r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3d0727e32cd103ddd4b73f28c81758aa
197a7bf43d63723fc532c23c6dced68d5cc36652
d3f75d03561d6a47d19370292e821a86e58381466f0c69386a21175de55882ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3F75D03561D6A47D19370292E821A86E58381466F0C69386A21175DE55882FF"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3228
Expires: Sat, 12 Nov 2022 06:33:07 GMT
Date: Sat, 12 Nov 2022 05:39:19 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4edf853c470fcec0ab277c78527f3c2d
de93530ce15337e671c488d9fe05e7091d4956f0
b9d7976b398b1243ff8a571ddd3975d3a1317d69101061bdb1a755b3b56620e6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6112
Cache-Control: max-age=110040
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:39:19 GMT
Etag: "636e247f-1d7"
Expires: Sun, 13 Nov 2022 12:13:19 GMT
Last-Modified: Fri, 11 Nov 2022 10:31:27 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5076aaa9f4ccd602540286ce0590cb9a
bbf7936a8413a564478971d9e19beb6338cbc869
00e3b967c579b0ccf709b78d497a43d95646b16eb50925fef1e2694c58f290b2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00E3B967C579B0CCF709B78D497A43D95646B16EB50925FEF1E2694C58F290B2"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5464
Expires: Sat, 12 Nov 2022 07:10:23 GMT
Date: Sat, 12 Nov 2022 05:39:19 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 12 Nov 2022 04:44:09 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3310
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /9VJk6JVPDLJJx28I/S8GrMKvedFKpbhmYcTNGKPtQzSEuVrp1DMmgpkbDaGdX33BnjKsnHvYnY=
x-amz-request-id: 26V1XC6SPZ3673WB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 12 Nov 2022 04:50:06 GMT
age: 2953
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 05:39:19 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Last-Modified, ETag, Alert, Backoff, Content-Type, Retry-After, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 12 Nov 2022 05:24:59 GMT
cache-control: public,max-age=3600
age: 860
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f7ff606fbc8634c858bbc04b69f55cf6
2441de2cba649239efd0dae7a878d7ef2245c0b4
95154e0dbb7e827b8f893cc141f986c29634ead618256470d753429aa65a0548
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4946
Cache-Control: max-age=103798
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:39:19 GMT
Etag: "636e10ac-1d7"
Expires: Sun, 13 Nov 2022 10:29:17 GMT
Last-Modified: Fri, 11 Nov 2022 09:06:52 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
thongtacconghanoi.net/
103.57.223.32301 Moved Permanently 0 B IP 103.57.223.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET / HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
content-type: text/html; charset=UTF-8
expires: Sat, 12 Nov 2022 06:39:19 GMT
cache-control: max-age=3600
x-redirect-by: WordPress
location: https://thongtacconghanoi.net/
content-length: 0
date: Sat, 12 Nov 2022 05:39:19 GMT
server: LiteSpeed
push.services.mozilla.com/
52.35.167.249101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.167.249:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: WpcUbYqWEvBoyCJqniD6fA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: g0zxdGdASW/IjMy4VslBd16mgcM=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d49d8456b2c8937f823430670abb4d7a
c8b1d1d1f69973ac8d9d083bb5f189da4bf9bbc1
e1edaa4f3b34cec967566b3e955ed538f308d851812a188d1637a09fbd7a146d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E1EDAA4F3B34CEC967566B3E955ED538F308D851812A188D1637A09FBD7A146D"
Last-Modified: Fri, 11 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21575
Expires: Sat, 12 Nov 2022 11:38:55 GMT
Date: Sat, 12 Nov 2022 05:39:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8180
Expires: Sat, 12 Nov 2022 07:55:41 GMT
Date: Sat, 12 Nov 2022 05:39:21 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84f5d648-d178-4f63-98ef-7a2f4504174e.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84f5d648-d178-4f63-98ef-7a2f4504174e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 93d01c3c2422df3f7994d3496069dc37
96a4243e7f538fdd4e0aec4f39b058a08a4898e9
1fbc7efb3dfb058984abf1fbe60021212ff1bca8e366f03b1752c615e5249e55
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84f5d648-d178-4f63-98ef-7a2f4504174e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7493
x-amzn-requestid: 077e815e-bbfc-472c-9d22-a9f0e7cda511
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdNDhGYvIAMFygQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec216-3a8a5a6f41b8ade53ff48dce;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:43:50 GMT
x-amz-cf-pop: YVR50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4OOiKELCGHOkACWtRl9DqyfkKqKzqa1FwNJKQ5aOq2Ivb6pDfPYLWw==
via: 1.1 feda34dcbf6a00e232656b7983c2c7f0.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:00:55 GMT
age: 27506
etag: "96a4243e7f538fdd4e0aec4f39b058a08a4898e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash faa8e3cf2ab3c1d53a1735def5bb7476
ccc1ec5ebb5090c6255dcb1e8899e95cdd91e12f
e81a8fa312ec478871427f1d04ba7fe563573c683809153f75dec8df979d6efe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6577
x-amzn-requestid: b4587cfb-6041-453c-9e74-fa35ecd31448
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMjIGHRoAMF26g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec147-29e7ec741b0e6f6f674aef75;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hsMmHIBEt_4cL455goPqDKQVQA75u4oGFbSxsGP_e_0uG7SZmSLBhQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:00:57 GMT
age: 27504
etag: "ccc1ec5ebb5090c6255dcb1e8899e95cdd91e12f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd5bdc050716bb76afe8090fc81617e7
5109c156b180727767fc03c411190ccc0d3fb5fc
9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11715
x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUHkpIAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: X3SUo1LP97TxraRav0ftskBhzWkTJInHaS44PW26yloF-dgD-bHBuA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:45:12 GMT
etag: "5109c156b180727767fc03c411190ccc0d3fb5fc"
content-type: image/jpeg
age: 28449
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facfcee70-832e-4f2d-8fc7-55d2bfff651e.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facfcee70-832e-4f2d-8fc7-55d2bfff651e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eac2ed4bece6282c8273a58a88371e2e
2d90ff66079e8ffbaaa367a6bfc08927e7cc424d
aea97fd7d90302edcb3e0c08507d682e02166e8ddd4d082fc4f5435af438594c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facfcee70-832e-4f2d-8fc7-55d2bfff651e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8633
x-amzn-requestid: 8bdfbfbb-5193-4c62-ba1b-c906f7548676
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhSEC1oAMF8tw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-39b4c2954dbc8e4c40a2c9d8;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lxrfhO5oOGvECIrlZYKsfXOTZZksAIIHAafyRM-FdRXAaBVZs5cEQA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:45:21 GMT
age: 28440
etag: "2d90ff66079e8ffbaaa367a6bfc08927e7cc424d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b650f84-0cd0-4921-bc04-f0ea0459e4d1.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b650f84-0cd0-4921-bc04-f0ea0459e4d1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 084ca839d34b15916cd2f5034440a1ef
7764777ce9a862c1590712ef33032df72edefffd
b8893d7f327f88316cb909ded7fd8f4e1809190a7da807677785bf953f6e33fb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b650f84-0cd0-4921-bc04-f0ea0459e4d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8482
x-amzn-requestid: 79e5e211-afc8-4531-b361-6f6f3386f16e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUGJsIAMF7Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-5a0ba4a93eba91c81ba3a9bc;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CxrOwBRw0YlwOnKPJZI7h7YEwOAYS3ZtFa8q2o5rDvQct6pehCAFAg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:51:43 GMT
age: 28058
etag: "7764777ce9a862c1590712ef33032df72edefffd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1c82c0c-226f-4611-8f71-7008a26329d4.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1c82c0c-226f-4611-8f71-7008a26329d4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8d11673991a9fe0eb431fa7d7d60c8a4
a5b2808681a3a5c181ca4686b2bd004cce3f9374
3fa3569b07acad3ffb2e1655ad40aacd4c1dd2738596735def18723dca6256c2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1c82c0c-226f-4611-8f71-7008a26329d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7753
x-amzn-requestid: 94f6f121-05f6-4a30-a2f8-0c889c12cfb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdNMGE_qIAMF1YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec24d-2c974fd346d2d5c83d04e4a3;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:44:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5JllMu67q1dI-gKl2lQ8-1OT38uEfvZsNpYyAo_R5a3Wz77qg6Xx1Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:15:22 GMT
