r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3420
Expires: Fri, 25 Nov 2022 14:54:52 GMT
Date: Fri, 25 Nov 2022 13:57:52 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 10730f388c028d64e19b8a48d414768f
e43b104e57e5ea7ff8568835776858cf2ede6f00
f3c30c6d139288f1bfe13fce85c6ddc1514e1639fcf4d31a6012a3309ed1d50d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6129
Cache-Control: max-age=166531
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:57:52 GMT
Etag: "63809972-1d7"
Expires: Sun, 27 Nov 2022 12:13:23 GMT
Last-Modified: Fri, 25 Nov 2022 10:31:14 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5832
Expires: Fri, 25 Nov 2022 15:35:04 GMT
Date: Fri, 25 Nov 2022 13:57:52 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 13:19:07 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2325
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 2mQy20eyZFksNX0XSkpQFjc4SpzCKdPdaqV/yjzbNHOot4RFhbAjmaOu67pE98UubO/Y1wRKnNA=
x-amz-request-id: JJ8ZENF286GE9WCS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 13:43:51 GMT
age: 841
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 13:57:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
banhangcongnghe.com/page/product/hop-com/2.htm
27.0.15.34200 OK 5.4 kB URL HTTP/1.1 banhangcongnghe.com/page/product/hop-com/2.htm
IP 27.0.15.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash 93698addf30e0c7bbf33861585f72bf9
65851892c91f02d2fb958f7cb0ccfe0aff39d5fa
c94ffb36eed00876cfb2fe2c62373714a6b6ea23243cfd77c1e24181395d4343
Analyzer Verdict Alert fortinet Phishing
GET /page/product/hop-com/2.htm HTTP/1.1
Host: banhangcongnghe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 13:49:01 GMT
Server: Apache/2
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: PHPSESSID=e1ubr84ilq9cj0hnk3o13qikp2; path=/
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Content-Length: 5396
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 13:11:11 GMT
cache-control: public,max-age=3600
age: 2801
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash df06e70fc8a35facf1d8db463d18e231
fa8a2975566cc792898f870e48ae7518d3657326
4cef7e704f4d575ce6733f6f2d803d241b597be51ff3fb03f72e5c33a893b504
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1392
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:57:53 GMT
Last-Modified: Fri, 25 Nov 2022 13:34:41 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.24.14200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://banhangcongnghe.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:57:53 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 229982
expires: Wed, 15 Nov 2023 13:57:53 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTrDjGUSp6rmsZsW1UMFYIcseJzzUbiAo58K2T2s4hWsvW9DWIo2ghXcvH2Fu3tlmG%2BUSABxd293f%2B4V14LkacQmgstG0l%2BsQwjVA93Nxr98oK5w25oOXe2gSH%2B3Ltq2H%2Fu3fW8M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76fae55f0e310b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 0bed76d6aa31e1dbe70b5ad119eb31ce
25191b8e3855dc45417736b26b8ab092b3ec0106
7689122475d49c80fb087012cc03f5a641975d35c42e846c3ce01a267d3c32e6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6582
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:57:53 GMT
Last-Modified: Fri, 25 Nov 2022 12:08:11 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 280
apis.google.com/js/plusone.js
142.250.74.174200 OK 21 kB URL HTTP/1.1 apis.google.com/js/plusone.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1279)
Hash 327d33b72373a953dc7ddef0c6463b48
2fd9b26cb459ff01c3a1dd3507f1c7484cce6ce4
1f9becca80520826519f7908eff9bc2cdf551f9afc5d2a276f9d3c4a55a0e79c
GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://banhangcongnghe.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Content-Security-Policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="gapi-team"
Report-To: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
Timing-Allow-Origin: *
Content-Length: 20984
Date: Fri, 25 Nov 2022 13:57:53 GMT
Expires: Fri, 25 Nov 2022 13:57:53 GMT
Cache-Control: private, max-age=1800, stale-while-revalidate=1800
ETag: "34fae0e5dab49917"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a0111a2443450172e5d2b48d350a8f57
75e89d4cd001303e66a93880f96d6c47e7d665ab
c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:57:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a0111a2443450172e5d2b48d350a8f57
75e89d4cd001303e66a93880f96d6c47e7d665ab
c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:57:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 0bed76d6aa31e1dbe70b5ad119eb31ce
25191b8e3855dc45417736b26b8ab092b3ec0106
7689122475d49c80fb087012cc03f5a641975d35c42e846c3ce01a267d3c32e6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6582
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:57:53 GMT
Last-Modified: Fri, 25 Nov 2022 12:08:11 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 280
www.googletagmanager.com/gtag/js?id=AW-972403086
142.250.74.168200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-972403086
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 5c651a8332bac4b26f6bea7f44d4443c
8a101de8f1f12bcedc01d597b3a4af99f3273f03
559e2de0aa29c6caf12d0d4b30b01be18372168467d1d16f77375bc5cbec5cf7
GET /gtag/js?id=AW-972403086 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://banhangcongnghe.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 13:57:53 GMT
expires: Fri, 25 Nov 2022 13:57:53 GMT
cache-control: private, max-age=900
last-modified: Fri, 25 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 53029
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-132827621-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-132827621-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 336615a5415d28adc602ba0c61944089
ed49337bb800a3df92b016b92a90022f9a9fde21
fa2d6ca46239c7cf8fd073786c6603a0c49a64d72ea379c63ba9dffe6df60963
GET /gtag/js?id=UA-132827621-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://banhangcongnghe.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 13:57:53 GMT
