firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 08 Sep 2022 18:05:21 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: LVALsAl-kz2colQOJ6A9iN9Gx9qcTr6DneGudWtQlPOs0gxS1CEIKQ==
Age: 2839
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6441
Expires: Thu, 08 Sep 2022 20:40:01 GMT
Date: Thu, 08 Sep 2022 18:52:40 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 08 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LN7MZ8GGvgu09jKHH5tgwPjbeEn-Do-NHCxAUhBfXdlvrvq8Db6BfA==
age: 54366
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 18:52:40 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 08 Sep 2022 18:38:18 GMT
Cache-Control: max-age=3600
Expires: Thu, 08 Sep 2022 19:29:55 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Zlj7b7fxPA1vSJEf7K6hl0hyFFN5N_RkG4zaUBwjy4LJTvObpxtjJw==
Age: 862
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 042105f89c8d64b470d84e052cd412d1
a26c7e2559b3760ea2765b16a3f8d1be27f5dcf4
fadb8cdd22f4d7773d5c20d576f6400ab25e20e1efe3e3fe50d2ae39ca6f2725
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5776
Cache-Control: max-age=139821
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 18:52:40 GMT
Etag: "6319a295-1d7"
Expires: Sat, 10 Sep 2022 09:43:01 GMT
Last-Modified: Thu, 08 Sep 2022 08:06:45 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.164.56.167101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.56.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: p9sTHwaAp6B37Ok8Sdnkiw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: OEoZa0Uvw2WRUDCaDo/tJhKl/9Y=
kiemthe1xua.com/taive/
103.90.226.73200 OK 2.1 kB IP 103.90.226.73:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 9d2f129dc605027abfa70de6e79f5f4e
559f52bd3914327d868b30783d06afd7084ea406
9d5a2a17ca35328a19dc8c958a2cb5921aa5c623624c61820e890374eb1b5c6c
Analyzer Verdict Alert fortinet Phishing
GET /taive/ HTTP/1.1
Host: kiemthe1xua.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Thu, 08 Sep 2022 18:52:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.29
Set-Cookie: PHPSESSID=7td9nmmgg35dsaeusa7pdvg55k; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Pingback: http://kiemthe1xua.com/xmlrpc.php
Link: <https://kiemthe1xua.com/wp-json/>; rel="https://api.w.org/", <https://kiemthe1xua.com/wp-json/wp/v2/posts/6516>; rel="alternate"; type="application/json", <https://kiemthe1xua.com/?p=6516>; rel=shortlink
Content-Encoding: gzip
kiemthe1xua.com/css/reset-wp.css?ver=5.6.3
103.90.226.73200 OK 1.1 kB URL HTTP/1.1 kiemthe1xua.com/css/reset-wp.css?ver=5.6.3
IP 103.90.226.73:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type ASCII text, with CRLF line terminators
Hash 968ba6e00c6c5ff03e62d5b213e1ba54
718d99e4131b09d36d386962997d678f5601a666
3b23de3cfb99617690dcc87c2036feb1835c3379eeecf17ccdb6af78d1ef42d8
GET /css/reset-wp.css?ver=5.6.3 HTTP/1.1
Host: kiemthe1xua.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kiemthe1xua.com/taive/
Cookie: PHPSESSID=7td9nmmgg35dsaeusa7pdvg55k
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Thu, 08 Sep 2022 18:52:41 GMT
Content-Type: text/css
Content-Length: 1146
Connection: keep-alive
Last-Modified: Fri, 23 Apr 2021 04:27:03 GMT
ETag: "47a-5c09c3533eae0"
Accept-Ranges: bytes
kiemthe1xua.com/css/download.css?ver=1614151406
103.90.226.73200 OK 31 kB URL HTTP/1.1 kiemthe1xua.com/css/download.css?ver=1614151406
IP 103.90.226.73:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type ASCII text, with CRLF line terminators
Hash 5cba741025cfe2644adde64305417e2b
c40b917a53c03d845ba432057c67ba4cce2c696f
391c0a746e77e21ee424384dc7e009ec856d95c7e9ff5ab99415839161c43065
GET /css/download.css?ver=1614151406 HTTP/1.1
Host: kiemthe1xua.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kiemthe1xua.com/taive/
Cookie: PHPSESSID=7td9nmmgg35dsaeusa7pdvg55k
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Thu, 08 Sep 2022 18:52:41 GMT
Content-Type: text/css
Content-Length: 31193
Connection: keep-alive
Last-Modified: Thu, 12 Aug 2021 03:38:15 GMT
ETag: "79d9-5c954770aa879"
Accept-Ranges: bytes
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash f13aee7a719c32560ce8b5ae6698aaf7
c0753fb6b5e7201e796337908ed99579c78c911f
3b2a53fa24163636d60d360002b68936b4c554c981d1bc288c7e121e22443920
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 18:52:42 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2022 04:37:59 GMT
Expires: Tue, 13 Sep 2022 04:37:58 GMT
Etag: "c0753fb6b5e7201e796337908ed99579c78c911f"
Cache-Control: max-age=380115,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7479e1fb7ddc0b55-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash f13aee7a719c32560ce8b5ae6698aaf7
c0753fb6b5e7201e796337908ed99579c78c911f
3b2a53fa24163636d60d360002b68936b4c554c981d1bc288c7e121e22443920
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 18:52:42 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2022 04:37:59 GMT
Expires: Tue, 13 Sep 2022 04:37:58 GMT
Etag: "c0753fb6b5e7201e796337908ed99579c78c911f"
Cache-Control: max-age=380115,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7479e1fb8a4eb523-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b63f97bc3dce37e8ee6a0c9fcae468fe
cc70326582c0016d7434d0553486734266e57e71
6b3b365123beead4021532b8f2578b3761bbd47af45ed2a461a0476d53aa637d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 18:52:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b63f97bc3dce37e8ee6a0c9fcae468fe