etag: "a5b2808681a3a5c181ca4686b2bd004cce3f9374"
content-type: image/jpeg
age: 26639
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.6.0.min.js
69.16.175.42200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.6.0.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (65447)
Hash 899f0189aaf034bbba5340f724d91dfa
210ea9de03968edb9d839ba4a0ce2d48666a8ab8
949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 05:39:22 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1668231562.dop231.sk1.t,1668231562.cds264.sk1.hn,1668231562.cds210.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash e7dc2623cb841be51d3e8857e015d8e1
cbfdb2a7b965598de893fef89d47e17763501acf
df1fc0809a603469e6abcf1f07a13d792550d68c862f80e38c00e47e9b233a5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:39:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash e7dc2623cb841be51d3e8857e015d8e1
cbfdb2a7b965598de893fef89d47e17763501acf
df1fc0809a603469e6abcf1f07a13d792550d68c862f80e38c00e47e9b233a5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:39:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash e7dc2623cb841be51d3e8857e015d8e1
cbfdb2a7b965598de893fef89d47e17763501acf
df1fc0809a603469e6abcf1f07a13d792550d68c862f80e38c00e47e9b233a5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:39:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-119925054-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-119925054-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 9d93911a6a54b46a6c2d0ecdfa9f2c8a
a5193af80fd7516776090b88b9d2442d1e045b8a
87f3a82ccf8dd2b4ea1b0c5cf396e0544d430f497cc67fd06b412d136a26d437
GET /gtag/js?id=UA-119925054-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 12 Nov 2022 05:39:22 GMT
expires: Sat, 12 Nov 2022 05:39:22 GMT
cache-control: private, max-age=900
last-modified: Sat, 12 Nov 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43682
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-124281278-1
142.250.74.168200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-124281278-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 6ce77475155f41e40871281361130c1d
5c69b58c1eceb065c62059fc4b10b037a3911231
9742147952505504191636ca78e5a014e60688c78d8bcdf98821a38272429f7f
GET /gtag/js?id=UA-124281278-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 12 Nov 2022 05:39:22 GMT
expires: Sat, 12 Nov 2022 05:39:22 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44715
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-MRTT13P2KG
142.250.74.168200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-MRTT13P2KG
IP 142.250.74.168:0
File type ASCII text, with very long lines (21484)
Hash 37e36e8bfb35cb408bfa4f0cc436aaa6
b2629c3831c19d08528b7cc0f017ee432c5a2f24
cae66ba23c87e13ab2ac9d207825a15e80a44804b6fb1c9822845fb800b829e9
GET /gtag/js?id=G-MRTT13P2KG HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 12 Nov 2022 05:39:22 GMT
expires: Sat, 12 Nov 2022 05:39:22 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76612
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash a697ba6ff506574d260d30b1d0032857
9e7c488b26c81a8fc27585caa5e52040467062eb
39ca3171ed82f08e66d8268ef92b17d77622a53257355c6eb5ed85daaf3a9366
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 12 Nov 2022 05:39:22 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 11 Nov 2022 19:29:48 GMT
Expires: Sat, 12 Nov 2022 19:29:48 GMT
ETag: "9e7c488b26c81a8fc27585caa5e52040467062eb"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash e7dc2623cb841be51d3e8857e015d8e1
cbfdb2a7b965598de893fef89d47e17763501acf
df1fc0809a603469e6abcf1f07a13d792550d68c862f80e38c00e47e9b233a5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:39:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash a697ba6ff506574d260d30b1d0032857
9e7c488b26c81a8fc27585caa5e52040467062eb
39ca3171ed82f08e66d8268ef92b17d77622a53257355c6eb5ed85daaf3a9366
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 12 Nov 2022 05:39:22 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 11 Nov 2022 19:29:48 GMT
Expires: Sat, 12 Nov 2022 19:29:48 GMT
ETag: "9e7c488b26c81a8fc27585caa5e52040467062eb"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
images.dmca.com/Badges/_dmca_premi_badge_2.png?ID=1b79a3d7-f23d-4256-898a-e201a951ab6d
151.139.242.29200 OK 13 kB URL HTTP/2 images.dmca.com/Badges/_dmca_premi_badge_2.png?ID=1b79a3d7-f23d-4256-898a-e201a951ab6d
IP 151.139.242.29:0
File type PNG image data, 93 x 101, 8-bit/color RGBA, non-interlaced\012- data
Hash 6dccb57eee8c2aa75056c0065ebbe16a
af6556643395773c8859f35bae0c68969c836859
f58b4cb82acb74917de696ea68a5bd74155a1afbd735da15f0bcb58a1f290bd4
GET /Badges/_dmca_premi_badge_2.png?ID=1b79a3d7-f23d-4256-898a-e201a951ab6d HTTP/1.1
Host: images.dmca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 05:39:22 GMT
content-type: image/png
content-length: 12609
cache-control: max-age=2592000
etag: "7596c6af8920cc1:0"
last-modified: Wed, 01 Jun 2011 18:28:21 GMT
x-powered-by: ASP.NET
expires: Mon, 12 Dec 2022 05:39:22 GMT
access-control-allow-origin: *
link: <http://dmca-images.azurewebsites.net/Badges/_dmca_premi_badge_2.png>; rel="canonical"
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
images.dmca.com/Badges/DMCABadgeHelper.min.js
151.139.242.29200 OK 280 B URL HTTP/2 images.dmca.com/Badges/DMCABadgeHelper.min.js
IP 151.139.242.29:0
Hash 676eb336bf17b6d9ba8106a096fdd587
22d3b0769cd5aa177e723be2456b32509914fa7d
9e9dc74a53c9a60256b8d4db5b26d02599cea75d3d00e02f16bef59169477a69
GET /Badges/DMCABadgeHelper.min.js HTTP/1.1
Host: images.dmca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 05:39:22 GMT
content-type: application/javascript
content-length: 280
cache-control: max-age=2592000
etag: "26b181f16d28d51:0"
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
x-powered-by: ASP.NET
expires: Mon, 12 Dec 2022 05:38:56 GMT
access-control-allow-origin: *
link: <http://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-encoding: gzip
vary: Accept-Encoding
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/themes/theme/lib/css/bootstrap.min.css?ver=5.9.5
103.57.223.32200 OK 21 kB URL HTTP/2 thongtacconghanoi.net/wp-content/themes/theme/lib/css/bootstrap.min.css?ver=5.9.5
IP 103.57.223.32:0
File type ASCII text, with very long lines (65319), with CRLF line terminators
Hash 5e7789c1cad619b0886e7037e9704249
acc1f56baa02a7e3067bbecefe1d22bfda90a047
e2fb1615a47aa353732db8a6b4673ebc47c19df570156a44edda0671bf7b6415
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/theme/lib/css/bootstrap.min.css?ver=5.9.5 HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Sat, 19 Nov 2022 05:39:22 GMT
content-type: text/css
last-modified: Sun, 15 May 2022 06:30:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 20951
date: Sat, 12 Nov 2022 05:39:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/themes/theme/lib/mobile-menu/css/mobile-menu.css?ver=5.9.5
103.57.223.32200 OK 3.3 kB URL HTTP/2 thongtacconghanoi.net/wp-content/themes/theme/lib/mobile-menu/css/mobile-menu.css?ver=5.9.5
IP 103.57.223.32:0
File type ASCII text, with very long lines (6881)
Hash 9fbd8f0120d7d2f4bcd21ad3ec487fc6
f1561aaad6b4347d0aa50eaacd4941ff7751a231
1ffc8b8e2e958482cf54c075a4734f43653d68270a2746b5e6553a86ae21a0d4
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/themes/theme/lib/mobile-menu/css/mobile-menu.css?ver=5.9.5 HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Sat, 19 Nov 2022 05:39:22 GMT
content-type: text/css
last-modified: Mon, 16 May 2022 09:25:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3342
date: Sat, 12 Nov 2022 05:39:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/themes/theme/lib/css/iconfonts/icofont.min.css?ver=5.9.5
103.57.223.32200 OK 15 kB URL HTTP/2 thongtacconghanoi.net/wp-content/themes/theme/lib/css/iconfonts/icofont.min.css?ver=5.9.5
IP 103.57.223.32:0
File type ASCII text, with very long lines (65364)
Hash 766e938a4779c3d22e4a046175c183ed
34f27cab222479e9b92f5911e61fdd52a2ec53e0
e44bae513d7526e232c590db9274ac3dac5c3ad227c598fc69902258588ed951
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/themes/theme/lib/css/iconfonts/icofont.min.css?ver=5.9.5 HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Sat, 19 Nov 2022 05:39:22 GMT
content-type: text/css
last-modified: Wed, 08 Aug 2018 23:59:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 15398
date: Sat, 12 Nov 2022 05:39:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-includes/css/dist/block-library/style.min.css?ver=5.9.5
103.57.223.32200 OK 10 kB URL HTTP/2 thongtacconghanoi.net/wp-includes/css/dist/block-library/style.min.css?ver=5.9.5
IP 103.57.223.32:0
File type ASCII text, with very long lines (39791)
Hash 3cc7696f4c8caa2b1c7acab0c2ae1515
2df12fe5d820c9c8129c9276e2bb94f9df860331
5ec052aed0f32fed1fc31c9be24e1cd03a7bcdede8ae098af3d1997fdfb51a6a
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.9.5 HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Sat, 19 Nov 2022 05:39:22 GMT