expires: Fri, 25 Nov 2022 13:57:53 GMT
cache-control: private, max-age=900
last-modified: Fri, 25 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43682
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-W58NBKN
142.250.74.168200 OK 472 B URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-W58NBKN
IP 142.250.74.168:0
Hash a0111a2443450172e5d2b48d350a8f57
75e89d4cd001303e66a93880f96d6c47e7d665ab
c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64
GET /gtm.js?id=GTM-W58NBKN HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://banhangcongnghe.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 13:57:53 GMT
expires: Fri, 25 Nov 2022 13:57:53 GMT
cache-control: private, max-age=900
last-modified: Fri, 25 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 56256
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
banhangcongnghe.com/css/btr-menu.css
27.0.15.34200 OK 667 B URL HTTP/1.1 banhangcongnghe.com/css/btr-menu.css
IP 27.0.15.34:0
File type ASCII text, with CRLF line terminators
Hash 6535323a038b2e5d6d5182af312b94f4
54ba8e89fdc1055718bbe5fe343cf4a185ac2ae9
5e1e11a357aa5d9aa088147ecad2c6cc72c2c6d55ccb5127ea6890ac72798493
GET /css/btr-menu.css HTTP/1.1
Host: banhangcongnghe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://banhangcongnghe.com/page/product/hop-com/2.htm
Cookie: PHPSESSID=e1ubr84ilq9cj0hnk3o13qikp2
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 13:49:02 GMT
Server: Apache/2
Last-Modified: Sat, 13 Jun 2020 09:53:14 GMT
ETag: "9ba-5a7f429862020-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 667
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/css
push.services.mozilla.com/
52.39.57.61101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.57.61:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vCTi1QNDcuQaNeAgNTaRlA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: pjWbl3Xe6TeyUI4qJCxLqQgUwM8=
banhangcongnghe.com/css/style.css
27.0.15.34200 OK 631 B URL HTTP/1.1 banhangcongnghe.com/css/style.css
IP 27.0.15.34:0
Hash 90192ee08b1cdcb2d9f2f8e690b4f2bd
c54b10197526aa77ce26aedeae054d81693ce802
ba34ec6767dc8718f34fd557a71f88d7f4cbe132e3f37ee27ac0a23d349e826b
GET /css/style.css HTTP/1.1
Host: banhangcongnghe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://banhangcongnghe.com/page/product/hop-com/2.htm
Cookie: PHPSESSID=e1ubr84ilq9cj0hnk3o13qikp2
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 13:49:02 GMT
Server: Apache/2
Last-Modified: Thu, 18 Jun 2020 06:08:48 GMT
ETag: "618-5a8559c1f49c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 631
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/css
banhangcongnghe.com/css/bootstrap.min.css
27.0.15.34200 OK 20 kB URL HTTP/1.1 banhangcongnghe.com/css/bootstrap.min.css
IP 27.0.15.34:0
File type ASCII text, with very long lines (65367), with CRLF line terminators
Hash d369a004ff062087bfc2ff7930afb567
3adfc55be699b94470ed2b9ca2b33c6639638822
fbb733b690ac71a30d52ceaee9986187769bb5c78f1674dcb0fa53da8146a0f1
GET /css/bootstrap.min.css HTTP/1.1
Host: banhangcongnghe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://banhangcongnghe.com/page/product/hop-com/2.htm
Cookie: PHPSESSID=e1ubr84ilq9cj0hnk3o13qikp2
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 13:49:02 GMT
Server: Apache/2
Last-Modified: Sat, 13 Jun 2020 09:53:14 GMT
ETag: "1df7e-5a7f42988fe80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 20177
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/css
banhangcongnghe.com/js/btr-menu.js
27.0.15.34200 OK 839 B URL HTTP/1.1 banhangcongnghe.com/js/btr-menu.js
IP 27.0.15.34:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash fabd51aa7d353cffa78e9c77bc115b9e
3e0c4f0230b642b9e561241a777ca73bf5c48b0e
b6d8e797264527682ae22addc87ba372313d4157ddce5aeea6487e35c2929382
Analyzer Verdict Alert fortinet Phishing
GET /js/btr-menu.js HTTP/1.1
Host: banhangcongnghe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://banhangcongnghe.com/page/product/hop-com/2.htm
Cookie: PHPSESSID=e1ubr84ilq9cj0hnk3o13qikp2
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 13:49:02 GMT
Server: Apache/2
Last-Modified: Sat, 13 Jun 2020 09:54:49 GMT
ETag: "c6b-5a7f42f3c6010-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 839
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: application/javascript
banhangcongnghe.com/js/bootstrap.min.js
27.0.15.34200 OK 9.4 kB URL HTTP/1.1 banhangcongnghe.com/js/bootstrap.min.js
IP 27.0.15.34:0
File type ASCII text, with very long lines (32087), with CRLF line terminators
Hash a25d8ca22b2ba7afb6dc747601850315
78342183e74e37c63d7eb5201788a3cecfd8c4b9
84fca1939504f5c6cb73d51cd3c7f7a717c5b163b7fca2d1faa4dfbb6bfa8227
Analyzer Verdict Alert fortinet Phishing
GET /js/bootstrap.min.js HTTP/1.1
Host: banhangcongnghe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://banhangcongnghe.com/page/product/hop-com/2.htm
Cookie: PHPSESSID=e1ubr84ilq9cj0hnk3o13qikp2
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 13:49:02 GMT
Server: Apache/2
Last-Modified: Sat, 13 Jun 2020 09:54:49 GMT
ETag: "8b17-5a7f42f3d4a70-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 9447
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: application/javascript
banhangcongnghe.com/css/templates.css
27.0.15.34200 OK 7.0 kB URL HTTP/1.1 banhangcongnghe.com/css/templates.css
IP 27.0.15.34:0
File type Unicode text, UTF-8 (with BOM) text
Hash 6165d64df198e90a43e7fa9415cb298c
c680b586869a8dd6e3a00784c65c8a6cbd968b6f
3399d7266264871b6975c74677b039384ea7f532d21a834b167080f242604d72
GET /css/templates.css HTTP/1.1
Host: banhangcongnghe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://banhangcongnghe.com/css/style.css
Cookie: PHPSESSID=e1ubr84ilq9cj0hnk3o13qikp2
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 13:49:02 GMT
Server: Apache/2
Last-Modified: Mon, 22 Nov 2021 09:56:35 GMT
ETag: "75b1-5d15da3e7b3a0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 6968
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/css
