL HTTP/2
fa.micstatic.com/sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4NmMyNmIyN2MyNTAtMDlmN2I5MGQ1NzFiZDg4LWM1MDU0MjUtMTMxMDcyMC0xODZjMjZiMjdjMzM1ZCIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIn0sInByb3BlcnRpZXMiOnsiJGZpcnN0X3Zpc2l0X3RpbWUiOiIyMDIzLTAzLTA4IDE4OjEwOjQ3Ljg4MyIsIiRmaXJzdF9yZWZlcnJlciI6IiIsIiRmaXJzdF9icm93c2VyX2xhbmd1YWdlIjoiZW4tVVMiLCIkZmlyc3RfYnJvd3Nlcl9jaGFyc2V0IjoiR0JLIiwiJGZpcnN0X3RyYWZmaWNfc291cmNlX3R5cGUiOiLpkKnlrZjluLTlqLTkvoDlmboiLCIkZmlyc3Rfc2VhcmNoX2tleXdvcmQiOiLpj4jugYTlvYfpjZLmnb%2Figqzns63pkKnlrZjluLTpjrXmkrPntJEifSwiYW5vbnltb3VzX2lkIjoiMTg2YzI2YjI3YzI1MC0wOWY3YjkwZDU3MWJkODgtYzUwNTQyNS0xMzEwNzIwLTE4NmMyNmIyN2MzMzVkIiwidHlwZSI6InByb2ZpbGVfc2V0X29uY2UiLCJfdHJhY2tfaWQiOjM1Nzc3ODg0fQ%3D%3D&ext=crc%3D30991045
IP
104.18.25.206:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4NmMyNmIyN2MyNTAtMDlmN2I5MGQ1NzFiZDg4LWM1MDU0MjUtMTMxMDcyMC0xODZjMjZiMjdjMzM1ZCIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIn0sInByb3BlcnRpZXMiOnsiJGZpcnN0X3Zpc2l0X3RpbWUiOiIyMDIzLTAzLTA4IDE4OjEwOjQ3Ljg4MyIsIiRmaXJzdF9yZWZlcnJlciI6IiIsIiRmaXJzdF9icm93c2VyX2xhbmd1YWdlIjoiZW4tVVMiLCIkZmlyc3RfYnJvd3Nlcl9jaGFyc2V0IjoiR0JLIiwiJGZpcnN0X3RyYWZmaWNfc291cmNlX3R5cGUiOiLpkKnlrZjluLTlqLTkvoDlmboiLCIkZmlyc3Rfc2VhcmNoX2tleXdvcmQiOiLpj4jugYTlvYfpjZLmnb%2Figqzns63pkKnlrZjluLTpjrXmkrPntJEifSwiYW5vbnltb3VzX2lkIjoiMTg2YzI2YjI3YzI1MC0wOWY3YjkwZDU3MWJkODgtYzUwNTQyNS0xMzEwNzIwLTE4NmMyNmIyN2MzMzVkIiwidHlwZSI6InByb2ZpbGVfc2V0X29uY2UiLCJfdHJhY2tfaWQiOjM1Nzc3ODg0fQ%3D%3D&ext=crc%3D30991045 HTTP/1.1
Host: fa.micstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tsg.com.vn/
Cookie: __cf_bm=vNTLDlHQ2YxVd03_BoUtGAwTQCNT0eneZJX0dHR.e8s-1678299046-0-AYr4UTXXB6N5VYCXU9m+bopVft5NcBwLClbl57AqPriNJK9rtfMQMIEL9ZiP3xwQNi0uM0yoS9VXih3Deit5BXw=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 08 Mar 2023 18:10:48 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 28 Sep 1970 05:00:00 GMT
timing-allow-origin: *
origin-agent-cluster: ?0
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7a4d097aabe8b4eb-OSL
X-Firefox-Spdy: h2

bat.bing.com/bat.js

204.79.197.200

200 OK

12 kB

URL HTTP/2
bat.bing.com/bat.js
IP
204.79.197.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (40607), with no line terminators
Size
12 kB (11894 bytes)
Hash
04651bf0c51742f9007b1ae2b4486dee
6ffc71fcb5db1cf0283b60150a62f2c219ac3dbd
5d7392c44731e52810337eb1a3eb3ae1ffab31b8f8d55daba20d658701604666

HTTP Headers

GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tsg.com.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11894
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 16 Feb 2023 18:31:53 GMT
accept-ranges: bytes
etag: "8072cff03442d91:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: ED9883EB59AB46399FF37AEA865AD331 Ref B: OSL30EDGE0411 Ref C: 2023-03-08T18:10:48Z
date: Wed, 08 Mar 2023 18:10:48 GMT
X-Firefox-Spdy: h2