content-type: text/css
last-modified: Wed, 30 Mar 2022 11:30:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10549
date: Sat, 12 Nov 2022 05:39:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2106
103.57.223.32200 OK 378 B URL HTTP/2 thongtacconghanoi.net/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2106
IP 103.57.223.32:0
File type ASCII text, with very long lines (1156), with no line terminators
Hash a6928aa91112567cad0fa3dc87d869ee
17ea9c46787e2f18e191fd958b2e66516cbd9b02
cd486376d94277581bada0a4dbdfe75d2a4607283645a522dc346edd36838dde
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2106 HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Sat, 19 Nov 2022 05:39:22 GMT
content-type: text/css
last-modified: Mon, 08 Nov 2021 09:43:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 378
date: Sat, 12 Nov 2022 05:39:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/plugins/wpfomo/public/css/wpfomo-public.css?ver=1.1.0
103.57.223.32200 OK 379 B URL HTTP/2 thongtacconghanoi.net/wp-content/plugins/wpfomo/public/css/wpfomo-public.css?ver=1.1.0
IP 103.57.223.32:0
Hash 71ad7e024a83e1df4216377c90fe1092
a123ade63db0df59c85762d925708bd81b4c7aab
5d5dac052cc1c4e1d4aea6d31a72da64409283a802ec3c481f9cbfe1e3c08de5
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/wpfomo/public/css/wpfomo-public.css?ver=1.1.0 HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Sat, 19 Nov 2022 05:39:22 GMT
content-type: text/css
last-modified: Sat, 26 Jun 2021 04:46:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 379
date: Sat, 12 Nov 2022 05:39:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/plugins/tablepress/css/default.min.css?ver=1.14
103.57.223.32200 OK 2.0 kB URL HTTP/2 thongtacconghanoi.net/wp-content/plugins/tablepress/css/default.min.css?ver=1.14
IP 103.57.223.32:0
File type ASCII text, with very long lines (5092), with no line terminators
Hash f13e1637411c99de7b2ffd9f9a0d4556
f7b837efa8147941b89a06978a3a918c1feb90a2
19891fc9eeecce9fef6583a72ccb9f3bc2d213a67b9bc4ae481b69d2e4206ec3
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/tablepress/css/default.min.css?ver=1.14 HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Sat, 19 Nov 2022 05:39:22 GMT
content-type: text/css
last-modified: Mon, 08 Nov 2021 09:43:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2016
date: Sat, 12 Nov 2022 05:39:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/themes/theme/style.css?ver=5.9.5
103.57.223.32200 OK 9.5 kB URL HTTP/2 thongtacconghanoi.net/wp-content/themes/theme/style.css?ver=5.9.5
IP 103.57.223.32:0
File type ASCII text, with very long lines (1958)
Hash 23270c428dbc28582e574233598df2bd
b1141ed1add2af6651be32c2dea4eb7721b01005
8316ee19ab27711e61b65989c201199df8adfadec4ecb69d035d38773c7a9cea
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/themes/theme/style.css?ver=5.9.5 HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Sat, 19 Nov 2022 05:39:22 GMT
content-type: text/css
last-modified: Mon, 03 Oct 2022 01:53:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9517
date: Sat, 12 Nov 2022 05:39:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/plugins/master-slider/public/assets/css/masterslider.main.css?ver=3.8.1
103.57.223.32200 OK 7.2 kB URL HTTP/2 thongtacconghanoi.net/wp-content/plugins/master-slider/public/assets/css/masterslider.main.css?ver=3.8.1
IP 103.57.223.32:0
Hash 9198b69f1c797995b1422abd2d25bf80
f1d3d7fc52cca7231546f0b562537e37f7b15085
983f7ee1b8f86bc7b222dac26ec8af7b397b76a777b8a3786b34393a5cd5c0e3
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/master-slider/public/assets/css/masterslider.main.css?ver=3.8.1 HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Sat, 19 Nov 2022 05:39:22 GMT
content-type: text/css
last-modified: Tue, 10 May 2022 00:51:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7160
date: Sat, 12 Nov 2022 05:39:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/uploads/master-slider/custom.css?ver=6.3
103.57.223.32200 OK 144 B URL HTTP/2 thongtacconghanoi.net/wp-content/uploads/master-slider/custom.css?ver=6.3
IP 103.57.223.32:0
Hash 732bccefa1c9b0ccd16e7e991d35d128
708f3840b4add97d705a3ce83da1c5d3a4fc9540
b2aea770125c21d16011f94b8bb287977ced8f6be3628b4d12233424c0cd1969
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/master-slider/custom.css?ver=6.3 HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Sat, 19 Nov 2022 05:39:22 GMT
content-type: text/css
last-modified: Tue, 10 May 2022 02:31:55 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 144
date: Sat, 12 Nov 2022 05:39:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css?ver=1.1.5
103.57.223.32200 OK 8.3 kB URL HTTP/2 thongtacconghanoi.net/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css?ver=1.1.5
IP 103.57.223.32:0
File type ASCII text, with very long lines (36350)
Hash 88dc514ce5cd82e6c478a7073b250561
fb14d7b59935d8171be13d2479b44986e85ba815
611a89c1a6ca603f6301defa4e973195a504d979c98647d26856cbfddd11adc9
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/shortcodes-ultimate/includes/css/icons.css?ver=1.1.5 HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Sat, 19 Nov 2022 05:39:22 GMT
content-type: text/css
last-modified: Mon, 03 Oct 2022 01:48:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8260
date: Sat, 12 Nov 2022 05:39:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css?ver=5.12.2
103.57.223.32200 OK 7.3 kB URL HTTP/2 thongtacconghanoi.net/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css?ver=5.12.2
IP 103.57.223.32:0
File type ASCII text, with very long lines (45570), with no line terminators
Hash 6547a86b4e1cb18cae1634e327079284
0c355e0cf7431a8f7e0e508422511b5c96850929
c35482127e01f5d2962e302a38556800cf8494c6f09819fef1f5ae85b7b2cec4
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css?ver=5.12.2 HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Sat, 19 Nov 2022 05:39:22 GMT
content-type: text/css
last-modified: Mon, 03 Oct 2022 01:48:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7347
date: Sat, 12 Nov 2022 05:39:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4b46bbcd35c85c4678b0e3e409bba3bc
bb0705335e28414345ad5fcdd61104cf2fbbbbc4
6c3df7e6d0a8491fe24c03df2ccba059ba2f84155a680a4a22f217d3870cff95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:39:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4b46bbcd35c85c4678b0e3e409bba3bc
bb0705335e28414345ad5fcdd61104cf2fbbbbc4
6c3df7e6d0a8491fe24c03df2ccba059ba2f84155a680a4a22f217d3870cff95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:39:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
thongtacconghanoi.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
103.57.223.32200 OK 30 kB URL HTTP/2 thongtacconghanoi.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 103.57.223.32:0
File type ASCII text, with very long lines (65447)
Hash 34f918ada1fe4f01c5a4b90065bbc37a
a731f6ce2d413805e39ae45994012b1bd5ea1e2b
eba158d5ab26a5a54a3dcfcea1072c636f44e92fc2eb30a3f27cd5be3f891dfc
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Sat, 19 Nov 2022 05:39:22 GMT
content-type: application/javascript
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30273
date: Sat, 12 Nov 2022 05:39:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
103.57.223.32200 OK 4.0 kB URL HTTP/2 thongtacconghanoi.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 103.57.223.32:0
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Sat, 19 Nov 2022 05:39:22 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Sat, 12 Nov 2022 05:39:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/plugins/image-watermark/js/no-right-click.js?ver=1.7.2
103.57.223.32200 OK 1.3 kB URL HTTP/2 thongtacconghanoi.net/wp-content/plugins/image-watermark/js/no-right-click.js?ver=1.7.2
IP 103.57.223.32:0
Hash 7681cfafedd160df088e710ca93ff587
3b5162e079e336c5cf136c2b7606db383d414509
2be982e13903fbfe9773bffff97f0118d16ea90631f67f5cadba5eafc10aecfa
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/image-watermark/js/no-right-click.js?ver=1.7.2 HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Sat, 19 Nov 2022 05:39:22 GMT
content-type: application/javascript
last-modified: Mon, 03 Oct 2022 01:49:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1286
date: Sat, 12 Nov 2022 05:39:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/plugins/wpfomo/public/js/wpfomo-public.js?ver=1.1.0
103.57.223.32200 OK 365 B URL HTTP/2 thongtacconghanoi.net/wp-content/plugins/wpfomo/public/js/wpfomo-public.js?ver=1.1.0
IP 103.57.223.32:0
Hash 773e96e518474b3303fe09347994723e
420bf05cc02cdc72aa7037ad872e70bf3feac5ba
c01411369a8a3c8f16c266eecca543051087b98bd7c73900d5e67be9384e7846
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/wpfomo/public/js/wpfomo-public.js?ver=1.1.0 HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Sat, 19 Nov 2022 05:39:22 GMT