cc70326582c0016d7434d0553486734266e57e71
6b3b365123beead4021532b8f2578b3761bbd47af45ed2a461a0476d53aa637d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 18:52:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash f13aee7a719c32560ce8b5ae6698aaf7
c0753fb6b5e7201e796337908ed99579c78c911f
3b2a53fa24163636d60d360002b68936b4c554c981d1bc288c7e121e22443920
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 18:52:42 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2022 04:37:59 GMT
Expires: Tue, 13 Sep 2022 04:37:58 GMT
Etag: "c0753fb6b5e7201e796337908ed99579c78c911f"
Cache-Control: max-age=380115,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7479e1fb7a200b69-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash f13aee7a719c32560ce8b5ae6698aaf7
c0753fb6b5e7201e796337908ed99579c78c911f
3b2a53fa24163636d60d360002b68936b4c554c981d1bc288c7e121e22443920
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 18:52:42 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2022 04:37:59 GMT
Expires: Tue, 13 Sep 2022 04:37:58 GMT
Etag: "c0753fb6b5e7201e796337908ed99579c78c911f"
Cache-Control: max-age=380115,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7479e1fb7a9b0b06-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash f13aee7a719c32560ce8b5ae6698aaf7
c0753fb6b5e7201e796337908ed99579c78c911f
3b2a53fa24163636d60d360002b68936b4c554c981d1bc288c7e121e22443920
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 18:52:42 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2022 04:37:59 GMT
Expires: Tue, 13 Sep 2022 04:37:58 GMT
Etag: "c0753fb6b5e7201e796337908ed99579c78c911f"
Cache-Control: max-age=380115,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7479e1fb7aa10b61-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5999
Expires: Thu, 08 Sep 2022 20:32:41 GMT
Date: Thu, 08 Sep 2022 18:52:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5999
Expires: Thu, 08 Sep 2022 20:32:41 GMT
Date: Thu, 08 Sep 2022 18:52:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5999
Expires: Thu, 08 Sep 2022 20:32:41 GMT
Date: Thu, 08 Sep 2022 18:52:42 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f922505178de0cea92eedcfda85a9f67
50f1459de01174e594e03e7df4dfaa8eb1798672
981cd58768d6ad841673add855ddcc7106fbc85de05db9a1bd2d6bc8928b4c2c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6214
x-amzn-requestid: 46a44af0-e547-49e8-bc39-f6c49d94e375
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj_0HFKbIAMFRbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b134d-0297c83c305422fa51b86dcf;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 07:03:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _ZKcuRO8Z6wBMdm79iDZj5uRYk4YYpYJqOoG8hZqY81O0R7hfbe5bQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 05:34:36 GMT
age: 47886
etag: "50f1459de01174e594e03e7df4dfaa8eb1798672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F822fb287-f1f6-45a1-be54-4fa7385bb163.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F822fb287-f1f6-45a1-be54-4fa7385bb163.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f73ee4e91b38eaa36cadd4c437785f8
6ceea057f5ae50b9cef505da0a358e3d3b7d6a38
778d28e14b28c154843403470136d0efdcdd5e93e4b5aab784c12d4344e7af6f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F822fb287-f1f6-45a1-be54-4fa7385bb163.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11365
x-amzn-requestid: d50039cd-381c-4221-997e-9231d40ecfbb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9V0EHEoAMFeag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f58-11cab61904bd14462cd13d0d;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: z7RyNwWgq5r9B2WMa5ibpo3d8DXFSFCCrEHpMvc0Q5SqE2x1ovaV-g==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 020978022b22df6352245f09cfbc410c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:41:33 GMT
age: 72669
etag: "6ceea057f5ae50b9cef505da0a358e3d3b7d6a38"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5314d83a-c7f9-468e-8b42-535c4fae5d85.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5314d83a-c7f9-468e-8b42-535c4fae5d85.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a07d553b6441514870ed7e9e989a29a7
98c145b9326d1e6036fa9089d87a25232dd45b0b
373a586b596016baeb8de98022207c25af24c099c06077edbdfd837cffc31a0e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5314d83a-c7f9-468e-8b42-535c4fae5d85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7492
x-amzn-requestid: 2c5e9ff3-c7a4-4a8f-96bf-74f0ca5d9137
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9dOHguIAMFjGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f87-70dbe6532b1a241e6dbe729e;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:39:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 6mfdlMHJozdykr4faiijvUuJPXVrJGU_n0MxJgCrZ-uWWdejGYfiAQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 020978022b22df6352245f09cfbc410c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:33:06 GMT
age: 73176
etag: "98c145b9326d1e6036fa9089d87a25232dd45b0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffca3b7c7-528e-421a-8910-451f0b9b667f.webp
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffca3b7c7-528e-421a-8910-451f0b9b667f.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 09267c271a56ba4c2d4197543f264fac
67ae4acd88571da51b81fa7ed963b7f2a71845b4
906163f9e1bb8908ae7fcfbf4debc2a42fd14a3f90c8814536025a57ee851dbe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffca3b7c7-528e-421a-8910-451f0b9b667f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8162