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

28 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
28 kB (27907 bytes)
Hash
43d943c7499b27a8ef3972fa070f6756
59303c79335aa0a9f529c0f6166f99c3e650088c
96ab29f531694f1b8e5d2f031e16581fe1052636fb32c5cd96d55b824d6539b2

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tsg.com.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: sfAN4PPatdc6BP8zTqPYsYWWjZgJAU6vjfvrBG3/m2t65IDG5XTeRTVVfWz+Xjiod6uEV5g/jd4znAvMn6Uexw==
priority: u=3,i
content-length: 27907
x-fb-trip-id: 1904183273
date: Wed, 08 Mar 2023 18:10:48 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
44885f353f97b2b5b078bd0cb9b870ec
5ad40953fedf5952aa471ec53b75bed059dab9ef
9efa66f7c9fff4b46d4fb258a26758b71a861c21451ae55eeb09823f912d1468

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Mar 2023 18:10:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

googleads.g.doubleclick.net/pagead/viewthroughconversion/731984560/?random=1678299048061&cv=11&fst=1678299048061&bg=ffffff&guid=ON&async=1&gtm=45He3360&u_w=1280&u_h=1024&label=v7ktCOKJmaMBELDlhN0C&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.tsg.com.vn%2F%40%40%40%2F&tiba=Messages%20%7C%20Made%20ln%20Chlna&auid=184139041.1678299048&rfmt=3&fmt=4

142.250.74.98

200 OK

1.2 kB

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/731984560/?random=1678299048061&cv=11&fst=1678299048061&bg=ffffff&guid=ON&async=1&gtm=45He3360&u_w=1280&u_h=1024&label=v7ktCOKJmaMBELDlhN0C&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.tsg.com.vn%2F%40%40%40%2F&tiba=Messages%20%7C%20Made%20ln%20Chlna&auid=184139041.1678299048&rfmt=3&fmt=4
IP
142.250.74.98:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2598), with no line terminators
Size
1.2 kB (1244 bytes)
Hash
dccdeac99a6566225f9a23cdc1ee3c6e
06ea06fb772f50e42823672f5c20f2d8459000bd
cd0e6d2a081a8c14653db8bec89e2bbe5ea6216eec69936756f34e275d3a331e

HTTP Headers

GET /pagead/viewthroughconversion/731984560/?random=1678299048061&cv=11&fst=1678299048061&bg=ffffff&guid=ON&async=1&gtm=45He3360&u_w=1280&u_h=1024&label=v7ktCOKJmaMBELDlhN0C&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.tsg.com.vn%2F%40%40%40%2F&tiba=Messages%20%7C%20Made%20ln%20Chlna&auid=184139041.1678299048&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tsg.com.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 18:10:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1244
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 08-Mar-2023 18:25:48 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
b6226f8474f583cf4df5f3542713463e
9073adfc25e047a98e3c77eb63baa0382ea25ae3
81a6eb4a2ba3f0d4e787164fb67561f815b0c1831c92c2b43c5f387aa21eaad8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4717
Cache-Control: max-age=132271
Content-Type: application/ocsp-response
Date: Wed, 08 Mar 2023 18:10:48 GMT
Etag: "64081eea-1d7"
Expires: Fri, 10 Mar 2023 06:55:19 GMT
Last-Modified: Wed, 08 Mar 2023 05:36:42 GMT
Server: ECAcc (ska/F757)
X-Cache: HIT
Content-Length: 471

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VEFCZRQMG4&cid=1877156171.1678299048&gtm=45je3360&aip=1&z=286421924

216.58.207.227

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VEFCZRQMG4&cid=1877156171.1678299048&gtm=45je3360&aip=1&z=286421924
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VEFCZRQMG4&cid=1877156171.1678299048&gtm=45je3360&aip=1&z=286421924 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tsg.com.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 18:10:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
85a531e4ef4dd61d28516a0667448af9
7dc463a21584d29e2ff5f6767ee5e9beb0caf56c
2599274c079469bb7efe1809d620a63c1b0dd844fda3b9584795aecaaf236131