content-type: application/javascript
last-modified: Sun, 27 Jun 2021 03:34:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 365
date: Sat, 12 Nov 2022 05:39:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/themes/theme/lib/js/bootstrap.min.js?ver=4.3.1
103.57.223.32200 OK 15 kB URL HTTP/2 thongtacconghanoi.net/wp-content/themes/theme/lib/js/bootstrap.min.js?ver=4.3.1
IP 103.57.223.32:0
File type ASCII text, with very long lines (57791), with CRLF line terminators
Hash b0e70d19c5ba99c5f2207566eb48759b
2cd50f1d3cfacdd030587204ba454f7ba4b8df68
5d4da837a6e87796382efab2be0891664ce7d2860d7a49abecd4f85c0c5bb190
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/themes/theme/lib/js/bootstrap.min.js?ver=4.3.1 HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Sat, 19 Nov 2022 05:39:22 GMT
content-type: application/javascript
last-modified: Thu, 21 Feb 2019 10:21:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 14769
date: Sat, 12 Nov 2022 05:39:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/themes/theme/lib/js/popper.min.js?ver=1.0
103.57.223.32200 OK 7.2 kB URL HTTP/2 thongtacconghanoi.net/wp-content/themes/theme/lib/js/popper.min.js?ver=1.0
IP 103.57.223.32:0
File type ASCII text, with very long lines (20831), with CRLF line terminators
Hash 750b3a38f018a51e529004fd8d988665
d7e8afa88ea2b42d752cf5109c77efecc32f35c1
3051bcbacd6450495217d9743b65d005cc59f480cc545fa7f24069a158a3022f
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/themes/theme/lib/js/popper.min.js?ver=1.0 HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Sat, 19 Nov 2022 05:39:22 GMT
content-type: application/javascript
last-modified: Thu, 21 Feb 2019 10:21:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7181
date: Sat, 12 Nov 2022 05:39:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/themes/theme/lib/js/main.js?ver=1.0
103.57.223.32200 OK 787 B URL HTTP/2 thongtacconghanoi.net/wp-content/themes/theme/lib/js/main.js?ver=1.0
IP 103.57.223.32:0
File type ASCII text, with CRLF line terminators
Hash 1bb802c9550b64ad03ee36178dc30da5
7aad2ff2f77e70111b9d7487accdb8fc6df8673f
316e49debc58125f2604435b5593b74df362bbb560952b25abfbd28df0829f97
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/themes/theme/lib/js/main.js?ver=1.0 HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Sat, 19 Nov 2022 05:39:22 GMT
content-type: application/javascript
last-modified: Mon, 25 May 2020 02:11:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 787
date: Sat, 12 Nov 2022 05:39:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/themes/theme/lib/mobile-menu/js/mobile-menu.js?ver=1.0.0
103.57.223.32200 OK 3.0 kB URL HTTP/2 thongtacconghanoi.net/wp-content/themes/theme/lib/mobile-menu/js/mobile-menu.js?ver=1.0.0
IP 103.57.223.32:0
File type exported SGML document, ASCII text, with very long lines (415)
Hash cac7d800a6e70a1fa16a3a0807aa6012
076aa61a2b33c1305f5753bb45abc431fc0bc1f0
df7a7c4cbece5866fc2ed07b354c779a9e96a109bdce201a18023b4cbf9ffdc2
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/themes/theme/lib/mobile-menu/js/mobile-menu.js?ver=1.0.0 HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Sat, 19 Nov 2022 05:39:22 GMT
content-type: application/javascript
last-modified: Fri, 03 Jul 2020 09:01:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3010
date: Sat, 12 Nov 2022 05:39:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2106
103.57.223.32200 OK 2.2 kB URL HTTP/2 thongtacconghanoi.net/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2106
IP 103.57.223.32:0
File type ASCII text, with very long lines (6091), with no line terminators
Hash bc966353388572531142d078254a46dd
d813127829e81e4d1b42d7943c5f44887cf03d8e
377527657e160de1456dff3e050ba75f2bf0648fb1a479d5e831441f84b9e606
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/table-of-contents-plus/front.min.js?ver=2106 HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Sat, 19 Nov 2022 05:39:22 GMT
content-type: application/javascript
last-modified: Mon, 08 Nov 2021 09:43:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2181
date: Sat, 12 Nov 2022 05:39:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/plugins/master-slider/public/assets/js/jquery.easing.min.js?ver=3.8.1
1.8 kB URL thongtacconghanoi.net/wp-content/plugins/master-slider/public/assets/js/jquery.easing.min.js?ver=3.8.1
IP :0
Hash bce9195826439242cc982b18bcfe3345
a6bcb7a70b83509f62b20b14efa00e53ef546ef1
9ec5ea3450a8333349126d29ad3ab4529bffb16d7aff60b41076273e7ba0fd69
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/master-slider/public/assets/js/jquery.easing.min.js?ver=3.8.1 HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
thongtacconghanoi.net/wp-content/plugins/shortcodes-ultimate/includes/js/shortcodes/index.js?ver=5.12.2
103.57.223.32200 OK 3.4 kB URL HTTP/2 thongtacconghanoi.net/wp-content/plugins/shortcodes-ultimate/includes/js/shortcodes/index.js?ver=5.12.2
IP 103.57.223.32:0
File type ASCII text, with very long lines (12160)
Hash c6ec95291a80b324ae49a478beeebec3
032482ec13e9c01d66e7b9aca88ddbc9058e2e59
bdab74ea94870d45876981f3d12237d8f8ebf49e2a76e9c32cdf4b184400ec9f
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/shortcodes-ultimate/includes/js/shortcodes/index.js?ver=5.12.2 HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Sat, 19 Nov 2022 05:39:22 GMT
content-type: application/javascript
last-modified: Mon, 03 Oct 2022 01:48:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3416
date: Sat, 12 Nov 2022 05:39:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-includes/js/wp-emoji-release.min.js?ver=5.9.5
103.57.223.32200 OK 4.5 kB URL HTTP/2 thongtacconghanoi.net/wp-includes/js/wp-emoji-release.min.js?ver=5.9.5
IP 103.57.223.32:0
File type ASCII text, with very long lines (15224)
Hash 3c05cdbb96f694e86b05c7a3e5c6703f
615a7094f3210830bd5e6f08f845c101be2eefeb
371bb131cc739b177f4c90f67535f020d0bbee092e2ff1bad6ac38e978da3092
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.9.5 HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Sat, 19 Nov 2022 05:39:22 GMT
content-type: application/javascript
last-modified: Tue, 08 Jun 2021 22:15:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4539
date: Sat, 12 Nov 2022 05:39:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/plugins/master-slider/public/assets/css/blank.gif
103.57.223.32200 OK 43 B URL HTTP/2 thongtacconghanoi.net/wp-content/plugins/master-slider/public/assets/css/blank.gif
IP 103.57.223.32:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/master-slider/public/assets/css/blank.gif HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=2629000, public
expires: Sat, 19 Nov 2022 05:39:22 GMT
content-type: image/gif
last-modified: Tue, 10 May 2022 00:51:25 GMT
accept-ranges: bytes
content-length: 43
date: Sat, 12 Nov 2022 05:39:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/themes/theme/lib/images/icon-phone2.png
103.57.223.32200 OK 550 B URL HTTP/2 thongtacconghanoi.net/wp-content/themes/theme/lib/images/icon-phone2.png
IP 103.57.223.32:0
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash bfd8f4fc056b116e73b735b371ba1e8a
c990cecc0e398362afd41eb6857bd8543132387b
6d01e642a97926a7628547cdcca85b6ab597dd514054358593de1ce3490bdad3
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/theme/lib/images/icon-phone2.png HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=2629000, public
expires: Sat, 19 Nov 2022 05:39:22 GMT
content-type: image/png
last-modified: Wed, 04 Sep 2019 07:11:30 GMT
accept-ranges: bytes
content-length: 550
date: Sat, 12 Nov 2022 05:39:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/themes/theme/lib/mobile-menu/js/site.min.js?ver=1.0.0
103.57.223.32200 OK 19 kB URL HTTP/2 thongtacconghanoi.net/wp-content/themes/theme/lib/mobile-menu/js/site.min.js?ver=1.0.0
IP 103.57.223.32:0
File type ASCII text, with very long lines (31998)
Hash 40aa332ae59c7b9330939fe56e448a5a
be3ea69d22ca51df48f677abd5a66f01ad86c923
7682162daf306b156e2ac791b4daa0fc12ee7a67d8f042e95c1511163f011483
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/themes/theme/lib/mobile-menu/js/site.min.js?ver=1.0.0 HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Sat, 19 Nov 2022 05:39:22 GMT
content-type: application/javascript
last-modified: Fri, 03 Jul 2020 09:01:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 18663
date: Sat, 12 Nov 2022 05:39:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash e569acd833d180f3c2fba0919fbeb704
60a3121c9bf8e08a8a7fe70001c24b6f8c9981f5
994bee0670c93479c3e835985d24d7ce41fbc0a3013e173d79ea1ea5f63ac85c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:39:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash e569acd833d180f3c2fba0919fbeb704
60a3121c9bf8e08a8a7fe70001c24b6f8c9981f5
994bee0670c93479c3e835985d24d7ce41fbc0a3013e173d79ea1ea5f63ac85c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:39:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash e569acd833d180f3c2fba0919fbeb704