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3243455750eb632d760a24594998b7d6
ee1367000e440c5ef8acce20fd79719910bd10cc
a22b080888a06f98594e3aa1a15b53083656a634608554f6a147530b9b13eb75
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4475
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:57:53 GMT
Last-Modified: Fri, 25 Nov 2022 12:43:18 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
banhangcongnghe.com/js/jquery-1.9.1.min.js
27.0.15.34200 OK 35 kB URL HTTP/1.1 banhangcongnghe.com/js/jquery-1.9.1.min.js
IP 27.0.15.34:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (38285), with CRLF line terminators
Hash 92742a9e407626bd49d1fb563adb1936
14f2c7027c1083d83c39017299c0c0c190aa7644
0d068ea63566662bbf72291b939fac8321f608f054086cbac39fbc7893c96c09
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery-1.9.1.min.js HTTP/1.1
Host: banhangcongnghe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://banhangcongnghe.com/page/product/hop-com/2.htm
Cookie: PHPSESSID=e1ubr84ilq9cj0hnk3o13qikp2
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 13:49:02 GMT
Server: Apache/2
Last-Modified: Sat, 13 Jun 2020 09:54:50 GMT
ETag: "1b3f7-5a7f42f4a9c98-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 34902
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: application/javascript
banhangcongnghe.com/js/jquery.min.js
27.0.15.34200 OK 34 kB URL HTTP/1.1 banhangcongnghe.com/js/jquery.min.js
IP 27.0.15.34:0
File type ASCII text, with very long lines (32077), with CRLF line terminators
Hash de68bf402c4c73b752a88dcf597972c9
4d6b6327337cb95e83bd9fc36e2800abc49f3eef
a012924b59bd6b64250c37d73c93970436c525b1484f244f8e360a0dcd11cf2c
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.min.js HTTP/1.1
Host: banhangcongnghe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://banhangcongnghe.com/page/product/hop-com/2.htm
Cookie: PHPSESSID=e1ubr84ilq9cj0hnk3o13qikp2
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 13:49:02 GMT
Server: Apache/2
Last-Modified: Sat, 13 Jun 2020 09:54:51 GMT
ETag: "17b90-5a7f42f4eb760-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 33769
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: application/javascript
region1.google-analytics.com/g/collect?v=2&tid=G-GTZY8FTYRX>m=2oeb90&_p=1584342706&cid=725988832.1669384673&ul=en-us&sr=1280x1024&_s=1&sid=1669384673&sct=1&seg=0&dl=http%3A%2F%2Fbanhangcongnghe.com%2Fpage%2Fproduct%2Fhop-com%2F2.htm&dt=hop%20com&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-GTZY8FTYRX>m=2oeb90&_p=1584342706&cid=725988832.1669384673&ul=en-us&sr=1280x1024&_s=1&sid=1669384673&sct=1&seg=0&dl=http%3A%2F%2Fbanhangcongnghe.com%2Fpage%2Fproduct%2Fhop-com%2F2.htm&dt=hop%20com&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-GTZY8FTYRX>m=2oeb90&_p=1584342706&cid=725988832.1669384673&ul=en-us&sr=1280x1024&_s=1&sid=1669384673&sct=1&seg=0&dl=http%3A%2F%2Fbanhangcongnghe.com%2Fpage%2Fproduct%2Fhop-com%2F2.htm&dt=hop%20com&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://banhangcongnghe.com
Connection: keep-alive
Referer: http://banhangcongnghe.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://banhangcongnghe.com
date: Fri, 25 Nov 2022 13:57:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
banhangcongnghe.com/images/logo_02.jpg
27.0.15.34200 OK 5.2 kB URL HTTP/1.1 banhangcongnghe.com/images/logo_02.jpg
IP 27.0.15.34:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 74x36, components 3\012- data
Hash 6d47510d6bd956c4131caa038c34f501
94d95558921b7cfec81cbd6d353eb073cc1d46f1
26fd7daac8b265545c63026413a3236699c762d16ce04976bd2584490e60f623
GET /images/logo_02.jpg HTTP/1.1
Host: banhangcongnghe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://banhangcongnghe.com/page/product/hop-com/2.htm
Cookie: PHPSESSID=e1ubr84ilq9cj0hnk3o13qikp2
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 13:49:03 GMT
Server: Apache/2
Last-Modified: Sat, 13 Jun 2020 09:54:36 GMT
ETag: "1432-5a7f42e71f7a8"
Accept-Ranges: bytes
Content-Length: 5170
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
banhangcongnghe.com/images/icon-dh.png
27.0.15.34200 OK 3.5 kB URL HTTP/1.1 banhangcongnghe.com/images/icon-dh.png
IP 27.0.15.34:0
File type PNG image data, 29 x 29, 8-bit/color RGBA, non-interlaced\012- data
Hash f22fd6d1791e158fa54a96a20ecba5b1
3186a6d7bb6f7ac02adf53bb6754cdc9d7e8e0cd
70915a52bd973a77be9ad09999c13ae2b47faef63a706b338ed1333ea949146b
GET /images/icon-dh.png HTTP/1.1
Host: banhangcongnghe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://banhangcongnghe.com/css/templates.css
Cookie: PHPSESSID=e1ubr84ilq9cj0hnk3o13qikp2; _gcl_au=1.1.1464133162.1669384673; _ga_GTZY8FTYRX=GS1.1.1669384673.1.0.1669384673.0.0.0; _ga=GA1.1.725988832.1669384673
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 13:49:03 GMT
Server: Apache/2
Last-Modified: Sat, 13 Jun 2020 09:54:35 GMT
ETag: "daf-5a7f42e6397f8"
Accept-Ranges: bytes
Content-Length: 3503
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
banhangcongnghe.com/images/icon-tt.png
27.0.15.34200 OK 3.6 kB URL HTTP/1.1 banhangcongnghe.com/images/icon-tt.png
IP 27.0.15.34:0
File type PNG image data, 32 x 29, 8-bit/color RGBA, non-interlaced\012- data
Hash fb0b9f959ca0c259fec6788718d052ca
45c035cfeddef01481adce67ef3c381190c63e5c
c433582e02621207539d217174f3c57154f75ffbfd288d0bfb97fc62edfc282d
GET /images/icon-tt.png HTTP/1.1
Host: banhangcongnghe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://banhangcongnghe.com/css/templates.css
Cookie: PHPSESSID=e1ubr84ilq9cj0hnk3o13qikp2; _gcl_au=1.1.1464133162.1669384673; _ga_GTZY8FTYRX=GS1.1.1669384673.1.0.1669384673.0.0.0; _ga=GA1.1.725988832.1669384673
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 13:49:03 GMT
Server: Apache/2
Last-Modified: Sat, 13 Jun 2020 09:54:36 GMT
ETag: "dfa-5a7f42e690a80"
Accept-Ranges: bytes
Content-Length: 3578
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: image/png
banhangcongnghe.com/images/phone-5123.png
27.0.15.34200 OK 1.2 kB URL HTTP/1.1 banhangcongnghe.com/images/phone-5123.png