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Mar 2023 18:10:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2f4b1d05923c4a89bb81dbb736b22864
c50c631807f9ad77adeb0a5213fe88c3ac759cc2
6b0144c74ac66866ac253833c768a2f797d75a0538c44b960727d432f46f4bc4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Mar 2023 18:10:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fa.micstatic.com/sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4NmMyNmIyN2MyNTAtMDlmN2I5MGQ1NzFiZDg4LWM1MDU0MjUtMTMxMDcyMC0xODZjMjZiMjdjMzM1ZCIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIn0sInByb3BlcnRpZXMiOnsiJHRpbWV6b25lX29mZnNldCI6MCwiJHNjcmVlbl9oZWlnaHQiOjEwMjQsIiRzY3JlZW5fd2lkdGgiOjEyODAsIiRsaWIiOiJqcyIsIiRsaWJfdmVyc2lvbiI6IjEuMTUuMTMiLCIkbGF0ZXN0X3RyYWZmaWNfc291cmNlX3R5cGUiOiLpkKnlrZjluLTlqLTkvoDlmboiLCIkbGF0ZXN0X3NlYXJjaF9rZXl3b3JkIjoi6Y%2BI7oGE5b2H6Y2S5p2%2F4oKs57Ot6ZCp5a2Y5bi06Y615pKz57SRIiwiJGxhdGVzdF9yZWZlcnJlciI6IiIsInB2X2lkIjoiMWdyMTZtOTN2OTNjIiwicGxhdGZvcm1fdHlwZSI6IjEiLCJsYW5ndWFnZSI6IjEiLCJsb2dpbl9pZCI6IiIsIiRyZWZlcnJlciI6IiIsIiR1cmwiOiJodHRwOi8vd3d3LnRzZy5jb20udm4vQEBALyIsIiR1cmxfcGF0aCI6Ii9AQEAvIiwiJHRpdGxlIjoiTWVzc2FnZXMgfCBNYWRlIGxuIENobG5hIiwiJGlzX2ZpcnN0X2RheSI6dHJ1ZSwiJGlzX2ZpcnN0X3RpbWUiOnRydWUsIiRyZWZlcnJlcl9ob3N0IjoiIiwiJGxhdGVzdF9yZWZlcnJlcl9ob3N0IjoiIn0sImFub255bW91c19pZCI6IjE4NmMyNmIyN2MyNTAtMDlmN2I5MGQ1NzFiZDg4LWM1MDU0MjUtMTMxMDcyMC0xODZjMjZiMjdjMzM1ZCIsInR5cGUiOiJ0cmFjayIsImV2ZW50IjoiJHBhZ2V2aWV3IiwiX3RyYWNrX2lkIjo3MDYxNjc4ODZ9&ext=crc%3D324505363