60a3121c9bf8e08a8a7fe70001c24b6f8c9981f5
994bee0670c93479c3e835985d24d7ce41fbc0a3013e173d79ea1ea5f63ac85c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:39:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
thongtacconghanoi.net/wp-content/plugins/master-slider/public/assets/js/masterslider.min.js?ver=3.8.1
103.57.223.32200 OK 21 kB URL HTTP/2 thongtacconghanoi.net/wp-content/plugins/master-slider/public/assets/js/masterslider.min.js?ver=3.8.1
IP 103.57.223.32:0
File type Unicode text, UTF-8 text, with very long lines (32167)
Hash 81312deab11ca8545f4ed7ab6fce2ec8
76c9204366c48f7962c70596d578f42cd0dc33ec
134bb624634ccc593545597a5d044869379986f24d586907bcaa2f3ae736e17d
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/master-slider/public/assets/js/masterslider.min.js?ver=3.8.1 HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Sat, 19 Nov 2022 05:39:22 GMT
content-type: application/javascript
last-modified: Tue, 10 May 2022 00:51:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 21034
date: Sat, 12 Nov 2022 05:39:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/uploads/2018/05/1thong-tac-cong-ha-noi-top-banner-min.jpg
103.57.223.32200 OK 90 kB URL HTTP/2 thongtacconghanoi.net/wp-content/uploads/2018/05/1thong-tac-cong-ha-noi-top-banner-min.jpg
IP 103.57.223.32:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, progressive, precision 8, 1600x391, components 3\012- data
Hash b9ac1ee94fe4f953a9401864ea8b2238
8d32166ae2437bf8f1b7db8ca4636e23e6fce08c
db78fd62e010c19f32add44b3ada486313ddc43d223cd9b414346c359ecd48c4
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2018/05/1thong-tac-cong-ha-noi-top-banner-min.jpg HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=2629000, public
expires: Sat, 19 Nov 2022 05:39:22 GMT
content-type: image/jpeg
last-modified: Mon, 05 Nov 2018 10:09:27 GMT
accept-ranges: bytes
content-length: 90546
date: Sat, 12 Nov 2022 05:39:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/uploads/2019/03/cac-loai-xe-hut-be-phot-tu-1-khoi-10-khoi-tai-hung-thinh.jpg
103.57.223.32200 OK 162 kB URL HTTP/2 thongtacconghanoi.net/wp-content/uploads/2019/03/cac-loai-xe-hut-be-phot-tu-1-khoi-10-khoi-tai-hung-thinh.jpg
IP 103.57.223.32:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=487, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=950], baseline, precision 8, 950x487, components 3\012- data
Size 162 kB (162237 bytes)
Hash a6a4bcbaa46f6c2d90d8f22ef934f940
36c434e2d2a3a7c8d5ed08ff38cd565b3033ad5c
4a4990aaf7c30750a87738d79c1030e4522be21cac971deb20b8720edc5c7d65
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2019/03/cac-loai-xe-hut-be-phot-tu-1-khoi-10-khoi-tai-hung-thinh.jpg HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=2629000, public
expires: Sat, 19 Nov 2022 05:39:22 GMT
content-type: image/jpeg
last-modified: Thu, 14 Mar 2019 04:14:16 GMT
accept-ranges: bytes
content-length: 162237
date: Sat, 12 Nov 2022 05:39:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e3f9965225cba49c71506d7dee4c1647
d1d30248236cfe679fa182860d69634d30f5b0ca
8a2641a2fa1026f8893b4acf7f7c78c633a1408779f3063c87ad292729300d97
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:39:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash e569acd833d180f3c2fba0919fbeb704
60a3121c9bf8e08a8a7fe70001c24b6f8c9981f5
994bee0670c93479c3e835985d24d7ce41fbc0a3013e173d79ea1ea5f63ac85c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:39:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e3f9965225cba49c71506d7dee4c1647
d1d30248236cfe679fa182860d69634d30f5b0ca
8a2641a2fa1026f8893b4acf7f7c78c633a1408779f3063c87ad292729300d97
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:39:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
216.58.207.195200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 11872, version 1.0\012- data
Hash 87ace20058325aa069320aa4af875dff
b743548770c46d905ae1ba06310bc001c587fe8e
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thongtacconghanoi.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 19:35:48 GMT
expires: Thu, 09 Nov 2023 19:35:48 GMT
cache-control: public, max-age=31536000
age: 209015
last-modified: Wed, 11 May 2022 19:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash e569acd833d180f3c2fba0919fbeb704
60a3121c9bf8e08a8a7fe70001c24b6f8c9981f5
994bee0670c93479c3e835985d24d7ce41fbc0a3013e173d79ea1ea5f63ac85c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:39:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thongtacconghanoi.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 14:07:32 GMT
expires: Thu, 09 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 228711
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
216.58.207.195200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 11800, version 1.0\012- data
Hash e36fccd06262bef92e7a9841e2202225
b907dd02819497b3942220e0aa160c167195506b
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thongtacconghanoi.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11800
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 18:48:10 GMT
expires: Thu, 09 Nov 2023 18:48:10 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:25:05 GMT
content-type: font/woff2
age: 211873
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e3f9965225cba49c71506d7dee4c1647
d1d30248236cfe679fa182860d69634d30f5b0ca
8a2641a2fa1026f8893b4acf7f7c78c633a1408779f3063c87ad292729300d97
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:39:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thongtacconghanoi.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 18:53:49 GMT
expires: Thu, 09 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 211534
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
216.58.207.195200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 11824, version 1.0\012- data
Hash deb26e9b1a25438118e5d39d741ae6b6
a2801defb4c8bed8e4083dfde0b2a5a9c0537020
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thongtacconghanoi.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11824
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 19:50:35 GMT
expires: Thu, 09 Nov 2023 19:50:35 GMT
cache-control: public, max-age=31536000
age: 208128
last-modified: Wed, 11 May 2022 19:24:43 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thongtacconghanoi.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 19:34:08 GMT
expires: Thu, 09 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 209115
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
216.58.207.195200 OK 5.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 5560, version 1.0\012- data
Hash ca3b09b62fda648a4511700413313fd0
109cd4c5435bd6614391bb8722c47c287c96b2ec
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thongtacconghanoi.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5560
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 19:36:26 GMT
expires: Thu, 09 Nov 2023 19:36:26 GMT
cache-control: public, max-age=31536000
age: 208977
last-modified: Wed, 11 May 2022 19:24:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e3f9965225cba49c71506d7dee4c1647
d1d30248236cfe679fa182860d69634d30f5b0ca
8a2641a2fa1026f8893b4acf7f7c78c633a1408779f3063c87ad292729300d97
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:39:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/embed/lf1H2fSca4M
142.250.74.46200 OK 33 kB URL HTTP/2 www.youtube.com/embed/lf1H2fSca4M
IP 142.250.74.46:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58566)
Hash 13debd1b17aad948268e1028742bf279
24b587ac450ab3a82f3e3b85c9437fdb6914dbf3
ee13ac5fe00fe5187ad8d9fccec28dea05b45991a7f6e0791b5101c053af7e34
GET /embed/lf1H2fSca4M HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 12 Nov 2022 05:39:23 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=F86hcK7Cdpw; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=VftIjWJMwvU; Domain=.youtube.com; Expires=Thu, 11-May-2023 05:39:23 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+453; expires=Mon, 11-Nov-2024 05:39:23 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash e569acd833d180f3c2fba0919fbeb704
60a3121c9bf8e08a8a7fe70001c24b6f8c9981f5
994bee0670c93479c3e835985d24d7ce41fbc0a3013e173d79ea1ea5f63ac85c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:39:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/embed/-rsu8ncX8m4
142.250.74.46200 OK 33 kB URL HTTP/2 www.youtube.com/embed/-rsu8ncX8m4
IP 142.250.74.46:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58554)
Hash c848cfbcee04f8230820623afa512400
540928641c90ff1a1bbfdf1878ddd647991619ca
f7614443384ec5290b813d3c046b6e02c9992b0a8700b8fb030044a5dacead26