x-amzn-requestid: decb1d93-bcc9-4a71-a054-c537ad7d1add
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YJvndF1fIAMFv7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a2c95-27cef2465fd0e6c849da81af;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 17:55:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: C_J0m9xfkCb5qsoO934KB2Ldk1-yMaMXkgiv9gWus7JqjN3M_HCpdg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 17:56:29 GMT
age: 3373
etag: "67ae4acd88571da51b81fa7ed963b7f2a71845b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ba17b3c-58f5-4458-8dc2-8e4a7cf8d782.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ba17b3c-58f5-4458-8dc2-8e4a7cf8d782.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1cd778a615e9a4ca3a25119790398434
d6daca74fc85d39274b3c7536f34528bef93ae97
e6b5a7a525e314e09c30985b22da7c34806df09cbe98ad52b00dcbf93a0dc054
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ba17b3c-58f5-4458-8dc2-8e4a7cf8d782.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7251
x-amzn-requestid: 26b2021a-4440-47ce-8dba-d971cae60cc1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9bmHcmoAMF3Fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f7d-5471edce7de2374c3b8af888;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:39:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: d3MrDEyDFDylQKyfxONQ12_7IBvRAg8o0rSZ64WNRGNvDHqQyDmqJA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:16:27 GMT
age: 74175
etag: "d6daca74fc85d39274b3c7536f34528bef93ae97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6069f6c-2029-46b3-9867-5eaeb96d65e7.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6069f6c-2029-46b3-9867-5eaeb96d65e7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ca5b5d4ac26d97b5729a30ecdc688bc
3e633bc6c4ab9adfe84899e5209d73bef1d097eb
2c8275d1819d933f86df9685b76aea030842ba5a341c59ea88ffd2da99a5a3d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6069f6c-2029-46b3-9867-5eaeb96d65e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7885
x-amzn-requestid: 305dc6b7-eb3d-40ad-af89-8b60be935637
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9ThE3DIAMFRtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-7c0b58644e26de7f27c5b388;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Ry2D03udnweYHan_7KhC9IDhT01g9_73G40Fa10BdIX21tgK0Cgjiw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:48:35 GMT
etag: "3e633bc6c4ab9adfe84899e5209d73bef1d097eb"
content-type: image/jpeg
age: 75847
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
kiemthe1xua.com/css/fonts.css
103.90.226.73200 OK 450 B URL HTTP/1.1 kiemthe1xua.com/css/fonts.css
IP 103.90.226.73:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type ASCII text, with CRLF line terminators
Hash a0128cbe7f961581c090ea0b3484a2ac
6f170def463e96c62ea1d102b51d66afa92c0b29
fc6159eb283bd58084577028235d3bbed1f962e53b60c1d0c33b1b934728413f
GET /css/fonts.css HTTP/1.1
Host: kiemthe1xua.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kiemthe1xua.com/css/download.css?ver=1614151406
Cookie: PHPSESSID=7td9nmmgg35dsaeusa7pdvg55k
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Thu, 08 Sep 2022 18:52:42 GMT
Content-Type: text/css
Content-Length: 450
Connection: keep-alive
Last-Modified: Fri, 23 Apr 2021 04:29:08 GMT
ETag: "1c2-5c09c3c9ed13e"
Accept-Ranges: bytes
kiemthe1xua.com/css/slick.css
103.90.226.73200 OK 1.9 kB URL HTTP/1.1 kiemthe1xua.com/css/slick.css
IP 103.90.226.73:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type ASCII text, with CRLF line terminators
Hash b06073c5a23326dcc332b78d42c7290c
64e6c5ff99f14c65752e0322234160f8e83fc6c2
f0b722c48c52082cd77261574e22a5251fe37ea4b291b1441134145bab9b2063
GET /css/slick.css HTTP/1.1
Host: kiemthe1xua.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kiemthe1xua.com/css/download.css?ver=1614151406
Cookie: PHPSESSID=7td9nmmgg35dsaeusa7pdvg55k
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Thu, 08 Sep 2022 18:52:42 GMT
Content-Type: text/css
Content-Length: 1895
Connection: keep-alive
Last-Modified: Fri, 23 Apr 2021 04:30:53 GMT
ETag: "767-5c09c42ebcd3e"
Accept-Ranges: bytes
kiemthe1xua.com/css/font-awesome.css
103.90.226.73200 OK 34 kB URL HTTP/1.1 kiemthe1xua.com/css/font-awesome.css
IP 103.90.226.73:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type troff or preprocessor input, ASCII text, with very long lines (372), with CRLF line terminators
Hash f41972df29e3cfed4a340b9c21d6ba94
811432ad1e2d6c1f6da9a63fd919bf2a02b71dd9
d4230e4529ad80ac1e2779112749264647a4212edbe7511088dde28e92d8074b
GET /css/font-awesome.css HTTP/1.1
Host: kiemthe1xua.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kiemthe1xua.com/css/download.css?ver=1614151406
Cookie: PHPSESSID=7td9nmmgg35dsaeusa7pdvg55k
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Thu, 08 Sep 2022 18:52:42 GMT
Content-Type: text/css
Content-Length: 34344
Connection: keep-alive
Last-Modified: Fri, 23 Apr 2021 04:30:07 GMT
ETag: "8628-5c09c40270943"
Accept-Ranges: bytes
kiemthe1xua.com/js/download.js
103.90.226.73200 OK 340 kB URL HTTP/1.1 kiemthe1xua.com/js/download.js
IP 103.90.226.73:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type ASCII text, with very long lines (65450), with CRLF line terminators
Size 340 kB (340036 bytes)
Hash 300e832db7c910673b694b43e5b47af4
a3519401b795c1795cece0a70567d8efc421a73a