104.18.25.206

200 OK

43 B

URL HTTP/2
fa.micstatic.com/sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4NmMyNmIyN2MyNTAtMDlmN2I5MGQ1NzFiZDg4LWM1MDU0MjUtMTMxMDcyMC0xODZjMjZiMjdjMzM1ZCIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIn0sInByb3BlcnRpZXMiOnsiJHRpbWV6b25lX29mZnNldCI6MCwiJHNjcmVlbl9oZWlnaHQiOjEwMjQsIiRzY3JlZW5fd2lkdGgiOjEyODAsIiRsaWIiOiJqcyIsIiRsaWJfdmVyc2lvbiI6IjEuMTUuMTMiLCIkbGF0ZXN0X3RyYWZmaWNfc291cmNlX3R5cGUiOiLpkKnlrZjluLTlqLTkvoDlmboiLCIkbGF0ZXN0X3NlYXJjaF9rZXl3b3JkIjoi6Y%2BI7oGE5b2H6Y2S5p2%2F4oKs57Ot6ZCp5a2Y5bi06Y615pKz57SRIiwiJGxhdGVzdF9yZWZlcnJlciI6IiIsInB2X2lkIjoiMWdyMTZtOTN2OTNjIiwicGxhdGZvcm1fdHlwZSI6IjEiLCJsYW5ndWFnZSI6IjEiLCJsb2dpbl9pZCI6IiIsIiRyZWZlcnJlciI6IiIsIiR1cmwiOiJodHRwOi8vd3d3LnRzZy5jb20udm4vQEBALyIsIiR1cmxfcGF0aCI6Ii9AQEAvIiwiJHRpdGxlIjoiTWVzc2FnZXMgfCBNYWRlIGxuIENobG5hIiwiJGlzX2ZpcnN0X2RheSI6dHJ1ZSwiJGlzX2ZpcnN0X3RpbWUiOnRydWUsIiRyZWZlcnJlcl9ob3N0IjoiIiwiJGxhdGVzdF9yZWZlcnJlcl9ob3N0IjoiIn0sImFub255bW91c19pZCI6IjE4NmMyNmIyN2MyNTAtMDlmN2I5MGQ1NzFiZDg4LWM1MDU0MjUtMTMxMDcyMC0xODZjMjZiMjdjMzM1ZCIsInR5cGUiOiJ0cmFjayIsImV2ZW50IjoiJHBhZ2V2aWV3IiwiX3RyYWNrX2lkIjo3MDYxNjc4ODZ9&ext=crc%3D324505363
IP
104.18.25.206:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4NmMyNmIyN2MyNTAtMDlmN2I5MGQ1NzFiZDg4LWM1MDU0MjUtMTMxMDcyMC0xODZjMjZiMjdjMzM1ZCIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIn0sInByb3BlcnRpZXMiOnsiJHRpbWV6b25lX29mZnNldCI6MCwiJHNjcmVlbl9oZWlnaHQiOjEwMjQsIiRzY3JlZW5fd2lkdGgiOjEyODAsIiRsaWIiOiJqcyIsIiRsaWJfdmVyc2lvbiI6IjEuMTUuMTMiLCIkbGF0ZXN0X3RyYWZmaWNfc291cmNlX3R5cGUiOiLpkKnlrZjluLTlqLTkvoDlmboiLCIkbGF0ZXN0X3NlYXJjaF9rZXl3b3JkIjoi6Y%2BI7oGE5b2H6Y2S5p2%2F4oKs57Ot6ZCp5a2Y5bi06Y615pKz57SRIiwiJGxhdGVzdF9yZWZlcnJlciI6IiIsInB2X2lkIjoiMWdyMTZtOTN2OTNjIiwicGxhdGZvcm1fdHlwZSI6IjEiLCJsYW5ndWFnZSI6IjEiLCJsb2dpbl9pZCI6IiIsIiRyZWZlcnJlciI6IiIsIiR1cmwiOiJodHRwOi8vd3d3LnRzZy5jb20udm4vQEBALyIsIiR1cmxfcGF0aCI6Ii9AQEAvIiwiJHRpdGxlIjoiTWVzc2FnZXMgfCBNYWRlIGxuIENobG5hIiwiJGlzX2ZpcnN0X2RheSI6dHJ1ZSwiJGlzX2ZpcnN0X3RpbWUiOnRydWUsIiRyZWZlcnJlcl9ob3N0IjoiIiwiJGxhdGVzdF9yZWZlcnJlcl9ob3N0IjoiIn0sImFub255bW91c19pZCI6IjE4NmMyNmIyN2MyNTAtMDlmN2I5MGQ1NzFiZDg4LWM1MDU0MjUtMTMxMDcyMC0xODZjMjZiMjdjMzM1ZCIsInR5cGUiOiJ0cmFjayIsImV2ZW50IjoiJHBhZ2V2aWV3IiwiX3RyYWNrX2lkIjo3MDYxNjc4ODZ9&ext=crc%3D324505363 HTTP/1.1
Host: fa.micstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tsg.com.vn/
Cookie: __cf_bm=vNTLDlHQ2YxVd03_BoUtGAwTQCNT0eneZJX0dHR.e8s-1678299046-0-AYr4UTXXB6N5VYCXU9m+bopVft5NcBwLClbl57AqPriNJK9rtfMQMIEL9ZiP3xwQNi0uM0yoS9VXih3Deit5BXw=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 08 Mar 2023 18:10:48 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 28 Sep 1970 05:00:00 GMT
timing-allow-origin: *
origin-agent-cluster: ?0
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7a4d097bada0b4eb-OSL
X-Firefox-Spdy: h2

bat.bing.com/p/action/13001299.js

204.79.197.200

204 No Content

0 B

URL HTTP/2
bat.bing.com/p/action/13001299.js
IP
204.79.197.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p/action/13001299.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tsg.com.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B0BC8019BE9A44C293B5909270D5BE8F Ref B: OSL30EDGE0411 Ref C: 2023-03-08T18:10:48Z
date: Wed, 08 Mar 2023 18:10:48 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7c0630ecdef38ec519b770dc32deb486
105287a0c11b44879b4cbc75c96852f3161f8ed7
8b35076687a58f4a6e3f83c543b209382fcec9204fa4563b3dbd23ed8efb4841

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Mar 2023 18:10:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/pagead/1p-user-list/731984560/?random=1678299048061&cv=11&fst=1678298400000&bg=ffffff&guid=ON&async=1&gtm=45He3360&u_w=1280&u_h=1024&label=v7ktCOKJmaMBELDlhN0C&frm=0&url=http%3A%2F%2Fwww.tsg.com.vn%2F%40%40%40%2F&tiba=Messages%20%7C%20Made%20ln%20Chlna&fmt=3&is_vtc=1&random=243359909&rmt_tld=0&ipr=y