GET /embed/-rsu8ncX8m4 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 12 Nov 2022 05:39:23 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=bNx3Roj41tA; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=2mLhlt8mbq4; Domain=.youtube.com; Expires=Thu, 11-May-2023 05:39:23 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+426; expires=Mon, 11-Nov-2024 05:39:23 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Nov 2022 12:31:58 GMT
expires: Sun, 05 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 580045
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 21:46:16 GMT
expires: Fri, 10 Nov 2023 21:46:16 GMT
cache-control: public, max-age=31536000
age: 114787
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/embed/dkZsrSkJSPM
142.250.74.46200 OK 30 kB URL HTTP/2 www.youtube.com/embed/dkZsrSkJSPM
IP 142.250.74.46:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58554)
Hash fe6c9242cb0338cbf6b23e665ab48f33
8ab93955505902acda24e66d31ca4d3165637d07
39ba1edfe15402d07493d3f4d2f86f49d9a60073fa26285023f55dcf7b111e6b
GET /embed/dkZsrSkJSPM HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 12 Nov 2022 05:39:23 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=P-7Ydjnctfw; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=cIZXk3Qb_VQ; Domain=.youtube.com; Expires=Thu, 11-May-2023 05:39:23 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+186; expires=Mon, 11-Nov-2024 05:39:23 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/themes/theme/lib/images/menu-vp.png
103.57.223.32200 OK 251 B URL HTTP/2 thongtacconghanoi.net/wp-content/themes/theme/lib/images/menu-vp.png
IP 103.57.223.32:0
File type PNG image data, 1048 x 6, 8-bit/color RGBA, non-interlaced\012- data
Hash c26b0feba50d5d79904d505e27498f4b
cefe7101e01ea0a4cd93e79a54597f2d708a278c
3be0971ad024411fe46cc0686a13abce8e1dd0e3e8c323912e9b74ac43408be1
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/theme/lib/images/menu-vp.png HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/wp-content/themes/theme/style.css?ver=5.9.5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=2629000, public
expires: Sat, 19 Nov 2022 05:39:23 GMT
content-type: image/png
last-modified: Sun, 15 May 2022 05:57:27 GMT
accept-ranges: bytes
content-length: 251
date: Sat, 12 Nov 2022 05:39:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/themes/theme/lib/images/search_mobile.png
103.57.223.32200 OK 1.7 kB URL HTTP/2 thongtacconghanoi.net/wp-content/themes/theme/lib/images/search_mobile.png
IP 103.57.223.32:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 687c15352a8aac92941575f6bce0cb7c
1fc799bb12a0381c4ea913d4a03842ce783ae6b8
e5c10f3e82edfaefec64845d00a41a80f3dfa58367e68c2873351463deeae141
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/theme/lib/images/search_mobile.png HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/wp-content/themes/theme/style.css?ver=5.9.5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=2629000, public
expires: Sat, 19 Nov 2022 05:39:23 GMT
content-type: image/png
last-modified: Sun, 15 May 2022 06:23:50 GMT
accept-ranges: bytes
content-length: 1711
date: Sat, 12 Nov 2022 05:39:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/themes/theme/lib/images/icon-zalo.png
103.57.223.32200 OK 2.6 kB URL HTTP/2 thongtacconghanoi.net/wp-content/themes/theme/lib/images/icon-zalo.png
IP 103.57.223.32:0
File type PNG image data, 65 x 65, 8-bit colormap, non-interlaced\012- data
Hash 9e70e734cd6d07a5d843f62e515d5172
82248b37fcfe80dcba72240a855da58027caed7d
13e28340081ed7ca45fa54d8f21bfb7892292f72eaff692c8a429a384306e4c4
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/theme/lib/images/icon-zalo.png HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/wp-content/themes/theme/style.css?ver=5.9.5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=2629000, public
expires: Sat, 19 Nov 2022 05:39:23 GMT
content-type: image/png
last-modified: Wed, 04 Sep 2019 07:11:32 GMT
accept-ranges: bytes
content-length: 2605
date: Sat, 12 Nov 2022 05:39:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/plugins/shortcodes-ultimate/vendor/fork-awesome/fonts/forkawesome-webfont.woff2?v=1.2.0
103.57.223.32200 OK 110 kB URL HTTP/2 thongtacconghanoi.net/wp-content/plugins/shortcodes-ultimate/vendor/fork-awesome/fonts/forkawesome-webfont.woff2?v=1.2.0
IP 103.57.223.32:0
File type Web Open Font Format (Version 2), TrueType, length 109916, version 1.0\012- data
Size 110 kB (109916 bytes)
Hash 12ee76445f0383c58529169d700b6650
7f7208e7b28e0862b82e05c8d1715540e22c111d
8810ba3440bf482ced33d2f74b7803bba711f689d8e4caa7da5c6ae6844a1b49
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/plugins/shortcodes-ultimate/vendor/fork-awesome/fonts/forkawesome-webfont.woff2?v=1.2.0 HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://thongtacconghanoi.net/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css?ver=1.1.5
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 19 Nov 2022 05:39:23 GMT
content-type: font/woff2
last-modified: Mon, 03 Oct 2022 01:48:28 GMT
accept-ranges: bytes
content-length: 109916
date: Sat, 12 Nov 2022 05:39:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/uploads/2018/04/tai-sao-nen-su-dung-bun-vi-sinh-1-150x150.jpeg
103.57.223.32200 OK 8.6 kB URL HTTP/2 thongtacconghanoi.net/wp-content/uploads/2018/04/tai-sao-nen-su-dung-bun-vi-sinh-1-150x150.jpeg
IP 103.57.223.32:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", progressive, precision 8, 150x150, components 3\012- data
Hash dd1b7782d61971d77c569b4c63cdf436
ba304a66d7a431c637c4ad1a36530f52bbd180b3
39d44da454bb1a423f83a2a172ec8c5dbe401ffa58f2e453efb2be8441fb85ef
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/uploads/2018/04/tai-sao-nen-su-dung-bun-vi-sinh-1-150x150.jpeg HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=2629000, public
expires: Sat, 19 Nov 2022 05:39:23 GMT
content-type: image/jpeg
last-modified: Tue, 14 Jun 2022 08:08:37 GMT
accept-ranges: bytes
content-length: 8565
date: Sat, 12 Nov 2022 05:39:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/uploads/2020/06/tho-thong-hut-be-phot-kinh-nghiem-150x150.jpg
103.57.223.32200 OK 9.1 kB URL HTTP/2 thongtacconghanoi.net/wp-content/uploads/2020/06/tho-thong-hut-be-phot-kinh-nghiem-150x150.jpg
IP 103.57.223.32:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 150x150, components 3\012- data
Hash 95bd2c140407b3960cc758d272ec697b
57b7c6202bea735d1451cd335ff78cde42da1bbc
296f9e241ea371599f0be2ed8913015243fee9237f6eb345333a2e62c7010b82
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2020/06/tho-thong-hut-be-phot-kinh-nghiem-150x150.jpg HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=2629000, public
expires: Sat, 19 Nov 2022 05:39:23 GMT
content-type: image/jpeg
last-modified: Fri, 26 Jun 2020 08:58:38 GMT
accept-ranges: bytes
content-length: 9112
date: Sat, 12 Nov 2022 05:39:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/uploads/2018/06/h%C3%BAt-b%E1%BB%83-ph%E1%BB%91t-t%E1%BA%A1i-%C4%90%C3%B4ng-Anh-1-150x150.jpg
103.57.223.32200 OK 7.5 kB URL HTTP/2 thongtacconghanoi.net/wp-content/uploads/2018/06/h%C3%BAt-b%E1%BB%83-ph%E1%BB%91t-t%E1%BA%A1i-%C4%90%C3%B4ng-Anh-1-150x150.jpg
IP 103.57.223.32:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Hash 9367b2b98aab871dd55fc3d4092f5e96
62ca85391b8d160f4b21490ad9c3b855a63fa777
f516c1eccbd85b626fa917b03fe1ac6c8eeef490976a4977a6dbf77cec080388
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2018/06/h%C3%BAt-b%E1%BB%83-ph%E1%BB%91t-t%E1%BA%A1i-%C4%90%C3%B4ng-Anh-1-150x150.jpg HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=2629000, public
expires: Sat, 19 Nov 2022 05:39:23 GMT
content-type: image/jpeg
last-modified: Mon, 05 Nov 2018 10:23:38 GMT
accept-ranges: bytes
content-length: 7460
date: Sat, 12 Nov 2022 05:39:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/uploads/2019/07/nguyen-ly-hoat-dong-be-anoxic-150x150.jpg
103.57.223.32200 OK 6.1 kB URL HTTP/2 thongtacconghanoi.net/wp-content/uploads/2019/07/nguyen-ly-hoat-dong-be-anoxic-150x150.jpg
IP 103.57.223.32:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x150, components 3\012- data
Hash a5595ac8c664a059ba2ff33e2d6bf6e8
e014d9685a04c9c093f32888217a179d325b4239
8212e3d6b9530ead33d3923e9e29429391de523daa74865eec36fe3767747d48
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2019/07/nguyen-ly-hoat-dong-be-anoxic-150x150.jpg HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=2629000, public
expires: Sat, 19 Nov 2022 05:39:23 GMT
content-type: image/jpeg
last-modified: Fri, 11 Oct 2019 03:41:44 GMT
accept-ranges: bytes
content-length: 6071
date: Sat, 12 Nov 2022 05:39:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/uploads/2021/12/ve-sinh-may-lanh-tai-nha-1-150x150.png
103.57.223.32200 OK 49 kB URL HTTP/2 thongtacconghanoi.net/wp-content/uploads/2021/12/ve-sinh-may-lanh-tai-nha-1-150x150.png
IP 103.57.223.32:0
File type PNG image data, 150 x 150, 8-bit/color RGBA, interlaced\012- data
Hash f64ef5f0d0c8b91ec87bfd9c12f0b665
25caa8f1e767d11a91d2d836cd991d58d3da60fa
c20b1b88922bb0c6027f45552cfd6d770713258c72ae0d433ce2c64b36d5df46
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/12/ve-sinh-may-lanh-tai-nha-1-150x150.png HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=2629000, public
expires: Sat, 19 Nov 2022 05:39:23 GMT
content-type: image/png
last-modified: Thu, 02 Dec 2021 16:59:29 GMT
accept-ranges: bytes
content-length: 49327
date: Sat, 12 Nov 2022 05:39:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/uploads/2018/05/thong_tac_cong_tai_hoang_mai_13-1-1.jpg
103.57.223.32200 OK 19 kB URL HTTP/2 thongtacconghanoi.net/wp-content/uploads/2018/05/thong_tac_cong_tai_hoang_mai_13-1-1.jpg
IP 103.57.223.32:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x336, components 3\012- data
Hash 809311f4908ae225b9f4f34e0351a4ac
adb4db9644770a604314883d0187553202651b52
71146fb6f77de340e8f87645f99a15f409a57f19d5ef677098c64be73d4c8b14
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2018/05/thong_tac_cong_tai_hoang_mai_13-1-1.jpg HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=2629000, public
expires: Sat, 19 Nov 2022 05:39:23 GMT
content-type: image/jpeg
last-modified: Mon, 05 Nov 2018 10:18:15 GMT
accept-ranges: bytes
content-length: 19145
date: Sat, 12 Nov 2022 05:39:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/uploads/2018/05/8115f50f_4dbd_4625_a09e_075fd79cbf3f-1-1.jpg
103.57.223.32200 OK 25 kB URL HTTP/2 thongtacconghanoi.net/wp-content/uploads/2018/05/8115f50f_4dbd_4625_a09e_075fd79cbf3f-1-1.jpg
IP 103.57.223.32:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 473x479, components 3\012- data
Hash cd91938079f9af04b929eff68ebf4295
363767292f132c5363ac163212d4fdd427353af3
a33e11698b3f109b86c11d1af6782cc4b4e50a0fadf288037558ec930c6da395
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2018/05/8115f50f_4dbd_4625_a09e_075fd79cbf3f-1-1.jpg HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=2629000, public
expires: Sat, 19 Nov 2022 05:39:23 GMT
content-type: image/jpeg
last-modified: Mon, 05 Nov 2018 10:09:48 GMT
accept-ranges: bytes
content-length: 25044
date: Sat, 12 Nov 2022 05:39:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/themes/theme/lib/webfonts/iconfonts/icofont.woff2
103.57.223.32200 OK 1 B URL HTTP/2 thongtacconghanoi.net/wp-content/themes/theme/lib/webfonts/iconfonts/icofont.woff2
IP 103.57.223.32:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-content/themes/theme/lib/webfonts/iconfonts/icofont.woff2 HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://thongtacconghanoi.net/wp-content/themes/theme/style.css?ver=5.9.5
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 19 Nov 2022 05:39:23 GMT
content-type: font/woff2
last-modified: Wed, 08 Aug 2018 23:59:22 GMT
accept-ranges: bytes
content-length: 537868
date: Sat, 12 Nov 2022 05:39:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 825b44d24d8bc851404dded7ee683a42
2887c729f065c930e405c4d2a39132e4716701c0
09076a8b67da7f3a4fc47d793de28b62433a97dd68d9b1ffb27355c27fad9b14
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:39:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 23dd8b12572b78e5d32d491b3d0d9d32
718c3e3abcc55c295c72e5ee4e5441fe5acc1363
f72c359246ea96d4f28bbc5aee8d4d24fcba9f47dfc691693f6c49e370d9b103
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:39:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.166200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.166:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 12 Nov 2022 05:29:05 GMT
expires: Sat, 12 Nov 2022 05:44:05 GMT
cache-control: public, max-age=900
age: 620
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.130302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sat, 12 Nov 2022 05:39:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 825b44d24d8bc851404dded7ee683a42
2887c729f065c930e405c4d2a39132e4716701c0
09076a8b67da7f3a4fc47d793de28b62433a97dd68d9b1ffb27355c27fad9b14
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:39:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 23dd8b12572b78e5d32d491b3d0d9d32
718c3e3abcc55c295c72e5ee4e5441fe5acc1363
f72c359246ea96d4f28bbc5aee8d4d24fcba9f47dfc691693f6c49e370d9b103
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:39:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id
142.250.74.130302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sat, 12 Nov 2022 05:39:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.207.234200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.207.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 12 Nov 2022 05:39:25 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.207.234200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.207.234:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 00330c31ef9cf2ca4fa8a5ec5189b7fe
bd99673169ba3503c6ed4be55b9a30a58e6280e6
cc066b9be4d7aa2a01d5299b78eed1177e4567cbd00f48a53342fd32e7226df3
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 12 Nov 2022 05:39:25 GMT
server: ESF
cache-control: private
content-length: 30913
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash a7d7a5379a732fc5eadab78de886cc31
6df8c63644e97bf57262415f24e270c718e1758b
c355159cc937a19485f62cc446530f319749237e147adbb2c5784d1d2c20ed64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:39:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36143)
Hash a08dfd96c563f96f7d11b4858aecfa13
d9abee2c38b89d3dea85e76bb741bb8f4f993d49
fedde263fa3b4116029d93d0250f5eab845964d5fcf24e40ffbcd9bf292a0db4
GET /js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14211
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 06:09:06 GMT
expires: Thu, 09 Nov 2023 06:09:06 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
content-type: text/javascript
age: 257419
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash e46444dffd461c8b9dff230925c5ad9e
a64464d4819393511522e60422c4d0980b2fc9d0
49ce6e4993f47bbb20b98a0e9232f31589add1574385f1c94ba0b03987197574
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:39:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/4SYq0xIO-MK2Jr4OcNDxUBrGM44TY0h05pr7aY6Tf6c.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/4SYq0xIO-MK2Jr4OcNDxUBrGM44TY0h05pr7aY6Tf6c.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (35997)
Hash 0d39fb7048438d673bf4164bb65fbbcc
8be882770bc26b2ed49ef59322b82fe23cd8c6c2
edc6ea4d9294c971c4541d7b04425c364c75cd5a94b7a68203a63ac96b13ddf4
GET /js/th/4SYq0xIO-MK2Jr4OcNDxUBrGM44TY0h05pr7aY6Tf6c.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14246
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 16:22:42 GMT
expires: Tue, 07 Nov 2023 16:22:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 20 Oct 2022 10:30:00 GMT
content-type: text/javascript
age: 393403
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.207.234200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.207.234:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 95206ba989532dc3d3154bdc3543da2a
1536ee0491effafdfd5f1474fb029dbf5c103899
7eecbc64ec1f24c4e3e7aa1e7b214fa34f830a738d98cfecc06b3cf226f012ca
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 12 Nov 2022 05:39:25 GMT
server: ESF
cache-control: private
content-length: 31085
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/LdLvTTsremU/default.webp
216.58.207.214200 OK 1.9 kB URL HTTP/2 i.ytimg.com/vi_webp/LdLvTTsremU/default.webp
IP 216.58.207.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 120x90, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bd2fb8951bc043c481678cce31861332
166724f7f639cd9bf0bf88b70b518fe53a0af8ca
581cf308ecb9896a22d3ef9e6cbe065379bd21181b64d3672f114a8eeacd2e75
GET /vi_webp/LdLvTTsremU/default.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 1928
date: Sat, 12 Nov 2022 05:39:25 GMT
expires: Sat, 12 Nov 2022 07:39:25 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/t5g1o7SB2iI/default.webp
216.58.207.214200 OK 1.8 kB URL HTTP/2 i.ytimg.com/vi_webp/t5g1o7SB2iI/default.webp
IP 216.58.207.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 120x90, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash eaececd92f310879df305eada64ba26e
d37d8fd7547a7c3efd27b711b3a8fe5933bfb1e3
240619c257ec41659fbfa6312472a4ebad4ae0179eced95637b63f8da93dce29
GET /vi_webp/t5g1o7SB2iI/default.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 1760
date: Sat, 12 Nov 2022 05:39:25 GMT
expires: Sat, 12 Nov 2022 07:39:25 GMT
cache-control: public, max-age=7200
etag: "1527739111"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash e46444dffd461c8b9dff230925c5ad9e
a64464d4819393511522e60422c4d0980b2fc9d0
49ce6e4993f47bbb20b98a0e9232f31589add1574385f1c94ba0b03987197574
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:39:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 562149e460e7949cc1e3726ac7c854bf
90c304ab2081e4d04e1c6a176e8193787986a0b2