8d2b0f76968fb0753d9792a2c5ec57c189752b4c03cfba4ccfed1593ae3540cb
Analyzer Verdict Alert fortinet Phishing
GET /js/download.js HTTP/1.1
Host: kiemthe1xua.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kiemthe1xua.com/taive/
Cookie: PHPSESSID=7td9nmmgg35dsaeusa7pdvg55k
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Thu, 08 Sep 2022 18:52:41 GMT
Content-Type: application/javascript
Content-Length: 340036
Connection: keep-alive
Last-Modified: Fri, 23 Apr 2021 08:29:19 GMT
ETag: "53044-5c09f979878e0"
Accept-Ranges: bytes
kiemthe1xua.com/css/uikit.min.css
103.90.226.73200 OK 271 kB URL HTTP/1.1 kiemthe1xua.com/css/uikit.min.css
IP 103.90.226.73:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Size 271 kB (270866 bytes)
Hash 7f6169cfe14417aa317b2350f8d05aaa
327f908e6b1c5df696fd24a825b152759c965d38
4acf3da084cc94290ba1d6b9a33ad8d88ee6c8b833a174bbe885fa7e7d3ec1de
GET /css/uikit.min.css HTTP/1.1
Host: kiemthe1xua.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kiemthe1xua.com/css/download.css?ver=1614151406
Cookie: PHPSESSID=7td9nmmgg35dsaeusa7pdvg55k
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Thu, 08 Sep 2022 18:52:42 GMT
Content-Type: text/css
Content-Length: 270866
Connection: keep-alive
Last-Modified: Fri, 23 Apr 2021 04:30:26 GMT
ETag: "42212-5c09c41501504"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash db3d2d40f373a7ef445874e65d7f0397
087a4802f28647e830222fafc67bda30dec5fc31
4a7ff3bf120d9795d86e370be5fb2987edd4575e1ce0ab1f2f7a66ddf1e5b0d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 18:52:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 61961ee76ab6c28f6e17eb7a1df4a3ea
ab4e8c9c284a0eed6b2fab77c9df432839158b3a
9e3bec23cc8ea49ab4e3a3a244a428c59e6c48c80359c473155584807ba0de41
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 18:52:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kiemthe1xua.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 83915
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash db3d2d40f373a7ef445874e65d7f0397
087a4802f28647e830222fafc67bda30dec5fc31
4a7ff3bf120d9795d86e370be5fb2987edd4575e1ce0ab1f2f7a66ddf1e5b0d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 18:52:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 61961ee76ab6c28f6e17eb7a1df4a3ea
ab4e8c9c284a0eed6b2fab77c9df432839158b3a
9e3bec23cc8ea49ab4e3a3a244a428c59e6c48c80359c473155584807ba0de41
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 18:52:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kiemthe1xua.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 83915
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
142.250.74.163200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 11824, version 1.0\012- data
Hash deb26e9b1a25438118e5d39d741ae6b6
a2801defb4c8bed8e4083dfde0b2a5a9c0537020
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kiemthe1xua.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11824
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:35:18 GMT
expires: Thu, 07 Sep 2023 19:35:18 GMT
cache-control: public, max-age=31536000
age: 83845
last-modified: Wed, 11 May 2022 19:24:43 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
142.250.74.163200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 11872, version 1.0\012- data
Hash 87ace20058325aa069320aa4af875dff
b743548770c46d905ae1ba06310bc001c587fe8e
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kiemthe1xua.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:35:48 GMT
expires: Thu, 07 Sep 2023 19:35:48 GMT
cache-control: public, max-age=31536000
age: 83815
last-modified: Wed, 11 May 2022 19:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash db3d2d40f373a7ef445874e65d7f0397
087a4802f28647e830222fafc67bda30dec5fc31
4a7ff3bf120d9795d86e370be5fb2987edd4575e1ce0ab1f2f7a66ddf1e5b0d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 18:52:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
142.250.74.163200 OK 5.5 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 5548, version 1.0\012- data
Hash cdaab83619fcacd4027a77c99dd51e69
9e6eae8554f8cc2309b2dae2d9fa217e34eed6a4
4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kiemthe1xua.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5548
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 21:32:38 GMT
expires: Thu, 07 Sep 2023 21:32:38 GMT
cache-control: public, max-age=31536000
age: 76805
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
142.250.74.163200 OK 5.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 5560, version 1.0\012- data
Hash ca3b09b62fda648a4511700413313fd0
109cd4c5435bd6614391bb8722c47c287c96b2ec
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kiemthe1xua.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5560
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:36:26 GMT
expires: Thu, 07 Sep 2023 19:36:26 GMT
cache-control: public, max-age=31536000
age: 83777
last-modified: Wed, 11 May 2022 19:24:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kiemthe1xua.com/images/download/taingay_3.png
103.90.226.73200 OK 10 kB URL HTTP/1.1 kiemthe1xua.com/images/download/taingay_3.png
IP 103.90.226.73:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 186 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash dd207f2b7aacfd127f99a035356e4282
df6522dbc64e7b1bf52ff163ca6da14f1d6d6f5e
79a1c21d075bf9d49a48fc9960a1a1cde29df26911a36546ebfc848c9548baba
GET /images/download/taingay_3.png HTTP/1.1