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/731984560/?random=1678299048061&cv=11&fst=1678298400000&bg=ffffff&guid=ON&async=1&gtm=45He3360&u_w=1280&u_h=1024&label=v7ktCOKJmaMBELDlhN0C&frm=0&url=http%3A%2F%2Fwww.tsg.com.vn%2F%40%40%40%2F&tiba=Messages%20%7C%20Made%20ln%20Chlna&fmt=3&is_vtc=1&random=243359909&rmt_tld=0&ipr=y
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/731984560/?random=1678299048061&cv=11&fst=1678298400000&bg=ffffff&guid=ON&async=1&gtm=45He3360&u_w=1280&u_h=1024&label=v7ktCOKJmaMBELDlhN0C&frm=0&url=http%3A%2F%2Fwww.tsg.com.vn%2F%40%40%40%2F&tiba=Messages%20%7C%20Made%20ln%20Chlna&fmt=3&is_vtc=1&random=243359909&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tsg.com.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 18:10:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

bat.bing.com/action/0?ti=13001299&tm=gtm002&Ver=2&mid=8b863624-8706-4355-ae8d-1fa199f37a32&sid=8da5eba0bddc11ed8af21f9b3b97d2eb&vid=8da5cc80bddc11edbdb609442bb1779f&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Messages%20%7C%20Made%20ln%20Chlna&p=http%3A%2F%2Fwww.tsg.com.vn%2F%40%40%40%2F&r=&lt=2674&evt=pageLoad&sv=1&rn=663198

204.79.197.200

204 No Content

0 B

URL HTTP/2
bat.bing.com/action/0?ti=13001299&tm=gtm002&Ver=2&mid=8b863624-8706-4355-ae8d-1fa199f37a32&sid=8da5eba0bddc11ed8af21f9b3b97d2eb&vid=8da5cc80bddc11edbdb609442bb1779f&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Messages%20%7C%20Made%20ln%20Chlna&p=http%3A%2F%2Fwww.tsg.com.vn%2F%40%40%40%2F&r=&lt=2674&evt=pageLoad&sv=1&rn=663198
IP
204.79.197.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /action/0?ti=13001299&tm=gtm002&Ver=2&mid=8b863624-8706-4355-ae8d-1fa199f37a32&sid=8da5eba0bddc11ed8af21f9b3b97d2eb&vid=8da5cc80bddc11edbdb609442bb1779f&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Messages%20%7C%20Made%20ln%20Chlna&p=http%3A%2F%2Fwww.tsg.com.vn%2F%40%40%40%2F&r=&lt=2674&evt=pageLoad&sv=1&rn=663198 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tsg.com.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=35656F8CAA1668A600A87D42AB416938; domain=.bing.com; expires=Mon, 01-Apr-2024 18:10:48 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EC7443A04FCC4B0D997B2E1BD0DC7F40 Ref B: OSL30EDGE0411 Ref C: 2023-03-08T18:10:48Z
date: Wed, 08 Mar 2023 18:10:48 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
67d83f0e5482150466664de83964e2ab
849e3f29ac9ea5689a51170f8bd9038b4ca29833
bf51a0eb35fa2a43f2981bf849f154a1f9e68ea0cbb00f9a578440e7024fae90

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Mar 2023 18:10:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

region1.analytics.google.com/g/collect?v=2&tid=G-VEFCZRQMG4&gtm=45je3360&_p=1475317821&_gaz=1&cid=1877156171.1678299048&ul=en-us&sr=1280x1024&_eu=BA&_s=1&sid=1678299048&sct=1&seg=0&dl=http%3A%2F%2Fwww.tsg.com.vn%2F%40%40%40%2F&dt=Messages%20%7C%20Made%20ln%20Chlna&en=page_view&_fv=1&_ss=1&ep.Page_Hostname=www.tsg.com.vn&ep.page_URL=http%3A%2F%2Fwww.tsg.com.vn%2F%40%40%40%2F

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-VEFCZRQMG4&gtm=45je3360&_p=1475317821&_gaz=1&cid=1877156171.1678299048&ul=en-us&sr=1280x1024&_eu=BA&_s=1&sid=1678299048&sct=1&seg=0&dl=http%3A%2F%2Fwww.tsg.com.vn%2F%40%40%40%2F&dt=Messages%20%7C%20Made%20ln%20Chlna&en=page_view&_fv=1&_ss=1&ep.Page_Hostname=www.tsg.com.vn&ep.page_URL=http%3A%2F%2Fwww.tsg.com.vn%2F%40%40%40%2F
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-VEFCZRQMG4&gtm=45je3360&_p=1475317821&_gaz=1&cid=1877156171.1678299048&ul=en-us&sr=1280x1024&_eu=BA&_s=1&sid=1678299048&sct=1&seg=0&dl=http%3A%2F%2Fwww.tsg.com.vn%2F%40%40%40%2F&dt=Messages%20%7C%20Made%20ln%20Chlna&en=page_view&_fv=1&_ss=1&ep.Page_Hostname=www.tsg.com.vn&ep.page_URL=http%3A%2F%2Fwww.tsg.com.vn%2F%40%40%40%2F HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.tsg.com.vn
Connection: keep-alive
Referer: http://www.tsg.com.vn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: http://www.tsg.com.vn
date: Wed, 08 Mar 2023 18:10:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
67d83f0e5482150466664de83964e2ab
849e3f29ac9ea5689a51170f8bd9038b4ca29833
bf51a0eb35fa2a43f2981bf849f154a1f9e68ea0cbb00f9a578440e7024fae90