IP 27.0.15.34:0
File type PNG image data, 29 x 29, 8-bit/color RGBA, non-interlaced\012- data
Hash b4e6d05e00c634209fd8e3fb16278c23
65feb905ba980fe0c8535fc608361c6409bd3a1e
fc58f601e3fe92cc615c69a82ac5bfbff523a627fe7665806bbc44f1faf589ad
GET /images/phone-5123.png HTTP/1.1
Host: banhangcongnghe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://banhangcongnghe.com/css/templates.css
Cookie: PHPSESSID=e1ubr84ilq9cj0hnk3o13qikp2; _gcl_au=1.1.1464133162.1669384673; _ga_GTZY8FTYRX=GS1.1.1669384673.1.0.1669384673.0.0.0; _ga=GA1.1.725988832.1669384673
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 13:49:03 GMT
Server: Apache/2
Last-Modified: Sat, 13 Jun 2020 09:54:37 GMT
ETag: "4c4-5a7f42e7f6528"
Accept-Ranges: bytes
Content-Length: 1220
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
banhangcongnghe.com/images/icon-gh.png
27.0.15.34200 OK 3.2 kB URL HTTP/1.1 banhangcongnghe.com/images/icon-gh.png
IP 27.0.15.34:0
File type PNG image data, 32 x 23, 8-bit/color RGBA, non-interlaced\012- data
Hash 98bbd7761f26a2eb73bf1a1c2cb80795
864def6ac0f74cc5f2331344b8d580f30f9e17dc
195a54fdf89a66631c5c30653877d6ce80e5ad7946d0ba7333d9f0271f4a01d2
GET /images/icon-gh.png HTTP/1.1
Host: banhangcongnghe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://banhangcongnghe.com/css/templates.css
Cookie: PHPSESSID=e1ubr84ilq9cj0hnk3o13qikp2; _gcl_au=1.1.1464133162.1669384673; _ga_GTZY8FTYRX=GS1.1.1669384673.1.0.1669384673.0.0.0; _ga=GA1.1.725988832.1669384673
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 13:49:03 GMT
Server: Apache/2
Last-Modified: Sat, 13 Jun 2020 09:54:35 GMT
ETag: "c99-5a7f42e630f40"
Accept-Ranges: bytes
Content-Length: 3225
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: image/png
banhangcongnghe.com/upload/images/logo_1543023921.jpg
27.0.15.34200 OK 16 kB URL HTTP/1.1 banhangcongnghe.com/upload/images/logo_1543023921.jpg
IP 27.0.15.34:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 134x80, components 3\012- data
Hash 4b43fd964bb9d1930e0e63fd72efaad9
78130fda907aeb2d1407ce5b29ba14415fa21d43
f1a23464859f2abb1b0825598c358de5cc7c03001b29ca97c3f19f8a3f70dd8f
GET /upload/images/logo_1543023921.jpg HTTP/1.1
Host: banhangcongnghe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://banhangcongnghe.com/page/product/hop-com/2.htm
Cookie: PHPSESSID=e1ubr84ilq9cj0hnk3o13qikp2
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 13:49:03 GMT
Server: Apache/2
Last-Modified: Sat, 13 Jun 2020 10:08:58 GMT
ETag: "3d09-5a7f461cf4650"
Accept-Ranges: bytes
Content-Length: 15625
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d3d2d21ac304813a16da64921ce18ba4
98b1762c675c61eeb18254986461e6b1074ebc92
af00429c189464ddb8df704dc48035421f943444df6ca17390fb97466c2e7e9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:57:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2a03384abe9f9728677b1f7b876b4694
41c1c401e79ac5b6edc6fc3cce8b4d085c565ac1
744b3562ef1851ca3c0413020ef5c40e71af514e6ff8da065f6ea9f846e70717
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:57:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
142.250.74.174200 OK 51 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
IP 142.250.74.174:0
File type ASCII text, with very long lines (580)
Hash a5aeb8dce52dc81116cc434ff43d3f63
c74721ddc9b87ba5a9deb2a361f44c9293f928b7
333fbf33d55990f58551357644398b7b571c25cd56bc25ad3ea7270571f96118
GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://banhangcongnghe.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 51072
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 13:33:11 GMT
expires: Wed, 22 Nov 2023 13:33:11 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
age: 260683
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/972403086/?random=1669384672851&cv=11&fst=1669384672851&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fbanhangcongnghe.com%2Fpage%2Fproduct%2Fhop-com%2F2.htm&tiba=hop%20com&auid=1464133162.1669384673&rfmt=3&fmt=4
142.250.74.162200 OK 873 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/972403086/?random=1669384672851&cv=11&fst=1669384672851&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fbanhangcongnghe.com%2Fpage%2Fproduct%2Fhop-com%2F2.htm&tiba=hop%20com&auid=1464133162.1669384673&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (1823), with no line terminators
Hash 7c457770b1c9e0ef354d205e83037fe4
1e07874cca68ac6739feadd654244f1bcb3ff709
977fba4ddde8eb072da260270279d029bee96b5bd07578622bcd44bb64c6d719
GET /pagead/viewthroughconversion/972403086/?random=1669384672851&cv=11&fst=1669384672851&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fbanhangcongnghe.com%2Fpage%2Fproduct%2Fhop-com%2F2.htm&tiba=hop%20com&auid=1464133162.1669384673&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://banhangcongnghe.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 13:57:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 873
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 25-Nov-2022 14:12:54 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 65992aeb8efb9a0b8fd59687090733fe
526a2afccc93d32849185d153fafe44b72797df9
b6677984b6c3602d7b62df776158c09a3e57eec4c0edbddafb0624200715f10e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:57:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d3d2d21ac304813a16da64921ce18ba4
98b1762c675c61eeb18254986461e6b1074ebc92
af00429c189464ddb8df704dc48035421f943444df6ca17390fb97466c2e7e9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:57:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
banhangcongnghe.com/favico.ico
27.0.15.34200 OK 807 B URL HTTP/1.1 banhangcongnghe.com/favico.ico
IP 27.0.15.34:0
File type MS Windows icon resource - 1 icon, 32x32, 24 bits/pixel\012- data
Hash 2c547edb3219e77f262a91451aeb738d
151c77a51b3967cf3c3a75618637ca719988331f
b179a2ef448a2a7a865eccaaac9075d6f0bdd9f8fe0c131d5447b68b98383482
Analyzer Verdict Alert fortinet Phishing
GET /favico.ico HTTP/1.1