Host: kiemthe1xua.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kiemthe1xua.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Thu, 08 Sep 2022 18:52:43 GMT
Content-Type: image/png
Content-Length: 10450
Connection: keep-alive
Last-Modified: Fri, 23 Apr 2021 04:42:19 GMT
ETag: "28d2-5c09c6bcdab2d"
Accept-Ranges: bytes
kiemthe1xua.com/images/download/taingay_2.png
103.90.226.73200 OK 10 kB URL HTTP/1.1 kiemthe1xua.com/images/download/taingay_2.png
IP 103.90.226.73:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 186 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 17bd294a8a74e4aa9ad09cb59fd895dc
831341c0202ae4ae59e1f1cc0906936de0e5b43f
89357cfbe575782703bccfb8bfd410e38d7594bddf8a24741563833aa385d5b9
GET /images/download/taingay_2.png HTTP/1.1
Host: kiemthe1xua.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kiemthe1xua.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Thu, 08 Sep 2022 18:52:43 GMT
Content-Type: image/png
Content-Length: 10110
Connection: keep-alive
Last-Modified: Fri, 23 Apr 2021 04:42:19 GMT
ETag: "277e-5c09c6bc515e6"
Accept-Ranges: bytes
kiemthe1xua.com/css/images/dl_dot_menu.png
103.90.226.73200 OK 243 B URL HTTP/1.1 kiemthe1xua.com/css/images/dl_dot_menu.png
IP 103.90.226.73:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced\012- data
Hash 6e21cfc6c2d0259d74d7c3504941b525
429d2e5517b20d4ad31080ef4aa9d6b8df5e1fe4
cfe3c01669ab4033d8f51064682fa7c2504ea7a3b146e986dc732da25f2546b9
GET /css/images/dl_dot_menu.png HTTP/1.1
Host: kiemthe1xua.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kiemthe1xua.com/css/download.css?ver=1614151406
Cookie: PHPSESSID=7td9nmmgg35dsaeusa7pdvg55k
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Thu, 08 Sep 2022 18:52:43 GMT
Content-Type: image/png
Content-Length: 243
Connection: keep-alive
Last-Modified: Fri, 23 Apr 2021 04:34:23 GMT
ETag: "f3-5c09c4f702f64"
Accept-Ranges: bytes
kiemthe1xua.com/css/SVN-AleoBold.woff2
103.90.226.73200 OK 35 kB URL HTTP/1.1 kiemthe1xua.com/css/SVN-AleoBold.woff2
IP 103.90.226.73:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type Web Open Font Format (Version 2), TrueType, length 34840, version 1.0\012- data
Hash c372b5e1fa2be3e63ba213dc9073138a
cc7d2d70bbff540534b36e16ba0b86b4bbdbfc2c
1084ab07918b49300c050a8723e412aa1a3168e89391702253a31cbf1a3dda46
Analyzer Verdict Alert fortinet Phishing
GET /css/SVN-AleoBold.woff2 HTTP/1.1
Host: kiemthe1xua.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://kiemthe1xua.com/css/fonts.css
Cookie: PHPSESSID=7td9nmmgg35dsaeusa7pdvg55k
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Thu, 08 Sep 2022 18:52:43 GMT
Content-Type: font/woff2
Content-Length: 34840
Connection: keep-alive
Last-Modified: Fri, 23 Apr 2021 04:36:48 GMT
ETag: "8818-5c09c58173cfa"
Accept-Ranges: bytes
kiemthe1xua.com/images/logo22.png
103.90.226.73200 OK 45 kB URL HTTP/1.1 kiemthe1xua.com/images/logo22.png
IP 103.90.226.73:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 250 x 132, 8-bit/color RGBA, non-interlaced\012- data
Hash b669903996716e60c4fcdb8f0d7c8b19
adc26956e4110f77d40031b8ae6e3379d9980511
0b5893db2ccb2531f579fd360a002fb74714a872d7ef782559be099ba65e6eec
GET /images/logo22.png HTTP/1.1
Host: kiemthe1xua.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kiemthe1xua.com/taive/
Cookie: PHPSESSID=7td9nmmgg35dsaeusa7pdvg55k
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Thu, 08 Sep 2022 18:52:43 GMT
Content-Type: image/png
Content-Length: 45205
Connection: keep-alive
Last-Modified: Sat, 10 Apr 2021 19:43:18 GMT
ETag: "b095-5bfa37e00d2d4"
Accept-Ranges: bytes
kiemthe1xua.com/css/images/trang_tri.png
103.90.226.73200 OK 50 kB URL HTTP/1.1 kiemthe1xua.com/css/images/trang_tri.png
IP 103.90.226.73:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 315 x 116, 8-bit/color RGBA, non-interlaced\012- data
Hash 0fe72c334081842a8e2c12e33e47b127
636c073eb86a36c676a6ec2acfad361c1b61acf1
ca90f326455e17daad56fd5902afea7de3288306a4b83854282571da87324fb7
GET /css/images/trang_tri.png HTTP/1.1
Host: kiemthe1xua.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kiemthe1xua.com/css/download.css?ver=1614151406
Cookie: PHPSESSID=7td9nmmgg35dsaeusa7pdvg55k
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Thu, 08 Sep 2022 18:52:44 GMT
Content-Type: image/png
Content-Length: 49682
Connection: keep-alive
Last-Modified: Fri, 23 Apr 2021 04:38:31 GMT
ETag: "c212-5c09c5e2fc2c7"
Accept-Ranges: bytes
kiemthe1xua.com/images/download/dl_btn_dangky.png
103.90.226.73200 OK 43 kB URL HTTP/1.1 kiemthe1xua.com/images/download/dl_btn_dangky.png
IP 103.90.226.73:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 418 x 162, 8-bit/color RGBA, non-interlaced\012- data
Hash 32d6ce45fb021a267241b51e34e711b6
f32618b672b5fc929d89f828ab5f31ec4878a749
d460435033d41934b6eef1982eba2d277a6d3cf481e1e10e1766f2baad890bdb
GET /images/download/dl_btn_dangky.png HTTP/1.1
Host: kiemthe1xua.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kiemthe1xua.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Thu, 08 Sep 2022 18:52:44 GMT
Content-Type: image/png
Content-Length: 43367
Connection: keep-alive
Last-Modified: Fri, 23 Apr 2021 04:42:11 GMT
ETag: "a967-5c09c6b4df946"
Accept-Ranges: bytes
kiemthe1xua.com/css/images/bg_page_download.jpg
103.90.226.73200 OK 200 kB URL HTTP/1.1 kiemthe1xua.com/css/images/bg_page_download.jpg
IP 103.90.226.73:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x2209, components 3\012- data
Size 200 kB (199866 bytes)
Hash 586cae7621c17a006f3ad2260da0b603
fdbd6550129cd74bf468f9bf3b17baaba48769c1
c73a11bac0dba37f83a5f87bebf8da890d2111aab631c5b1fb45bf221c761fc0
GET /css/images/bg_page_download.jpg HTTP/1.1
Host: kiemthe1xua.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kiemthe1xua.com/css/download.css?ver=1614151406
Cookie: PHPSESSID=7td9nmmgg35dsaeusa7pdvg55k
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Thu, 08 Sep 2022 18:52:43 GMT
Content-Type: image/jpeg
Content-Length: 199866
Connection: keep-alive
Last-Modified: Fri, 23 Apr 2021 04:34:33 GMT
ETag: "30cba-5c09c5008fed4"
Accept-Ranges: bytes
kiemthe1xua.com/images/download/tit_phuong_thuc_tai.png
103.90.226.73200 OK 16 kB URL HTTP/1.1 kiemthe1xua.com/images/download/tit_phuong_thuc_tai.png
IP 103.90.226.73:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 518 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash 6a38eccbc0259cfe510f341bd7d60b6e
48eb784228cbaf250d8c3439fdb8f249c276409c
70f66e4c549b45252b1b55c3834ffee4e5d8882c500ffdb6700af83d17f9b6f7
GET /images/download/tit_phuong_thuc_tai.png HTTP/1.1
Host: kiemthe1xua.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kiemthe1xua.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Thu, 08 Sep 2022 18:52:44 GMT
Content-Type: image/png
Content-Length: 15720
Connection: keep-alive
Last-Modified: Fri, 23 Apr 2021 04:42:18 GMT
ETag: "3d68-5c09c6bb4f8c4"
Accept-Ranges: bytes
kiemthe1xua.com/images/download/dl_download_linkss.png
103.90.226.73200 OK 360 kB URL HTTP/1.1 kiemthe1xua.com/images/download/dl_download_linkss.png
IP 103.90.226.73:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 1151 x 359, 8-bit/color RGB, non-interlaced\012- data
Size 360 kB (359451 bytes)
Hash 801cc6c0b8b099b1b8440ea9ff7cebb7
4f3c0740425c2b907204fbaa4cfcd6da5c4fdb33
4d138a10079fbf7f34a74193b31d73eb157a96b9f7f66272725673dcb9468274
GET /images/download/dl_download_linkss.png HTTP/1.1
Host: kiemthe1xua.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kiemthe1xua.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Thu, 08 Sep 2022 18:52:43 GMT
Content-Type: image/png
Content-Length: 359451
Connection: keep-alive
Last-Modified: Thu, 12 Aug 2021 03:48:54 GMT
ETag: "57c1b-5c9549d27d4b0"
Accept-Ranges: bytes
kiemthe1xua.com/images/download/dl_contact.png
103.90.226.73200 OK 407 kB URL HTTP/1.1 kiemthe1xua.com/images/download/dl_contact.png
IP 103.90.226.73:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 970 x 365, 8-bit/color RGBA, non-interlaced\012- data
Size 407 kB (406878 bytes)
Hash 2036179492ddbfe7983ddb527541196c
b53de6a658eb4f0390c5448c67676cd620d474ce
599e62d9feb506f8131a6e2702a828ba197f9aad1afdae29fbc6bd3270cdb064
GET /images/download/dl_contact.png HTTP/1.1
Host: kiemthe1xua.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kiemthe1xua.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Thu, 08 Sep 2022 18:52:43 GMT
Content-Type: image/png
Content-Length: 406878
Connection: keep-alive
Last-Modified: Fri, 23 Apr 2021 04:42:32 GMT
ETag: "6355e-5c09c6c9123d0"
Accept-Ranges: bytes
kiemthe1xua.com/images/download/taingay_1.png
103.90.226.73200 OK 10 kB URL HTTP/1.1 kiemthe1xua.com/images/download/taingay_1.png
IP 103.90.226.73:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 186 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 759480d014fce2ba9fa2a715b1297e32
7280586f363b09ceb685acc90b476c9f4dbbfd04
1bf82a719b2490ccdac5a364efb125ba7872fe1db82c7f0127eb8d466e7453a6
GET /images/download/taingay_1.png HTTP/1.1
Host: kiemthe1xua.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kiemthe1xua.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Thu, 08 Sep 2022 18:52:45 GMT
Content-Type: image/png
Content-Length: 10260
Connection: keep-alive
Last-Modified: Fri, 23 Apr 2021 04:42:19 GMT
ETag: "2814-5c09c6bc5cce9"
Accept-Ranges: bytes
kiemthe1xua.com/images/download/taingay_4.png
103.90.226.73200 OK 10 kB URL HTTP/1.1 kiemthe1xua.com/images/download/taingay_4.png
IP 103.90.226.73:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 186 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d02735afa6e6004facc01d26af058bf
3a58f03fc2e371035edb8e6e9688bac7eadb58f6
c0319a7400a6894f21220cf7a9af53040fe83ba30bd5d3173f67221dca3a62ed
GET /images/download/taingay_4.png HTTP/1.1
Host: kiemthe1xua.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kiemthe1xua.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Thu, 08 Sep 2022 18:52:45 GMT
Content-Type: image/png
Content-Length: 10388
Connection: keep-alive
Last-Modified: Fri, 23 Apr 2021 04:42:19 GMT
ETag: "2894-5c09c6bce6236"
Accept-Ranges: bytes
kiemthe1xua.com/images/download/dl_huong_dan.png
103.90.226.73200 OK 193 kB URL HTTP/1.1 kiemthe1xua.com/images/download/dl_huong_dan.png
IP 103.90.226.73:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 1152 x 275, 8-bit/color RGBA, non-interlaced\012- data
Size 193 kB (193010 bytes)
Hash feab01956a7b7aee47aec96a1c2fca94
746f06b4ffbc5a9baca8b57a5953d7767108b0c5
a7914c1a0969885b0d3003dedb661a2fe7aef34971dc188ff82c0425dcc52a1f
GET /images/download/dl_huong_dan.png HTTP/1.1
Host: kiemthe1xua.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kiemthe1xua.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Thu, 08 Sep 2022 18:52:44 GMT
Content-Type: image/png
Content-Length: 193010
Connection: keep-alive
Last-Modified: Fri, 23 Apr 2021 06:00:26 GMT
ETag: "2f1f2-5c09d832d187a"
Accept-Ranges: bytes
kiemthe1xua.com/images/download/tit_video_huong_dan_chi_tiet.png
103.90.226.73200 OK 16 kB URL HTTP/1.1 kiemthe1xua.com/images/download/tit_video_huong_dan_chi_tiet.png
IP 103.90.226.73:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 566 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash 8e801e6bccb7574b10858affdb06c616
4d78a42bb36eb78827a23482746de2ab8b0af675
60f9772669c12e80cc28c890f694698cfe9aa26d68dd0bd30529116f5e342943
GET /images/download/tit_video_huong_dan_chi_tiet.png HTTP/1.1
Host: kiemthe1xua.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kiemthe1xua.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Thu, 08 Sep 2022 18:52:45 GMT
Content-Type: image/png
Content-Length: 16430
Connection: keep-alive
Last-Modified: Fri, 23 Apr 2021 04:42:20 GMT
ETag: "402e-5c09c6bd3de16"
Accept-Ranges: bytes
kiemthe1xua.com/images/download/trang_tri_2.png
103.90.226.73200 OK 22 kB URL HTTP/1.1 kiemthe1xua.com/images/download/trang_tri_2.png
IP 103.90.226.73:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 126 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash ba3ddc294d0b9b0bb594d698d74442da
af22894b60eec8deb94bc86611e9471711608ca1
35fa1d36ac06e2908fb5bd21c05bd60ff8910486dbea702ee40c770407ce33be
GET /images/download/trang_tri_2.png HTTP/1.1
Host: kiemthe1xua.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kiemthe1xua.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Thu, 08 Sep 2022 18:52:45 GMT
Content-Type: image/png
Content-Length: 21608
Connection: keep-alive
Last-Modified: Fri, 23 Apr 2021 04:42:20 GMT
ETag: "5468-5c09c6bd58941"
Accept-Ranges: bytes
kiemthe1xua.com/images/download/demo_video.png
103.90.226.73200 OK 22 kB URL HTTP/1.1 kiemthe1xua.com/images/download/demo_video.png
IP 103.90.226.73:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 960 x 540, 8-bit/color RGBA, non-interlaced\012- data
Hash bbd4429b17c7513164c719c2c91cc59c
c13d4785d9b0d7f3b3aeabe4228cd08ee82ea90f
baa94c93ae11a067940bff55d963b1af4708df417cd2a0df81be4dbf66ae63dd
GET /images/download/demo_video.png HTTP/1.1
Host: kiemthe1xua.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kiemthe1xua.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Thu, 08 Sep 2022 18:52:45 GMT
Content-Type: image/png
Content-Length: 22136
Connection: keep-alive
Last-Modified: Fri, 23 Apr 2021 04:42:20 GMT
ETag: "5678-5c09c6bd4d21c"
Accept-Ranges: bytes
kiemthe1xua.com/images/download/dl_contact_btn_1.png
103.90.226.73200 OK 20 kB URL HTTP/1.1 kiemthe1xua.com/images/download/dl_contact_btn_1.png
IP 103.90.226.73:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 313 x 56, 8-bit/color RGBA, non-interlaced\012- data
Hash 16c1a0a2a9cf42af253a480d7510d9f7
19af97a14127aa5de3fd109901f1a51d5dd3fe5d
3cba3434d368ac2a063f7c9e508a2ad4d83046687d388f63b4d4380f87719bc2
GET /images/download/dl_contact_btn_1.png HTTP/1.1
Host: kiemthe1xua.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kiemthe1xua.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Thu, 08 Sep 2022 18:52:45 GMT
Content-Type: image/png
Content-Length: 19765
Connection: keep-alive
Last-Modified: Fri, 23 Apr 2021 05:54:05 GMT
ETag: "4d35-5c09d6c7abf8b"
Accept-Ranges: bytes
kiemthe1xua.com/images/download/trang_tri_3.png
103.90.226.73200 OK 88 kB URL HTTP/1.1 kiemthe1xua.com/images/download/trang_tri_3.png
IP 103.90.226.73:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 462 x 595, 8-bit/color RGBA, non-interlaced\012- data
Hash 16ffea76023ccc73e94723dd3a71cae0
dece6d85ce2d2cf85a6f2322cc64ce3aaa98753a
0f8d1776099986569584586c6d3506f2bfe07dd1d9aee01403838c63856e3533
GET /images/download/trang_tri_3.png HTTP/1.1
Host: kiemthe1xua.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kiemthe1xua.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Thu, 08 Sep 2022 18:52:45 GMT
Content-Type: image/png
Content-Length: 87928
Connection: keep-alive
Last-Modified: Fri, 23 Apr 2021 04:42:21 GMT
ETag: "15778-5c09c6bea7750"
Accept-Ranges: bytes
kiemthe1xua.com/images/download/huongdantaigamee.mp4
103.90.226.73206 Partial Content 510 kB URL HTTP/1.1 kiemthe1xua.com/images/download/huongdantaigamee.mp4
IP 103.90.226.73:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Size 510 kB (509724 bytes)
Hash 30fc2178ac64e32505c01b995908d54e
6356ad19b8d76103ebc1a7f21203f61dbb4aae35
6d92d9b40bbd78ee02a386adfe50ff9aacf5593993312cff7eb6cfb7a45c9790
Analyzer Verdict Alert fortinet Phishing
GET /images/download/huongdantaigamee.mp4 HTTP/1.1
Host: kiemthe1xua.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=231112704-
Connection: keep-alive
Referer: http://kiemthe1xua.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Server: nginx/1.19.1
Date: Thu, 08 Sep 2022 18:52:44 GMT
Content-Type: video/mp4
Content-Length: 509724
Connection: keep-alive
Last-Modified: Fri, 23 Apr 2021 11:46:25 GMT
ETag: "dce471c-5c0a2587aff71"
Accept-Ranges: bytes
Content-Range: bytes 231112704-231622427/231622428
kiemthe1xua.com/images/download/dl_contact_btn_2.png
103.90.226.73200 OK 23 kB URL HTTP/1.1 kiemthe1xua.com/images/download/dl_contact_btn_2.png
IP 103.90.226.73:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 313 x 56, 8-bit/color RGBA, non-interlaced\012- data
Hash 0b12b2b3783cc2792ea6debf3dee4024
523c366faa2723cc6f87ac29ac77dfabafea8937
107737ee2e1cd31f2d26876be85b17ac6a0333969fcefe14cbe5926be27815c1
GET /images/download/dl_contact_btn_2.png HTTP/1.1
Host: kiemthe1xua.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kiemthe1xua.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Thu, 08 Sep 2022 18:52:46 GMT
Content-Type: image/png
Content-Length: 22834
Connection: keep-alive
Last-Modified: Fri, 23 Apr 2021 05:55:33 GMT
ETag: "5932-5c09d71affa33"
Accept-Ranges: bytes
kiemthe1xua.com/images/download/trang_tri_4.png
103.90.226.73200 OK 412 kB URL HTTP/1.1 kiemthe1xua.com/images/download/trang_tri_4.png
IP 103.90.226.73:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 1218 x 608, 8-bit/color RGBA, non-interlaced\012- data
Size 412 kB (412113 bytes)
Hash 6b3540f45c40fb3a4583a4b3e6767c46
f1c97b921a85ce764a75fe960bb041dffa683c3c
24743a95c2e7fcb9bd270b98f2ca2e40d4c510f416e709816a8836f18da9d064
GET /images/download/trang_tri_4.png HTTP/1.1
Host: kiemthe1xua.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kiemthe1xua.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Thu, 08 Sep 2022 18:52:43 GMT
Content-Type: image/png
Content-Length: 412113
Connection: keep-alive
Last-Modified: Fri, 23 Apr 2021 04:42:31 GMT
ETag: "649d1-5c09c6c89075c"
Accept-Ranges: bytes
kiemthe1xua.com/images/studio_logo.png
103.90.226.73200 OK 498 kB URL HTTP/1.1 kiemthe1xua.com/images/studio_logo.png
IP 103.90.226.73:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 3454 x 3107, 8-bit/color RGBA, non-interlaced\012- data
Size 498 kB (497577 bytes)
Hash a76eba40699986dcace8f20e7fe349e3
3c555bc75c593b4f894e6f10edab80fc2ada6d32
c81ce68563ddc93d1923cb6c1e9ecaedee00c24f0dab5de8c6fc2b14ca810b27
GET /images/studio_logo.png HTTP/1.1
Host: kiemthe1xua.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kiemthe1xua.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Thu, 08 Sep 2022 18:52:46 GMT
Content-Type: image/png
Content-Length: 497577
Connection: keep-alive
Last-Modified: Sat, 10 Apr 2021 09:29:40 GMT
ETag: "797a9-5bf9aeb7b0dbb"
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b6df26b-97aa-461c-9f22-c5c9496b5701.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b6df26b-97aa-461c-9f22-c5c9496b5701.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24e43bc53a0b047911cff00ad4b72320
f6ef30b5df0e634c3a3f607d751e738e55a276c9
7e1406b2101c912e72f37f0257128574079e618c1af83e360acb3f29b4d44d89
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b6df26b-97aa-461c-9f22-c5c9496b5701.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8705
x-amzn-requestid: ccc5b695-35b5-49fd-b938-296a88a78ab8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9TgFOiIAMFaXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-12e809c767cdbba61492187c;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: iN3jcMCQ8paYD_O9gQLAswM-ITb0oY8CYmbnMDwpwS-7hPLis5TGSg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 95785220a566cd050f3ad80928463374.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:03:47 GMT
age: 74942
etag: "f6ef30b5df0e634c3a3f607d751e738e55a276c9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img.zing.vn/products/njx/favicon.ico
113.164.15.82200 OK 1.1 kB URL HTTP/1.1 img.zing.vn/products/njx/favicon.ico
IP 113.164.15.82:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash d014a5bd6feb40e2bc0deed199e03824
cc6fb14121f4346b7c2db9d7a7d75b4f1aa795fc
91c2c2549020d5a11acfd89dc402bedd8b10a79fd4fdf18ffe3cc1ba97f15515
GET /products/njx/favicon.ico HTTP/1.1
Host: img.zing.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kiemthe1xua.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Sep 2022 18:52:49 GMT
Content-Type: image/x-icon
Content-Length: 1086
Connection: keep-alive
Last-Modified: Wed, 02 Oct 2019 04:45:37 GMT
ETag: "5d942b71-43e"
Expires: Tue, 07 Mar 2023 18:52:49 GMT
Cache-Control: max-age=15552000
Access-Control-Allow-Origin: *
X-Cache-Status: MISS
Accept-Ranges: bytes
fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
IP 142.250.74.10:0
GET /css2?family=Roboto:wght@300;400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kiemthe1xua.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Sep 2022 18:52:42 GMT
date: Thu, 08 Sep 2022 18:52:42 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kiemthe1xua.com/css/images/bg_header_dls.jpg
103.90.226.73200 OK 0 B URL HTTP/1.1 kiemthe1xua.com/css/images/bg_header_dls.jpg
IP 103.90.226.73:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
GET /css/images/bg_header_dls.jpg HTTP/1.1
Host: kiemthe1xua.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kiemthe1xua.com/css/download.css?ver=1614151406
Cookie: PHPSESSID=7td9nmmgg35dsaeusa7pdvg55k
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Thu, 08 Sep 2022 18:52:43 GMT
Content-Type: image/jpeg
Content-Length: 934119
Connection: keep-alive
Last-Modified: Thu, 12 Aug 2021 03:32:16 GMT
ETag: "e40e7-5c95461a23b7f"
Accept-Ranges: bytes
kiemthe1xua.com/images/download/huongdantaigamee.mp4
103.90.226.73206 Partial Content 0 B URL HTTP/1.1 kiemthe1xua.com/images/download/huongdantaigamee.mp4
IP 103.90.226.73:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Phishing
GET /images/download/huongdantaigamee.mp4 HTTP/1.1
Host: kiemthe1xua.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://kiemthe1xua.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Server: nginx/1.19.1
Date: Thu, 08 Sep 2022 18:52:44 GMT
Content-Type: video/mp4
Content-Length: 231622428
Connection: keep-alive
Last-Modified: Fri, 23 Apr 2021 11:46:25 GMT
ETag: "dce471c-5c0a2587aff71"
Accept-Ranges: bytes
Content-Range: bytes 0-231622427/231622428