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Mar 2023 18:10:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fa.micstatic.com/sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4NmMyNmIyN2MyNTAtMDlmN2I5MGQ1NzFiZDg4LWM1MDU0MjUtMTMxMDcyMC0xODZjMjZiMjdjMzM1ZCIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIn0sInByb3BlcnRpZXMiOnsiJHRpbWV6b25lX29mZnNldCI6MCwiJHNjcmVlbl9oZWlnaHQiOjEwMjQsIiRzY3JlZW5fd2lkdGgiOjEyODAsIiRsaWIiOiJqcyIsIiRsaWJfdmVyc2lvbiI6IjEuMTUuMTMiLCIkbGF0ZXN0X3RyYWZmaWNfc291cmNlX3R5cGUiOiLpkKnlrZjluLTlqLTkvoDlmboiLCIkbGF0ZXN0X3NlYXJjaF9rZXl3b3JkIjoi6Y%2BI7oGE5b2H6Y2S5p2%2F4oKs57Ot6ZCp5a2Y5bi06Y615pKz57SRIiwiJGxhdGVzdF9yZWZlcnJlciI6IiIsInB2X2lkIjoiMWdyMTZtOTN2OTNjIiwicGxhdGZvcm1fdHlwZSI6IjEiLCJsYW5ndWFnZSI6IjEiLCJsb2dpbl9pZCI6IiIsIiRpc19maXJzdF9kYXkiOnRydWUsIiRsYXRlc3RfcmVmZXJyZXJfaG9zdCI6IiIsIiR1cmwiOiJodHRwOi8vd3d3LnRzZy5jb20udm4vQEBALyJ9LCJhbm9ueW1vdXNfaWQiOiIxODZjMjZiMjdjMjUwLTA5ZjdiOTBkNTcxYmQ4OC1jNTA1NDI1LTEzMTA3MjAtMTg2YzI2YjI3YzMzNWQiLCJ0eXBlIjoidHJhY2siLCJldmVudCI6ImZvcm1BY3Rpb24iLCJfdHJhY2tfaWQiOjE1MjY1Nzg5NX0%3D&ext=crc%3D61550453