Host: banhangcongnghe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://banhangcongnghe.com/page/product/hop-com/2.htm
Cookie: PHPSESSID=e1ubr84ilq9cj0hnk3o13qikp2; _gcl_au=1.1.1464133162.1669384673; _ga_GTZY8FTYRX=GS1.1.1669384673.1.0.1669384673.0.0.0; _ga=GA1.1.725988832.1669384673
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 13:49:03 GMT
Server: Apache/2
Last-Modified: Sat, 13 Jun 2020 09:55:52 GMT
ETag: "cbe-5a7f432f3d260-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 807
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: image/x-icon
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3245
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 13:57:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3245
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 13:57:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3245
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 13:57:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3245
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 13:57:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b6ee13d43732f7c764a49500d092865
5d15fd672e968d59b541e4d5d0d01cd5e69f4075
fc3623d527147e1c6aab399251ed8d527e6eefdee6ad7183f00df2613498bfe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8006
x-amzn-requestid: 78aab013-df11-464b-a1c7-ee41b7e77b40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-AHSrIAMFvKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38c-4d795f410a57fc2c21d7075d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NntLZ3wUdcX9kEo-afFLU0TPKgqAlSK3bToNh2mmoqoyLBJINNk7ow==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:39 GMT
age: 57796
etag: "5d15fd672e968d59b541e4d5d0d01cd5e69f4075"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:47:53 GMT
age: 58202
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4006a9037ab5f28dca62b0aa7a704c41
74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:23:00 GMT
age: 34495
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 05:04:28 GMT
age: 32007
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8784bb7a8b88736a6016f712e3183bf3
b0ddc1555d2506177adcdcea77864d75f1245d07
8e331713b0ad0b5670dd33dfdadde665e076a40ddb80905d4df89876d49803d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11743
x-amzn-requestid: 9ab0aba7-5cd1-4f6c-8984-dc221e1cbf8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cICD-F7joAMFqmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe3b2-152ba5f1495a44447356cdab;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oWSNdsrz59sJC2znLnFqa_Zm3T14_d6j-rjzDQe4yV22Dy2Qc4Swaw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:45 GMT
age: 57790
etag: "b0ddc1555d2506177adcdcea77864d75f1245d07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6673267df195141739d1018c17101368
b80047da428636adb7027f12718c8d11bd461da4
de30af07eed7326a1326c831e04727649a112c20d0c485a7e973edd96f91bfaa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11954
x-amzn-requestid: 0c912d90-72b5-4060-ae22-c2ecbe16b57a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8J-nEFEoAMF2eA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2390-503ead086c8021af6eaeaa85;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JZAeoFNsUy2usSV7O41YGIfVow9gaIMXuKnfcaundLduQ5UX2eTKOQ==
via: 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 17:17:27 GMT
age: 74428
etag: "b80047da428636adb7027f12718c8d11bd461da4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
za.zdn.vn/v3/za.js?19321
120.138.69.5200 OK 7.9 kB IP 120.138.69.5:0
ASN #38244 VNG Corporation
File type ASCII text, with very long lines (20288)
Hash f564f342d4aceb3656fe5ce80ff95604
f566114e9aab52a85f8b6a25084a1068902ff65a
997a41a9400322ad6e066d89a5048e04a5156223aea186cce1bf3446f2de5cb9
GET /v3/za.js?19321 HTTP/1.1
Host: za.zdn.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://banhangcongnghe.com/
HTTP/1.1 200 OK
Server: Cluster6970
Date: Fri, 25 Nov 2022 13:31:53 GMT
Content-Type: application/javascript
Last-Modified: Mon, 10 Jan 2022 09:12:24 GMT
ETag: W/"61dbf878-4f41"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Age: 1562
Content-Length: 7910
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 163d4912a06d8358abc770dc0351d7b4
1e8dc04b95e704679ab729f81716466ea8a3e591
72245d178d481350af611804e557032ffb7bb3a3e8cdb83f3332a5ffba78d193
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:57:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 76544babbcf6515110bd81aaee8e7e63
043497692868c67ac84cdfe70d0a484517abd1c2
a19d5958d683662375a2469d1d7e551188469b967eb6f2bae2d5e43dac51a4f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:57:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/972403086/?random=1669384672851&cv=11&fst=1669381200000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fbanhangcongnghe.com%2Fpage%2Fproduct%2Fhop-com%2F2.htm&tiba=hop%20com&fmt=3&is_vtc=1&random=793986798&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/972403086/?random=1669384672851&cv=11&fst=1669381200000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fbanhangcongnghe.com%2Fpage%2Fproduct%2Fhop-com%2F2.htm&tiba=hop%20com&fmt=3&is_vtc=1&random=793986798&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/972403086/?random=1669384672851&cv=11&fst=1669381200000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fbanhangcongnghe.com%2Fpage%2Fproduct%2Fhop-com%2F2.htm&tiba=hop%20com&fmt=3&is_vtc=1&random=793986798&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://banhangcongnghe.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 13:57:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/972403086/?random=1669384672851&cv=11&fst=1669381200000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fbanhangcongnghe.com%2Fpage%2Fproduct%2Fhop-com%2F2.htm&tiba=hop%20com&fmt=3&is_vtc=1&random=793986798&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/972403086/?random=1669384672851&cv=11&fst=1669381200000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fbanhangcongnghe.com%2Fpage%2Fproduct%2Fhop-com%2F2.htm&tiba=hop%20com&fmt=3&is_vtc=1&random=793986798&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/972403086/?random=1669384672851&cv=11&fst=1669381200000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fbanhangcongnghe.com%2Fpage%2Fproduct%2Fhop-com%2F2.htm&tiba=hop%20com&fmt=3&is_vtc=1&random=793986798&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://banhangcongnghe.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 13:57:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 163d4912a06d8358abc770dc0351d7b4
1e8dc04b95e704679ab729f81716466ea8a3e591
72245d178d481350af611804e557032ffb7bb3a3e8cdb83f3332a5ffba78d193
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:57:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
page.widget.zalo.me/?position=null&oaid=703651137223819297&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=0&leftside=false&width=350&height=420&style=2&id=4349abcf-ef09-4e46-909c-b3de928aeae3&domain=banhangcongnghe.com&android=false&ios=false
49.213.114.167200 OK 1.7 kB URL HTTP/2 page.widget.zalo.me/?position=null&oaid=703651137223819297&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=0&leftside=false&width=350&height=420&style=2&id=4349abcf-ef09-4e46-909c-b3de928aeae3&domain=banhangcongnghe.com&android=false&ios=false
IP 49.213.114.167:0
ASN #38244 VNG Corporation
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3695), with no line terminators
Hash 45ac1a3dd4f84d427eaa8284843d35b5
87f7de4a411f924aef7c1259311b3f8924a493f3
d550ce7a182aabaf1f8cf3c085a9570fb9c933ea69f2515344db1795605291ec
GET /?position=null&oaid=703651137223819297&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=0&leftside=false&width=350&height=420&style=2&id=4349abcf-ef09-4e46-909c-b3de928aeae3&domain=banhangcongnghe.com&android=false&ios=false HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://banhangcongnghe.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:57:55 GMT
content-length: 1721
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:57:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Roboto:wght@100;400;500;700;900&display=swap
142.250.74.10200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@100;400;500;700;900&display=swap
IP 142.250.74.10:0
Hash 284f5faaee828301b86d06be7ea4162b
43c86ce0f6727509318a02a474203fb9a5dcbc89
68329a7b471f6db70d8970db39f2f1db0b6f7d38aace5b1fd86c68addd589333
GET /css2?family=Roboto:wght@100;400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 13:57:55 GMT
date: Fri, 25 Nov 2022 13:57:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
banhangcongnghe.com/images/bgmain.jpg
27.0.15.34200 OK 207 kB URL HTTP/1.1 banhangcongnghe.com/images/bgmain.jpg
IP 27.0.15.34:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2014:03:13 20:47:04], progressive, precision 8, 1395x782, components 3\012- data
Size 207 kB (207032 bytes)
Hash a9ca24e4e01bad6b3d16ae18b48488c9
54e9cfb6928616ba95c3b40bd5b8d82d2d198977
e9991b4300438ce391e9612c5acbbd1b404c5a3e8d5220a032d7dbe998e52a1d
GET /images/bgmain.jpg HTTP/1.1
Host: banhangcongnghe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://banhangcongnghe.com/css/templates.css
Cookie: PHPSESSID=e1ubr84ilq9cj0hnk3o13qikp2; _gcl_au=1.1.1464133162.1669384673; _ga_GTZY8FTYRX=GS1.1.1669384673.1.0.1669384673.0.0.0; _ga=GA1.1.725988832.1669384673
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 13:49:03 GMT
Server: Apache/2
Last-Modified: Sat, 13 Jun 2020 09:54:32 GMT
ETag: "328b8-5a7f42e307620"
Accept-Ranges: bytes
Content-Length: 207032
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
page.widget.zalo.me/static/js/cphandler.js
49.213.114.167200 OK 2.3 kB URL HTTP/2 page.widget.zalo.me/static/js/cphandler.js
IP 49.213.114.167:0
ASN #38244 VNG Corporation
File type ASCII text, with CRLF line terminators
Hash e02df3ae5979d6de788855361ac9bbda
31e91f3c2fc467f95fe9a55206a39d554c41e005
2ba7f537cfd492f21b02ee954827b8db82ceaac1699695f5b1c3719d4dc07207
GET /static/js/cphandler.js HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/?position=null&oaid=703651137223819297&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=0&leftside=false&width=350&height=420&style=2&id=4349abcf-ef09-4e46-909c-b3de928aeae3&domain=banhangcongnghe.com&android=false&ios=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:57:55 GMT
content-type: application/javascript
content-length: 2279
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
page.widget.zalo.me/static/js/zinit.js?v5
49.213.114.167200 OK 900 B URL HTTP/2 page.widget.zalo.me/static/js/zinit.js?v5
IP 49.213.114.167:0
ASN #38244 VNG Corporation
Hash 562ebdb09ae3d87ce07b643e4e23b5d5
897f82c06b6f72452ff474bd14c27ba4460fed7c
c2139788118e243dc0c322959e5404b29ba73fbee0605c890fda2dc37d1ef764
GET /static/js/zinit.js?v5 HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/?position=null&oaid=703651137223819297&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=0&leftside=false&width=350&height=420&style=2&id=4349abcf-ef09-4e46-909c-b3de928aeae3&domain=banhangcongnghe.com&android=false&ios=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:57:55 GMT
content-type: application/javascript
content-length: 900
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c16831bb22aecc67906176e9c46363df
0a0483a517bac97833f2f366005a31c7f6952768
81de73a659efd8f6b373896db5266ef5f1d6a510f758ea0838408d6692248eae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6352
Cache-Control: max-age=111298
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:57:56 GMT
Etag: "637fc0d6-1d7"
Expires: Sat, 26 Nov 2022 20:52:54 GMT
Last-Modified: Thu, 24 Nov 2022 19:07:02 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
za.zalo.me/v3/w/t
49.213.114.149200 OK 221 B IP 49.213.114.149:0
ASN #38244 VNG Corporation
File type JSON data\012- , ASCII text, with no line terminators
Hash c7372b17ddea2801abc0091646d581e7
784e11638e63cef55ab8bd5f1958b9bdc0a20cc0
aba59c48d115cca4872010fb5f27f310890e34de3fdac05cb96cf4eb05820a6c
POST /v3/w/t HTTP/1.1
Host: za.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/x-www-form-urlencoded
Content-Length: 205
Origin: http://banhangcongnghe.com
Connection: keep-alive
Referer: http://banhangcongnghe.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:57:56 GMT
content-type: application/json; charset=utf-8
content-length: 221
access-control-allow-origin: http://banhangcongnghe.com
access-control-allow-credentials: true
set-cookie: __zi=2000.Q8lWw9q20fTcY-3bbGG0rsACwBV4MbkTOO_hkCTGNTXYWUxznLvVrsQFw_qu.1;Secure;SameSite=None;Path=/;Domain=zalo.me;Max-Age=62208000
__zi-legacy=2000.Q8lWw9q20fTcY-3bbGG0rsACwBV4MbkTOO_hkCTGNTXYWUxznLvVrsQFw_qu.1;Path=/;Domain=zalo.me;Expires=Thu, 14-Nov-2024 13:57:56 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: za-ngx-srv
strict-transport-security: max-age=86400; includeSubdomains;
X-Firefox-Spdy: h2
za.zdn.vn/v3/za.js
120.138.69.5200 OK 7.9 kB IP 120.138.69.5:0
ASN #38244 VNG Corporation
File type ASCII text, with very long lines (20288)
Hash f564f342d4aceb3656fe5ce80ff95604
f566114e9aab52a85f8b6a25084a1068902ff65a
997a41a9400322ad6e066d89a5048e04a5156223aea186cce1bf3446f2de5cb9
GET /v3/za.js HTTP/1.1
Host: za.zdn.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 13:57:56 GMT
content-type: application/javascript
content-length: 7910
last-modified: Mon, 10 Jan 2022 09:12:24 GMT
etag: W/"61dbf878-4f41"
content-encoding: gzip
age: 1563
access-control-allow-origin: *
X-Firefox-Spdy: h2
sp-zp.zdn.vn/sdk-server-1.0.0.js
120.138.69.12200 OK 2.9 kB URL HTTP/2 sp-zp.zdn.vn/sdk-server-1.0.0.js
IP 120.138.69.12:0
ASN #38244 VNG Corporation
File type ASCII text, with very long lines (1569)
Hash 374d60c509f50bf1c19bd22baf9f48d4
51edea09de7d6cca92e113afeb8eb04bcb3a8a34
d7e675024981a396c864a91cd38aa73f01375a10b78740f1eba6ddad76362dd6
GET /sdk-server-1.0.0.js HTTP/1.1
Host: sp-zp.zdn.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:57:56 GMT
content-type: application/javascript
content-length: 2889
last-modified: Fri, 26 Aug 2022 06:58:29 GMT
access-control-allow-origin: *
accept-ranges: bytes
age: 24531
server: ZDN
X-Firefox-Spdy: h2
za.zalo.me/v3/w/t
49.213.114.149200 OK 200 B IP 49.213.114.149:0
ASN #38244 VNG Corporation
File type JSON data\012- , ASCII text, with no line terminators
Hash 02e07631973ab0fd7bf84a7da61b77cf
df2f4e5506799e46b34ef7ccb9dff2c47549ef04
507d9d9f37a66c60c81379447403e100b423e74d6c888cf18d14318ffbe2cffc
POST /v3/w/t HTTP/1.1
Host: za.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/x-www-form-urlencoded
Content-Length: 661
Origin: https://page.widget.zalo.me
Connection: keep-alive
Referer: https://page.widget.zalo.me/
Cookie: __zi=2000.Q8lWw9q20fTcY-3bbGG0rsACwBV4MbkTOO_hkCTGNTXYWUxznLvVrsQFw_qu.1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:57:56 GMT
content-type: application/json; charset=utf-8
content-length: 200
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-credentials: true
set-cookie: __zi=2000.SSZzejyD6jybWlwjrWOKtoMFzglKHX3OBOEvvia87i1ltwliXaGSmIILgE-5In_B8j2huO0E7SKWtw_lCJOu.1;Secure;SameSite=None;Path=/;Domain=zalo.me;Max-Age=62208000
__zi-legacy=2000.SSZzejyD6jybWlwjrWOKtoMFzglKHX3OBOEvvia87i1ltwliXaGSmIILgE-5In_B8j2huO0E7SKWtw_lCJOu.1;Path=/;Domain=zalo.me;Expires=Thu, 14-Nov-2024 13:57:56 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: za-ngx-srv
strict-transport-security: max-age=86400; includeSubdomains;
X-Firefox-Spdy: h2
page.widget.zalo.me/static/locales/vi/translation.json
49.213.114.167200 OK 1.0 kB URL HTTP/2 page.widget.zalo.me/static/locales/vi/translation.json
IP 49.213.114.167:0
ASN #38244 VNG Corporation
File type JSON data\012- , Unicode text, UTF-8 text
Hash d9b26a1e67f11e3bcc219a2d7b4c9df3
fc758dc7f8d34a1fed11b19073c08f61f396981e
4d4a458ed10c41e81e1abd276d9649ac4ed0a3ec26b140725c554313ab6cce0a
GET /static/locales/vi/translation.json HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://page.widget.zalo.me/?position=null&oaid=703651137223819297&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=0&leftside=false&width=350&height=420&style=2&id=4349abcf-ef09-4e46-909c-b3de928aeae3&domain=banhangcongnghe.com&android=false&ios=false
Connection: keep-alive
Cookie: __zi=2000.SSZzejyD6jybWlwjrWOKtoMFzglKHX3OBOEvvia87i1ltwliXaGSmIILgE-5In_B8j2huO0E7SKWtw_lCJOu.1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:57:57 GMT
content-type: application/json
content-length: 1037
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 13e26cfeb392233fbb24264fa9c4e4bf
856f1437bb028a8aebdce1ac7101b9db00334798
e17dd7f49eafe56d5984c058c0554dbff86ef734e78c6a68175021d16e0a71c3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:57:58 GMT
Etag: "63806f23-1d7"
Server: ECS (amb/6BA4)
Content-Length: 471
px.dmp.zaloapp.com/static/zdmp_tr_px.js
49.213.114.180200 OK 2.5 kB URL HTTP/2 px.dmp.zaloapp.com/static/zdmp_tr_px.js
IP 49.213.114.180:0
ASN #38244 VNG Corporation
File type ASCII text, with very long lines (2521), with no line terminators
Hash 13909b6cfd1e5f1f309193041e8ec594
7a0f2d08ef44bdaf4abc0f3ebf9500657a25928e
8431accf0b4efc513a28fa973b87f0e2b7920310c8042d9c7480f19d6e2f50a5
GET /static/zdmp_tr_px.js HTTP/1.1
Host: px.dmp.zaloapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:57:58 GMT
content-type: application/javascript
content-length: 2521
last-modified: Wed, 23 Nov 2022 08:30:24 GMT
etag: "637dda20-9d9"
accept-ranges: bytes
server: za-ngx-srv
cache-control: no-cache, max-age=0
X-Firefox-Spdy: h2
api.widget.zalo.me/v1/oa?oaid=703651137223819297
49.213.114.167200 OK 57 B URL HTTP/2 api.widget.zalo.me/v1/oa?oaid=703651137223819297
IP 49.213.114.167:0
ASN #38244 VNG Corporation
File type JSON data\012- , ASCII text, with no line terminators
Hash 3e9590827921ed67322cbbfcdb754ff1
392279ecefe6f8f88aa223e79206e65891249883
a4518a2205f5917f44bfb75a043a10df95eef8c353aca95306de38dcd5d7bb18
OPTIONS /v1/oa?oaid=703651137223819297 HTTP/1.1
Host: api.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,zreferrer
Referer: https://page.widget.zalo.me/
Origin: https://page.widget.zalo.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:57:59 GMT
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Authorization, Zreferrer
access-control-max-age: 1728000
allow: GET, HEAD, POST, TRACE, OPTIONS
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
api.widget.zalo.me/v1/zuser
49.213.114.167200 OK 57 B URL HTTP/2 api.widget.zalo.me/v1/zuser
IP 49.213.114.167:0
ASN #38244 VNG Corporation
File type JSON data\012- , ASCII text, with no line terminators
Hash 3e9590827921ed67322cbbfcdb754ff1
392279ecefe6f8f88aa223e79206e65891249883
a4518a2205f5917f44bfb75a043a10df95eef8c353aca95306de38dcd5d7bb18
OPTIONS /v1/zuser HTTP/1.1
Host: api.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: zreferrer
Referer: https://page.widget.zalo.me/
Origin: https://page.widget.zalo.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:57:59 GMT
access-control-allow-origin: https://page.widget.zalo.me
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Authorization, Zreferrer
access-control-max-age: 1728000
allow: GET, HEAD, POST, TRACE, OPTIONS
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css
IP 104.18.10.207:0
GET /font-awesome/4.6.3/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://banhangcongnghe.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:57:53 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 632, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 2021-06-08 21:31:13
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 5bb5196854d77b3b0bd1d55200ac7249
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 5006306
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76fae55f3cb2b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
page.widget.zalo.me/static/css/fa/css/all.min.css
49.213.114.167200 OK 0 B URL HTTP/2 page.widget.zalo.me/static/css/fa/css/all.min.css
IP 49.213.114.167:0
ASN #38244 VNG Corporation
GET /static/css/fa/css/all.min.css HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/?position=null&oaid=703651137223819297&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=0&leftside=false&width=350&height=420&style=2&id=4349abcf-ef09-4e46-909c-b3de928aeae3&domain=banhangcongnghe.com&android=false&ios=false
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:57:55 GMT
content-type: text/css
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
page.widget.zalo.me/static/static/js/main.bdb050eb.chunk.js
49.213.114.167200 OK 0 B URL HTTP/2 page.widget.zalo.me/static/static/js/main.bdb050eb.chunk.js
IP 49.213.114.167:0
ASN #38244 VNG Corporation
GET /static/static/js/main.bdb050eb.chunk.js HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/?position=null&oaid=703651137223819297&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=0&leftside=false&width=350&height=420&style=2&id=4349abcf-ef09-4e46-909c-b3de928aeae3&domain=banhangcongnghe.com&android=false&ios=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:57:56 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
sp.zalo.me/plugins/sdk.js
49.213.114.132200 OK 0 B URL HTTP/2 sp.zalo.me/plugins/sdk.js
IP 49.213.114.132:0
ASN #38244 VNG Corporation
GET /plugins/sdk.js HTTP/1.1
Host: sp.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://banhangcongnghe.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:57:54 GMT
content-type: text/javascript;charset=utf-8
etag: cbc6013bb2eeee269197cfbcfe0d1818--gzip
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
page.widget.zalo.me/static/static/css/main.607e1b85.chunk.css
49.213.114.167200 OK 0 B URL HTTP/2 page.widget.zalo.me/static/static/css/main.607e1b85.chunk.css
IP 49.213.114.167:0
ASN #38244 VNG Corporation
GET /static/static/css/main.607e1b85.chunk.css HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/?position=null&oaid=703651137223819297&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=0&leftside=false&width=350&height=420&style=2&id=4349abcf-ef09-4e46-909c-b3de928aeae3&domain=banhangcongnghe.com&android=false&ios=false
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:57:56 GMT
content-type: text/css
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
page.widget.zalo.me/static/static/js/2.7b346dac.chunk.js
49.213.114.167200 OK 0 B URL HTTP/2 page.widget.zalo.me/static/static/js/2.7b346dac.chunk.js
IP 49.213.114.167:0
ASN #38244 VNG Corporation
GET /static/static/js/2.7b346dac.chunk.js HTTP/1.1
Host: page.widget.zalo.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/?position=null&oaid=703651137223819297&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=0&leftside=false&width=350&height=420&style=2&id=4349abcf-ef09-4e46-909c-b3de928aeae3&domain=banhangcongnghe.com&android=false&ios=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:57:56 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 07:30:40 GMT
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
px.dmp.zaloapp.com/tr?id=7711843404775064594&event=PageView&sessionId=805b21ab-f0b9-4971-a666-340a36b5690c&time=1669384678179&version=1&zscript=1&lastsrcref=http://banhangcongnghe.com&vid=2000.SSZzejyD6jybWlwjrWOKtoMFzglKHX3OBOEvvia87i1ltwliXaGSmIILgE-5In_B8j2huO0E7SKWtw_lCJOu.1
49.213.114.180200 OK 0 B URL HTTP/2 px.dmp.zaloapp.com/tr?id=7711843404775064594&event=PageView&sessionId=805b21ab-f0b9-4971-a666-340a36b5690c&time=1669384678179&version=1&zscript=1&lastsrcref=http://banhangcongnghe.com&vid=2000.SSZzejyD6jybWlwjrWOKtoMFzglKHX3OBOEvvia87i1ltwliXaGSmIILgE-5In_B8j2huO0E7SKWtw_lCJOu.1
IP 49.213.114.180:0
ASN #38244 VNG Corporation
GET /tr?id=7711843404775064594&event=PageView&sessionId=805b21ab-f0b9-4971-a666-340a36b5690c&time=1669384678179&version=1&zscript=1&lastsrcref=http://banhangcongnghe.com&vid=2000.SSZzejyD6jybWlwjrWOKtoMFzglKHX3OBOEvvia87i1ltwliXaGSmIILgE-5In_B8j2huO0E7SKWtw_lCJOu.1 HTTP/1.1
Host: px.dmp.zaloapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://page.widget.zalo.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:57:58 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0
pragma: no-cache
server: za-ngx-srv
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2