9f83f2b72570abc2c662aacf80e9eac0ab0410de0e147b2f786767edd4dcc4fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:39:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu8Doc_DkjS7mxaTdA5MLBaZtpF16hMkiJz3l9DS=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 2.6 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu8Doc_DkjS7mxaTdA5MLBaZtpF16hMkiJz3l9DS=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 46b520d5e5eacd5c50a4681aa781ddbe
516383a918d335b49c13fd8e895e0a9d5a10b8a3
d8be4bcea8566283386127f4878dc614b240579a27335f632a10e63ddd32b97e
GET /ytc/AMLnZu8Doc_DkjS7mxaTdA5MLBaZtpF16hMkiJz3l9DS=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v41"
expires: Sun, 13 Nov 2022 05:39:25 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 12 Nov 2022 05:39:25 GMT
server: fife
content-length: 2566
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 562149e460e7949cc1e3726ac7c854bf
90c304ab2081e4d04e1c6a176e8193787986a0b2
9f83f2b72570abc2c662aacf80e9eac0ab0410de0e147b2f786767edd4dcc4fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 05:39:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/embed/t5g1o7SB2iI
142.250.74.46200 OK 28 kB URL HTTP/2 www.youtube.com/embed/t5g1o7SB2iI
IP 142.250.74.46:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58550)
Hash 33a3824f17e74b43e4290590cb1c9a1a
2c8640b979d8362eb1297c14e3509bad7978af0b
80676d56f93bf6c1545364c818e2d39779ed05780882ff4caa0ef4a1a10e9e81
GET /embed/t5g1o7SB2iI HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 12 Nov 2022 05:39:23 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=8n3T0eawpNY; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=ea1KyGg3FC0; Domain=.youtube.com; Expires=Thu, 11-May-2023 05:39:23 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+282; expires=Mon, 11-Nov-2024 05:39:23 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-MRTT13P2KG>m=2oeb90&_p=1810675505&cid=1229612267.1668231564&ul=en-us&sr=1280x1024&_s=1&sid=1668231566&sct=1&seg=0&dl=https%3A%2F%2Fthongtacconghanoi.net%2F&dt=C%C3%B4ng%20ty%20d%E1%BB%8Bch%20v%E1%BB%A5%20h%C3%BAt%20b%E1%BB%83%20ph%E1%BB%91t%20gi%C3%A1%20r%E1%BA%BB%20Uy%20T%C3%ADn%20t%E1%BA%A1i%20H%C3%A0%20N%E1%BB%99i&en=page_view&_fv=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-MRTT13P2KG>m=2oeb90&_p=1810675505&cid=1229612267.1668231564&ul=en-us&sr=1280x1024&_s=1&sid=1668231566&sct=1&seg=0&dl=https%3A%2F%2Fthongtacconghanoi.net%2F&dt=C%C3%B4ng%20ty%20d%E1%BB%8Bch%20v%E1%BB%A5%20h%C3%BAt%20b%E1%BB%83%20ph%E1%BB%91t%20gi%C3%A1%20r%E1%BA%BB%20Uy%20T%C3%ADn%20t%E1%BA%A1i%20H%C3%A0%20N%E1%BB%99i&en=page_view&_fv=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-MRTT13P2KG>m=2oeb90&_p=1810675505&cid=1229612267.1668231564&ul=en-us&sr=1280x1024&_s=1&sid=1668231566&sct=1&seg=0&dl=https%3A%2F%2Fthongtacconghanoi.net%2F&dt=C%C3%B4ng%20ty%20d%E1%BB%8Bch%20v%E1%BB%A5%20h%C3%BAt%20b%E1%BB%83%20ph%E1%BB%91t%20gi%C3%A1%20r%E1%BA%BB%20Uy%20T%C3%ADn%20t%E1%BA%A1i%20H%C3%A0%20N%E1%BB%99i&en=page_view&_fv=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thongtacconghanoi.net
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://thongtacconghanoi.net
date: Sat, 12 Nov 2022 05:39:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6fac57d-aa5c-42c2-904b-58aa73c59975.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6fac57d-aa5c-42c2-904b-58aa73c59975.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 701700f42e1b0e528a63c3bd2a4c54e7
a3af603900538ea10e094981d298a0b37d0ab896
c84ac2d3524eb950a433aa01e1226d995d87948452e4e135a4661094923ca465
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6fac57d-aa5c-42c2-904b-58aa73c59975.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4268
x-amzn-requestid: 19d2f4e7-b6c1-4093-b54c-70a9a476ad89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhSEwYIAMFg7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-6e2f5a6147153e5c32cc4499;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 1tbxcsSYcJuquYxeYfqcwaQaHpWmL9jwX31h1ZIyXO6i5A8gIbFQmA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:45:12 GMT
etag: "a3af603900538ea10e094981d298a0b37d0ab896"
content-type: image/jpeg
age: 28456
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/uploads/2021/07/hoa-ra-di-du-lich-lam-chung-ta-hanh-phuc-hon2-4-115x115.jpg
103.57.223.32200 OK 4.0 kB URL HTTP/2 thongtacconghanoi.net/wp-content/uploads/2021/07/hoa-ra-di-du-lich-lam-chung-ta-hanh-phuc-hon2-4-115x115.jpg
IP 103.57.223.32:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 115x115, components 3\012- data
Hash 876b88a36dbe2fa529ae9b5840f2af45
ce7cbcc31f01143d48af52a72094ab764c323719
f082ede5cf17a81268cd20c29b4e3e67ce2d3daa3750f4895e37d76f4b10a457
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/07/hoa-ra-di-du-lich-lam-chung-ta-hanh-phuc-hon2-4-115x115.jpg HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Cookie: _ga=GA1.1.1229612267.1668231564; _gid=GA1.2.333882078.1668231564; _gat_gtag_UA_119925054_1=1; _gat_gtag_UA_124281278_1=1; _ga_MRTT13P2KG=GS1.1.1668231566.1.0.1668231566.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=2629000, public
expires: Sat, 19 Nov 2022 05:39:28 GMT
content-type: image/jpeg
last-modified: Fri, 09 Jul 2021 03:22:22 GMT
accept-ranges: bytes
content-length: 4005
date: Sat, 12 Nov 2022 05:39:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
thongtacconghanoi.net/wp-content/plugins/master-slider/public/assets/css/common/loading-2.gif
103.57.223.32200 OK 2.7 kB URL HTTP/2 thongtacconghanoi.net/wp-content/plugins/master-slider/public/assets/css/common/loading-2.gif
IP 103.57.223.32:0
File type GIF image data, version 89a, 32 x 32\012- data
Hash 214f3c5ef3de8b01b2fe67da6ccfc7e7
e3839756e2515361eb5bedaed9919d4ca53f7b8f
014e4b61c8d6dbafa792dbccb03d65d38675a32a8bde54f45a6e00b6805dd57a
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/master-slider/public/assets/css/common/loading-2.gif HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/wp-content/plugins/master-slider/public/assets/css/masterslider.main.css?ver=3.8.1
Cookie: _ga=GA1.1.1229612267.1668231564; _gid=GA1.2.333882078.1668231564; _gat_gtag_UA_119925054_1=1; _gat_gtag_UA_124281278_1=1; _ga_MRTT13P2KG=GS1.1.1668231566.1.0.1668231566.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=2629000, public
expires: Sat, 19 Nov 2022 05:39:28 GMT
content-type: image/gif
last-modified: Tue, 10 May 2022 00:51:25 GMT
accept-ranges: bytes
content-length: 2707
date: Sat, 12 Nov 2022 05:39:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.youtube.com/embed/PeYnNH2Jg-Q
142.250.74.46200 OK 0 B URL HTTP/2 www.youtube.com/embed/PeYnNH2Jg-Q
IP 142.250.74.46:0
GET /embed/PeYnNH2Jg-Q HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 12 Nov 2022 05:39:23 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=s48GisLzJ1o; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=umpxPIFIecA; Domain=.youtube.com; Expires=Thu, 11-May-2023 05:39:23 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+558; expires=Mon, 11-Nov-2024 05:39:23 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/embed/Sb4irLMYhrM
142.250.74.46200 OK 0 B URL HTTP/2 www.youtube.com/embed/Sb4irLMYhrM
IP 142.250.74.46:0
GET /embed/Sb4irLMYhrM HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 12 Nov 2022 05:39:23 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=e08EVsvBr60; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=qCp5awi27Xw; Domain=.youtube.com; Expires=Thu, 11-May-2023 05:39:23 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+106; expires=Mon, 11-Nov-2024 05:39:23 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/embed/LdLvTTsremU
142.250.74.46200 OK 0 B URL HTTP/2 www.youtube.com/embed/LdLvTTsremU
IP 142.250.74.46:0
GET /embed/LdLvTTsremU HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 12 Nov 2022 05:39:23 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=Z13PoGQhqcU; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=-lXu2DHL_tY; Domain=.youtube.com; Expires=Thu, 11-May-2023 05:39:23 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+603; expires=Mon, 11-Nov-2024 05:39:23 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
thongtacconghanoi.net/
103.57.223.32200 OK 0 B IP 103.57.223.32:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET / HTTP/1.1
Host: thongtacconghanoi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.4.33
content-type: text/html; charset=UTF-8
link: <https://thongtacconghanoi.net/wp-json/>; rel="https://api.w.org/", <https://thongtacconghanoi.net/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json", <https://thongtacconghanoi.net/>; rel=shortlink
content-encoding: br
vary: Accept-Encoding
date: Sat, 12 Nov 2022 05:39:21 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,700&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,700&display=swap
IP 142.250.74.10:0
GET /css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thongtacconghanoi.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 12 Nov 2022 05:39:22 GMT
date: Sat, 12 Nov 2022 05:39:22 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2