104.18.25.206

200 OK

43 B

URL HTTP/2
fa.micstatic.com/sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4NmMyNmIyN2MyNTAtMDlmN2I5MGQ1NzFiZDg4LWM1MDU0MjUtMTMxMDcyMC0xODZjMjZiMjdjMzM1ZCIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIn0sInByb3BlcnRpZXMiOnsiJHRpbWV6b25lX29mZnNldCI6MCwiJHNjcmVlbl9oZWlnaHQiOjEwMjQsIiRzY3JlZW5fd2lkdGgiOjEyODAsIiRsaWIiOiJqcyIsIiRsaWJfdmVyc2lvbiI6IjEuMTUuMTMiLCIkbGF0ZXN0X3RyYWZmaWNfc291cmNlX3R5cGUiOiLpkKnlrZjluLTlqLTkvoDlmboiLCIkbGF0ZXN0X3NlYXJjaF9rZXl3b3JkIjoi6Y%2BI7oGE5b2H6Y2S5p2%2F4oKs57Ot6ZCp5a2Y5bi06Y615pKz57SRIiwiJGxhdGVzdF9yZWZlcnJlciI6IiIsInB2X2lkIjoiMWdyMTZtOTN2OTNjIiwicGxhdGZvcm1fdHlwZSI6IjEiLCJsYW5ndWFnZSI6IjEiLCJsb2dpbl9pZCI6IiIsIiRpc19maXJzdF9kYXkiOnRydWUsIiRsYXRlc3RfcmVmZXJyZXJfaG9zdCI6IiIsIiR1cmwiOiJodHRwOi8vd3d3LnRzZy5jb20udm4vQEBALyJ9LCJhbm9ueW1vdXNfaWQiOiIxODZjMjZiMjdjMjUwLTA5ZjdiOTBkNTcxYmQ4OC1jNTA1NDI1LTEzMTA3MjAtMTg2YzI2YjI3YzMzNWQiLCJ0eXBlIjoidHJhY2siLCJldmVudCI6ImZvcm1BY3Rpb24iLCJfdHJhY2tfaWQiOjE1MjY1Nzg5NX0%3D&ext=crc%3D61550453
IP
104.18.25.206:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4NmMyNmIyN2MyNTAtMDlmN2I5MGQ1NzFiZDg4LWM1MDU0MjUtMTMxMDcyMC0xODZjMjZiMjdjMzM1ZCIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIn0sInByb3BlcnRpZXMiOnsiJHRpbWV6b25lX29mZnNldCI6MCwiJHNjcmVlbl9oZWlnaHQiOjEwMjQsIiRzY3JlZW5fd2lkdGgiOjEyODAsIiRsaWIiOiJqcyIsIiRsaWJfdmVyc2lvbiI6IjEuMTUuMTMiLCIkbGF0ZXN0X3RyYWZmaWNfc291cmNlX3R5cGUiOiLpkKnlrZjluLTlqLTkvoDlmboiLCIkbGF0ZXN0X3NlYXJjaF9rZXl3b3JkIjoi6Y%2BI7oGE5b2H6Y2S5p2%2F4oKs57Ot6ZCp5a2Y5bi06Y615pKz57SRIiwiJGxhdGVzdF9yZWZlcnJlciI6IiIsInB2X2lkIjoiMWdyMTZtOTN2OTNjIiwicGxhdGZvcm1fdHlwZSI6IjEiLCJsYW5ndWFnZSI6IjEiLCJsb2dpbl9pZCI6IiIsIiRpc19maXJzdF9kYXkiOnRydWUsIiRsYXRlc3RfcmVmZXJyZXJfaG9zdCI6IiIsIiR1cmwiOiJodHRwOi8vd3d3LnRzZy5jb20udm4vQEBALyJ9LCJhbm9ueW1vdXNfaWQiOiIxODZjMjZiMjdjMjUwLTA5ZjdiOTBkNTcxYmQ4OC1jNTA1NDI1LTEzMTA3MjAtMTg2YzI2YjI3YzMzNWQiLCJ0eXBlIjoidHJhY2siLCJldmVudCI6ImZvcm1BY3Rpb24iLCJfdHJhY2tfaWQiOjE1MjY1Nzg5NX0%3D&ext=crc%3D61550453 HTTP/1.1
Host: fa.micstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tsg.com.vn/
Cookie: __cf_bm=vNTLDlHQ2YxVd03_BoUtGAwTQCNT0eneZJX0dHR.e8s-1678299046-0-AYr4UTXXB6N5VYCXU9m+bopVft5NcBwLClbl57AqPriNJK9rtfMQMIEL9ZiP3xwQNi0uM0yoS9VXih3Deit5BXw=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 08 Mar 2023 18:10:48 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 28 Sep 1970 05:00:00 GMT
timing-allow-origin: *
origin-agent-cluster: ?0
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7a4d097dd9c9b4eb-OSL
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-37452587-1&cid=1877156171.1678299048&jid=1253217165&gjid=133964087&_gid=778350190.1678299049&_u=YADAAEAAAAAAACAAI~&z=117033515

209.85.233.156

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-37452587-1&cid=1877156171.1678299048&jid=1253217165&gjid=133964087&_gid=778350190.1678299049&_u=YADAAEAAAAAAACAAI~&z=117033515
IP
209.85.233.156:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-37452587-1&cid=1877156171.1678299048&jid=1253217165&gjid=133964087&_gid=778350190.1678299049&_u=YADAAEAAAAAAACAAI~&z=117033515 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.tsg.com.vn
Connection: keep-alive
Referer: http://www.tsg.com.vn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: http://www.tsg.com.vn
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 08 Mar 2023 18:10:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

stats.g.doubleclick.net/g/collect?v=2&tid=G-VEFCZRQMG4&cid=1877156171.1678299048&gtm=45je3360&aip=1

209.85.233.156

204 No Content

0 B

URL HTTP/2
stats.g.doubleclick.net/g/collect?v=2&tid=G-VEFCZRQMG4&cid=1877156171.1678299048&gtm=45je3360&aip=1
IP
209.85.233.156:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-VEFCZRQMG4&cid=1877156171.1678299048&gtm=45je3360&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.tsg.com.vn
Connection: keep-alive
Referer: http://www.tsg.com.vn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: http://www.tsg.com.vn
date: Wed, 08 Mar 2023 18:10:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
48a52c71db1114ce9b04245952aa52f9
80e1ec87b27c6911244c5577a35f64218d31bf29
39d4a042f367608960ab073a15e8de080579f2393ff46d56b0e6adfc9309eb80

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Mar 2023 18:10:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-37452587-1&cid=1877156171.1678299048&jid=1253217165&_u=YADAAEAAAAAAACAAI~&z=1485306127

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-37452587-1&cid=1877156171.1678299048&jid=1253217165&_u=YADAAEAAAAAAACAAI~&z=1485306127
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-37452587-1&cid=1877156171.1678299048&jid=1253217165&_u=YADAAEAAAAAAACAAI~&z=1485306127 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tsg.com.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 18:10:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
fcfb197416193e1858b23dfd4335919e
fd37cf1601c2f71696a2c2634eb204741af64fc8
6422d7dd8e0c6f5ca44a48000bcdfdb143592b818051d253909d29a363de4f2a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Mar 2023 18:10:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.facebook.com/tr/?id=2037053586588160&ev=PageView&dl=http%3A%2F%2Fwww.tsg.com.vn%2F%40%40%40%2F&rl=&if=false&ts=1678299049165&sw=1280&sh=1024&v=2.9.98&r=stable&ec=0&o=30&cs_est=true&fbp=fb.2.1678299049164.233245999&it=1678299048566&coo=false&rqm=GET

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=2037053586588160&ev=PageView&dl=http%3A%2F%2Fwww.tsg.com.vn%2F%40%40%40%2F&rl=&if=false&ts=1678299049165&sw=1280&sh=1024&v=2.9.98&r=stable&ec=0&o=30&cs_est=true&fbp=fb.2.1678299049164.233245999&it=1678299048566&coo=false&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=2037053586588160&ev=PageView&dl=http%3A%2F%2Fwww.tsg.com.vn%2F%40%40%40%2F&rl=&if=false&ts=1678299049165&sw=1280&sh=1024&v=2.9.98&r=stable&ec=0&o=30&cs_est=true&fbp=fb.2.1678299049164.233245999&it=1678299048566&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tsg.com.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 08 Mar 2023 18:10:49 GMT
X-Firefox-Spdy: h2

fa.micstatic.com/probe/map.gif?v=211112&t=w&d=%7Bpub%3A%7Bpuid%3A%221gr16m9cf399%22%2Clinkid%3A%221gr16m9cf399%22%2Curl%3A%22www.tsg.com.vn%252F%2540%2540%2540%252F%22%2Creferrer%3A%22%22%2Cpdr%3A%221%22%2Ctz%3A%220%22%2Clan%3A%22en-US%22%7D%2Ccore%3A%7Bw%3A%229036%22%2Crobot%3A%220%22%2Clcp%3A%22-1%22%7D%7D

104.18.25.206

204 No Content

0 B

URL HTTP/1.1
fa.micstatic.com/probe/map.gif?v=211112&t=w&d=%7Bpub%3A%7Bpuid%3A%221gr16m9cf399%22%2Clinkid%3A%221gr16m9cf399%22%2Curl%3A%22www.tsg.com.vn%252F%2540%2540%2540%252F%22%2Creferrer%3A%22%22%2Cpdr%3A%221%22%2Ctz%3A%220%22%2Clan%3A%22en-US%22%7D%2Ccore%3A%7Bw%3A%229036%22%2Crobot%3A%220%22%2Clcp%3A%22-1%22%7D%7D
IP
104.18.25.206:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /probe/map.gif?v=211112&t=w&d=%7Bpub%3A%7Bpuid%3A%221gr16m9cf399%22%2Clinkid%3A%221gr16m9cf399%22%2Curl%3A%22www.tsg.com.vn%252F%2540%2540%2540%252F%22%2Creferrer%3A%22%22%2Cpdr%3A%221%22%2Ctz%3A%220%22%2Clan%3A%22en-US%22%7D%2Ccore%3A%7Bw%3A%229036%22%2Crobot%3A%220%22%2Clcp%3A%22-1%22%7D%7D HTTP/1.1
Host: fa.micstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.tsg.com.vn/

HTTP/1.1 204 No Content
Date: Wed, 08 Mar 2023 18:10:54 GMT
Connection: keep-alive
Timing-Allow-Origin: *, *
Origin-Agent-Cluster: ?0, ?0
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a4d09a17eacb4ed-OSL

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

188.114.99.234

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
IP
188.114.99.234:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tsg.com.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 08 Mar 2023 18:10:45 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 08/04/2021 00:04:37
cdn-edgestorageid: 601
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.0
cdn-status: 200
cdn-requestid: 1a094ec5f566140ad8ed25d8ea736316
cdn-cache: HIT
cf-cache-status: HIT
age: 21342792
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7a4d096c7b17b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

188.114.99.234

200 OK

0 B

URL HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
IP
188.114.99.234:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.tsg.com.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 08 Mar 2023 18:10:45 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 11/15/2021 23:30:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: a35b0179a28ed953258d0fb41376a09c
cdn-cache: HIT
cf-cache-status: HIT
age: 21342893
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7a4d096c8b30b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (25)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML