r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55028e02d617be499f547453dfd58d50
99a19dd3723bc6c613fdf45a013e5cb5b39e447b
8c5c9231bed3272d5d286fc999e920f1befec2568bf6504cbf61ea57ea1c069b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8C5C9231BED3272D5D286FC999E920F1BEFEC2568BF6504CBF61EA57EA1C069B"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10032
Expires: Sun, 27 Nov 2022 14:42:58 GMT
Date: Sun, 27 Nov 2022 11:55:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9091
Expires: Sun, 27 Nov 2022 14:27:17 GMT
Date: Sun, 27 Nov 2022 11:55:46 GMT
Connection: keep-alive
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
34.120.5.221200 OK 44 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP 34.120.5.221:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 97aa9b73781b797c5ad85b0065e2e137
ab6152f902e96539102199be8feed5b41615c8b7
53638a6d8a64bf7cb54f175bf629cfd26a741ee38de712f11990d5bcfa304ac6
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Miss from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: heo0FomGzwXj_f0CkZ7B0OW7BlIqLxTAvRg7cLO3IyGNoCG231dOcQ==
content-encoding: gzip
via: 1.1 ece5d4a731ece5ff46c564ab2b946ede.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 11:49:05 GMT
content-type: application/json
content-length: 43931
age: 401
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8983
Expires: Sun, 27 Nov 2022 14:25:29 GMT
Date: Sun, 27 Nov 2022 11:55:46 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ZCN0B6hw6Xs9j5QsNuE1FZJK6wgO1D16wr9GcZ3iURzR1TZPS1ynzw+yDh7PzoLJKIE3Zwv/XHI=
x-amz-request-id: RN851BDBK4F56BM1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 11:25:38 GMT
age: 1808
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5225
Cache-Control: max-age=86547
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 11:55:46 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 11:58:13 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 11:55:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 11:19:21 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2185
alt-svc: clear
X-Firefox-Spdy: h2
helios.vn/98jh6d5/89hg56fd.exe
112.213.86.143301 Moved Permanently 246 B URL HTTP/1.1 helios.vn/98jh6d5/89hg56fd.exe
IP 112.213.86.143:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0becde814664e620fd5ba5670b624109
d6ec1edd2bb53b0747002e3a143baa6da9ba2e50
5991f0df4e67752e3245b1ca06d5793827e893117aad2ed398f74011ef83d4a9
Analyzer Verdict Alert fortinet Malware
GET /98jh6d5/89hg56fd.exe HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 27 Nov 2022 11:56:45 GMT
Server: Apache/2
Location: https://helios.vn/98jh6d5/89hg56fd.exe
Content-Length: 246
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2850bb12966619c732fd5de2f41d0962
0db8b6669ab7d2407d666e6c5452de8d4cd1d01b
11a4e8f54d1121fae4d958b65f085ff8b6944c05aeb8605aa11cbfd3f5cf0dde
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4417
Cache-Control: max-age=112383
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 11:55:47 GMT
Etag: "63825301-1d7"
Expires: Mon, 28 Nov 2022 19:08:50 GMT
Last-Modified: Sat, 26 Nov 2022 17:55:13 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Sun, 27 Nov 2022 02:59:55 GMT
Age: 32152
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
35.82.2.166200 OK 8 B URL HTTP/1.1 shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
IP 35.82.2.166:0
Hash 29fc57841962e407cb50c1be60284bf7
ce968a77e2996da5eee8925182318f171ccdce47
ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Sun, 27 Nov 2022 11:55:47 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4330
Cache-Control: max-age=166995
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 11:55:47 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 10:19:02 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 11:11:12 GMT
cache-control: public,max-age=3600
age: 2675
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.191.210.155101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.191.210.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RaepyQ8K8x8iwSKFIaN4/A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: M/nHJYhbhLAlDP9jYsZU3KIGccE=
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221669539434491%22
34.102.187.140200 OK 22 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221669539434491%22
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (21675), with no line terminators
Hash 7e008998b08b0a6652fa2af7372a3d3f
099155f86e7529b35b8f2d6c42708a5bb7a9c60d
8eda5da64b97e51c0f09592143ba29f2a75c0058cd3a0ee29308080649796614
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221669539434491%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 21675
via: 1.1 google
date: Sun, 27 Nov 2022 11:02:18 GMT
cache-control: public,max-age=3600
age: 3209
last-modified: Sun, 27 Nov 2022 08:57:14 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1669055838363&_since=%221666204638208%22
34.102.187.140200 OK 6.6 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1669055838363&_since=%221666204638208%22
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (6593), with no line terminators
Hash 173414a662e4d0d6c29b893819284fcc
e7823586afc7d40c1ffd732e3f0f98d22f9cb6b6
28a589a49cbca81692eb7cc6bb2725f5d56b11238143a58c97f33260a81eb750
GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1669055838363&_since=%221666204638208%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 6593
via: 1.1 google
date: Sun, 27 Nov 2022 11:18:39 GMT
cache-control: public,max-age=3600
age: 2228
last-modified: Mon, 21 Nov 2022 18:37:18 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: p8kDTHkUpUZvNsY3YCDKkdQQLM487LarxkSfKncCPRY5I5vrb6ft9stbylez5iXY8oF81grPph8=
x-amz-request-id: VFYQ4F9R1D91QDBN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 11:41:37 GMT
age: 850
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 5bd3e1247f2f2b559d234cd2dcc1c558
d0fbd136de948aee49113b8e721f02016e69b92f
b101a393f2f29ab804c2fe40742ba0f0b625e334e8a6038850a19b1ad65e7a2c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 11:55:48 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 07:43:15 GMT
Expires: Fri, 02 Dec 2022 07:43:14 GMT
Etag: "d0fbd136de948aee49113b8e721f02016e69b92f"
Cache-Control: max-age=416246,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770aad466ee9b4ee-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1669390557029&_since=%221666483264567%22
34.102.187.140200 OK 51 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1669390557029&_since=%221666483264567%22
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (51208), with no line terminators
Hash 21b6a1c29930dd71addd901f726cce7d
fb0e9b091e6f6f41bbf72a4857653745b9f7ddba
7f75908497bee301b1803d7ec5a6ca5301de05da4c89832be9ab6e4f5e4884df
GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1669390557029&_since=%221666483264567%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 51208
via: 1.1 google
date: Sun, 27 Nov 2022 11:53:06 GMT
cache-control: public,max-age=3600
age: 162
last-modified: Fri, 25 Nov 2022 15:35:57 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1669315595212&_since=%221666279968541%22
34.102.187.140200 OK 27 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1669315595212&_since=%221666279968541%22
IP 34.102.187.140:0
File type ASCII text, with very long lines (27155), with no line terminators
Hash ac619cf3864a0cc124ef2d8917355b2c
e7deb60297e8951331382468d8ad9b1804e51139
5c5aad45a1d663bbb00d9021e9920bfa636f15fd04fbf35fd58bffc22ef865aa
GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1669315595212&_since=%221666279968541%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 27155
via: 1.1 google
date: Sun, 27 Nov 2022 11:31:47 GMT
cache-control: public,max-age=3600
age: 1441
last-modified: Thu, 24 Nov 2022 18:46:35 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22
34.102.187.140200 OK 1.7 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (1719), with no line terminators
Hash 673c0c8594251318f6ddab69439200f0
dfdfdbaa6ea4d5e1f2b58917573fa74c84b73f96
26808cb3b91051a2e383451dad0b069836788756c6a97faba58fc23d11a88477
GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1719
via: 1.1 google
date: Sun, 27 Nov 2022 11:08:09 GMT
cache-control: public,max-age=3600
age: 2859
last-modified: Mon, 31 Oct 2022 17:42:02 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1668607340435&_since=%221657747510534%22
34.102.187.140200 OK 1.5 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1668607340435&_since=%221657747510534%22
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (1482), with no line terminators
Hash 151df207a4786253007ead8264c7a9fe
ef39481d3f610c25b27836fb375e24ac0f3c6b47
352e05fd634451861f76ed1790e01b4f9f8d8fe3993464263f846ada17eb343e
GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1668607340435&_since=%221657747510534%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1482
via: 1.1 google
date: Sun, 27 Nov 2022 11:51:33 GMT
cache-control: public,max-age=3600
age: 255
last-modified: Wed, 16 Nov 2022 14:02:20 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
34.102.187.140200 OK 681 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (681), with no line terminators
Hash eaee4fcc2a30b5cb65768e7228765063
a618faa6e4c7c412584de1dbc760a8067e32b7d7
20565fc5642a0bc063da8706ee310dd2512ee2a096a39976c34056a13a2bc2f6
GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 681
via: 1.1 google
date: Sun, 27 Nov 2022 11:11:53 GMT
cache-control: public,max-age=3600
last-modified: Sun, 20 Nov 2022 16:36:52 GMT
etag: "1668962212585"
content-type: application/json
age: 2635
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
34.102.187.140200 OK 1.5 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (1506), with no line terminators
Hash 202f8030219491c4a368c475aaa98861
b3f7120107465db6e1eb7a21efb451253a30e31e
379786244e20b5c0d5ed80b9f3c03e9a964615c7df36764c9d96528290754de4
GET /v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1506
via: 1.1 google
date: Sun, 27 Nov 2022 11:31:08 GMT
cache-control: public,max-age=3600
age: 1480
last-modified: Thu, 27 Oct 2022 18:14:21 GMT
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12962
Expires: Sun, 27 Nov 2022 15:31:51 GMT
Date: Sun, 27 Nov 2022 11:55:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12962
Expires: Sun, 27 Nov 2022 15:31:51 GMT
Date: Sun, 27 Nov 2022 11:55:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12962
Expires: Sun, 27 Nov 2022 15:31:51 GMT
Date: Sun, 27 Nov 2022 11:55:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12962
Expires: Sun, 27 Nov 2022 15:31:51 GMT
Date: Sun, 27 Nov 2022 11:55:49 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0ee1d1a60ec1770ec3e880a25c257f5d
015b05feff63bdcf8fae4d1a8c0c83c923a2ca67
b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 11:55:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 433875a1b1fef34e45f2d8ac344c07e3
f2129466436cbbdd58abe42a47fb7af19eba58e6
ab1e7b46f3804640c7dd94d70c8c31ec2dfc3e2f0f015a8556d04d9d9089c450
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5099
x-amzn-requestid: 57648043-7820-453d-9549-0f743b6c2557
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4jFBvoAMFl1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-53b59d607b82c264180f469d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: VsdLWuh4rCawI5V0YYGaHxEMl2YEVNgsbjfCwzDsrnCZhRK2FkCkVw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:41 GMT
age: 50648
etag: "f2129466436cbbdd58abe42a47fb7af19eba58e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde03fed4-26de-4471-bc0e-a0c0483636ce.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde03fed4-26de-4471-bc0e-a0c0483636ce.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6ee5071a31d351c552aa651e40b16189
6fca9136030ea6f67be44e428ea39c34ff3e28e7
8d52f14267b8bd47119954796ff6c5d54eb6aa5d23c6e8bbd246108a5b89c1d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde03fed4-26de-4471-bc0e-a0c0483636ce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8254
x-amzn-requestid: e12624ea-58c6-4f39-826c-8a1d87ebc5ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFySQGegIAMF-HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637efda7-2c5e216a0d8a1502615186a8;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 05:14:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0Ylris3tg94-66p8L5kYl2zgnVZ4mCc04ju96DslaB97Dfr-6nTyfA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:52:26 GMT
age: 50603
etag: "6fca9136030ea6f67be44e428ea39c34ff3e28e7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:37 GMT
age: 50652
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ac95573-22e8-41b4-a5f2-d8adbaff2829.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ac95573-22e8-41b4-a5f2-d8adbaff2829.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5c135ab961de12d926b94f9abae8adbe
139f48ea60880efc6d2977f4d3141809f22adfef
1578a994e7c4eef451f1c744116caa95e1aa995c4817a13832f1ac3487cea95d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ac95573-22e8-41b4-a5f2-d8adbaff2829.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2944
x-amzn-requestid: 8f1b2573-39ab-442e-8c6e-97538a28aba0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLWXXEjJIAMFu1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813762-52f27ff536b0c3b84bdfba8e;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:45:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 9hy8v_azPZzuVRv1VN61DoNWbfA83JPs4JcZfRyLo3j6HCtWv_gkNw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 22:04:40 GMT
age: 49869
etag: "139f48ea60880efc6d2977f4d3141809f22adfef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cd887044e91d7ed0f1a8d7119ff7dd0
ae8aa4ce6ddaccba771fe65446926b60fc5628da
bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:41 GMT
age: 50648
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaab9de7-1f50-401c-bd84-6bcd72fb53d1.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaab9de7-1f50-401c-bd84-6bcd72fb53d1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c52c26038ed572c870cf2119865907b1
b298107232e837ccf8d853e6d2c91f67e74dc2ba
d95471f66cf6404bfb5400c4c707fbb81bcaf4be1518313d3f513c9b2a3da1fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaab9de7-1f50-401c-bd84-6bcd72fb53d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8335
x-amzn-requestid: 265466c8-029d-4738-bdbe-be0a161fb497
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOeD0GwYIAMFYqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638276e5-1c8225cf00057ce0047f74ba;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 20:28:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TK_kNT9Vcv_lNMbiTqXxAYXCko2Gy64Oy9MGXwuBu9S_3DdqIc67Nw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:54:52 GMT
age: 50457
etag: "b298107232e837ccf8d853e6d2c91f67e74dc2ba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-217402381-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-217402381-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash a746c6a3dc44dee231838066297dc0af
cf93bc790566ba65d8e4aa11314048a5837bf7b2
e0087f6a8cf30abae548923c5a94707db6794546444d96ab81afdd16a83a6fee
GET /gtag/js?id=UA-217402381-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 27 Nov 2022 11:55:49 GMT
expires: Sun, 27 Nov 2022 11:55:49 GMT
cache-control: private, max-age=900
last-modified: Sun, 27 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43747
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0ee1d1a60ec1770ec3e880a25c257f5d
015b05feff63bdcf8fae4d1a8c0c83c923a2ca67
b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 11:55:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 11:55:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 11:55:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
helios.vn/assets/css/style.css?v=1653965503
112.213.86.143200 OK 12 kB URL HTTP/2 helios.vn/assets/css/style.css?v=1653965503
IP 112.213.86.143:0
Hash 013399045c38c96ed52efd9366a6a1ac
cbb0a422786da354dbba756427105b18c49c6ef6
481afd6bc92980d6bcefb08fd7b7c29cdf8dc9cdcfb32168da2061d56e344fce
Analyzer Verdict Alert fortinet Malware
GET /assets/css/style.css?v=1653965503 HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Tue, 31 May 2022 02:51:43 GMT
etag: "10fe6-5e045da514e00-gzip"
accept-ranges: bytes
cache-control: max-age=604800, proxy-revalidate
expires: Tue, 27 Dec 2022 11:56:48 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 11549
content-type: text/css
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 11:55:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
helios.vn/assets/css/all.css
112.213.86.143200 OK 22 kB URL HTTP/2 helios.vn/assets/css/all.css
IP 112.213.86.143:0
File type Unicode text, UTF-8 text, with very long lines (65518), with no line terminators
Hash 2e9866bbeede6771a6939e7355962921
183718f00ab7bf237495fe8ee6d52ddb73dfd6e3
ad9bf608a2686bcf6865f4d01b406c8c537569b9c6c42335e10c83e320274edc
GET /assets/css/all.css HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Mon, 27 Dec 2021 08:41:14 GMT
etag: "28bb3-5d41caae47c46-gzip"
accept-ranges: bytes
cache-control: max-age=604800, proxy-revalidate
expires: Tue, 27 Dec 2022 11:56:48 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 22232
content-type: text/css
X-Firefox-Spdy: h2
helios.vn/assets/plugins/nice-select/nice-select.css
112.213.86.143200 OK 1.1 kB URL HTTP/2 helios.vn/assets/plugins/nice-select/nice-select.css
IP 112.213.86.143:0
Hash d1d7efa19b769d2b6da55df37cebb29b
03b22939665eb62dbd1623d4eeffcd59381c66a3
0a3645773ac0ba2b3c8e31b51d9d00bafccfd56e55fff325d8c6f391506d0a9c
GET /assets/plugins/nice-select/nice-select.css HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Mon, 27 Dec 2021 08:42:50 GMT
etag: "fa7-5d41cb099879e-gzip"
accept-ranges: bytes
cache-control: max-age=604800, proxy-revalidate
expires: Tue, 27 Dec 2022 11:56:48 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1057
content-type: text/css
X-Firefox-Spdy: h2
helios.vn/assets/css/cart.css
112.213.86.143200 OK 2.4 kB URL HTTP/2 helios.vn/assets/css/cart.css
IP 112.213.86.143:0
Hash e9e26634e96eca38f17c1bb62b376a99
a9e952c860ba0d5d76962fb9eae38a0e339b9f98
83f8b85962243787c52c70ef6b7179b263e8989134cb7e5da083d9c2074ab7f2
GET /assets/css/cart.css HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Mon, 27 Dec 2021 08:41:15 GMT
etag: "286c-5d41caae756be-gzip"
accept-ranges: bytes
cache-control: max-age=604800, proxy-revalidate
expires: Tue, 27 Dec 2022 11:56:48 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2448
content-type: text/css
X-Firefox-Spdy: h2
helios.vn/assets/plugins/jquery-confirm/jquery-confirm.css
112.213.86.143200 OK 3.6 kB URL HTTP/2 helios.vn/assets/plugins/jquery-confirm/jquery-confirm.css
IP 112.213.86.143:0
Hash bc7256289c2f82d17db5bed3269d9e0c
e4fc8fe9608dddd20a0997db9bfa276fb70b0dd6
ce796e98a858b65043645bc4743d06823d2e8b2043accbe436859b8a06aad3c2
GET /assets/plugins/jquery-confirm/jquery-confirm.css HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Mon, 27 Dec 2021 08:42:50 GMT
etag: "6b88-5d41cb091908e-gzip"
accept-ranges: bytes
cache-control: max-age=604800, proxy-revalidate
expires: Tue, 27 Dec 2022 11:56:48 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3637
content-type: text/css
X-Firefox-Spdy: h2
helios.vn/assets/css/reset.css
112.213.86.143200 OK 5.2 kB URL HTTP/2 helios.vn/assets/css/reset.css
IP 112.213.86.143:0
Hash add3e0eacdc0dc05fc84f12b22326872
a7dc6fbc2a6734fe9e9fb7906f40ca9a49dc8ea6
33b2db037d79d6e1c4ff1c0a571a5c4caaf3b8ef7107e041fbcd1ab322942acd
GET /assets/css/reset.css HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Tue, 04 Jan 2022 04:03:55 GMT
etag: "768e-5d4b9b9d1dfc6-gzip"
accept-ranges: bytes
cache-control: max-age=604800, proxy-revalidate
expires: Tue, 27 Dec 2022 11:56:48 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5184
content-type: text/css
X-Firefox-Spdy: h2
helios.vn/assets/plugins/font-awesome/css/font-awesome.min.css
112.213.86.143200 OK 6.7 kB URL HTTP/2 helios.vn/assets/plugins/font-awesome/css/font-awesome.min.css
IP 112.213.86.143:0
File type ASCII text, with very long lines (28900)
Hash dba3feaa47e3ecdb2f96f5656fe27181
1fcdfd2b58707906fb08ed785baeffff9cdbed99
6b7ecb3eae1f96a2f6cf134685d44732de45f94af7aa645346284a9a617e0e8b
GET /assets/plugins/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Mon, 27 Dec 2021 08:43:07 GMT
etag: "7188-5d41cb19ce60e-gzip"
accept-ranges: bytes
cache-control: max-age=604800, proxy-revalidate
expires: Tue, 27 Dec 2022 11:56:48 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 6664
content-type: text/css
X-Firefox-Spdy: h2
helios.vn/assets/images/ic-search1.png
112.213.86.143200 OK 1.4 kB URL HTTP/2 helios.vn/assets/images/ic-search1.png
IP 112.213.86.143:0
File type PNG image data, 23 x 23, 8-bit/color RGBA, non-interlaced\012- data
Hash d20946fe682a8ac4844dec667ced4186
f88f396150d8ad41c0dba0aa49c4fc11c10c50b1
7fcd70312abc8b06fffc759047202fe26b50551df81a3018dedb614f02fc1920
GET /assets/images/ic-search1.png HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Mon, 27 Dec 2021 08:41:25 GMT
etag: "56a-5d41cab8995e6"
accept-ranges: bytes
content-length: 1386
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/png
X-Firefox-Spdy: h2
helios.vn/thumbs/115x115x1/upload/hinhanh/1588-5746.png
112.213.86.143200 OK 2.9 kB URL HTTP/2 helios.vn/thumbs/115x115x1/upload/hinhanh/1588-5746.png
IP 112.213.86.143:0
File type PNG image data, 115 x 115, 8-bit/color RGBA, non-interlaced\012- data
Hash df5ec8fd954c706552640bcf0f737e0a
5d2259f00697e9a323f65ac36c21e00978cf24da
258b47c1a139c29eeaaf13f7526dd45f1069b70087b94cea80570899dce196a8
GET /thumbs/115x115x1/upload/hinhanh/1588-5746.png HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 02:54:00 GMT
etag: "b35-5ee56c00c4120"
accept-ranges: bytes
content-length: 2869
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/png
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 11:55:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 11:55:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 11:55:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 11:55:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 11:55:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk0AotcqA.woff2
216.58.207.195200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk0AotcqA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7876, version 1.0\012- data
Hash 1a2bdc86702f56a4e416c28f82a7e711
d016a1922e74431bfb8ae6e5c59a6688f9b829e0
529003f887faa01f4eb94921bae9abdbcea2849becd0f42600726f17b9fb6f4a
GET /s/mulish/v12/1Ptvg83HX_SGhgqk0AotcqA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://helios.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7876
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 20:34:33 GMT
expires: Wed, 22 Nov 2023 20:34:33 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 19:08:15 GMT
content-type: font/woff2
age: 400877
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2
216.58.207.195200 OK 27 kB URL HTTP/2 fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 27428, version 1.0\012- data
Hash e6d08c334958c128b793b570a7dce066
081111500e97a7663ff936f847e050fee6b8be2b
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
GET /s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://helios.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27428
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 01:13:04 GMT
expires: Wed, 22 Nov 2023 01:13:04 GMT
cache-control: public, max-age=31536000
age: 470566
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk0QotcqA.woff2
216.58.207.195200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk0QotcqA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 24316, version 1.0\012- data
Hash 318a2ae8b82183cd78b947d0042c7e10
f690c11fe3c8ff360672da95dcfaf0073a8fdc37
2bde8ca32e52ee96dc3d6ddd52240b115f3a2ca527c7697899aa21ed9cba3a5b
GET /s/mulish/v12/1Ptvg83HX_SGhgqk0QotcqA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://helios.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24316
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 15:36:23 GMT
expires: Sat, 25 Nov 2023 15:36:23 GMT
cache-control: public, max-age=31536000
age: 159567
last-modified: Mon, 11 Jul 2022 19:02:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 11:55:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
helios.vn/thumbs/500x500x1/upload/baiviet/4-1837.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/4-1837.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/4-1837.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 14:06:03 GMT
etag: "2bc83-5ee6023835d20"
accept-ranges: bytes
content-length: 179331
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/1-3520.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/1-3520.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/1-3520.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sun, 27 Nov 2022 10:46:46 GMT
etag: "2ada3-5ee7178a969c8"
accept-ranges: bytes
content-length: 175523
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/600x600x1/upload/baiviet/saptrangsuchelios-4816.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/600x600x1/upload/baiviet/saptrangsuchelios-4816.jpg
IP 112.213.86.143:0
GET /thumbs/600x600x1/upload/baiviet/saptrangsuchelios-4816.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Fri, 25 Nov 2022 10:06:19 GMT
etag: "2e6db-5ee48ac5394c0"
accept-ranges: bytes
content-length: 190171
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/il794xn-3598.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/il794xn-3598.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/il794xn-3598.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 14:06:09 GMT
etag: "1b624-5ee6023dad7a8"
accept-ranges: bytes
content-length: 112164
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/il794xn-2688.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/il794xn-2688.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/il794xn-2688.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Thu, 24 Nov 2022 23:35:51 GMT
etag: "116a4-5ee3fdd924fa8"
accept-ranges: bytes
content-length: 71332
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/380x380x1/upload/baiviet/ge180979web4189-7969.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/380x380x1/upload/baiviet/ge180979web4189-7969.jpg
IP 112.213.86.143:0
GET /thumbs/380x380x1/upload/baiviet/ge180979web4189-7969.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 01:18:07 GMT
etag: "c270-5ee556922a008"
accept-ranges: bytes
content-length: 49776
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/2-2833.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/2-2833.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/2-2833.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 14:06:02 GMT
etag: "1e89d-5ee6023753038"
accept-ranges: bytes
content-length: 125085
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/600x600x1/upload/baiviet/sanphamhoanthanhhelios-4488.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/600x600x1/upload/baiviet/sanphamhoanthanhhelios-4488.jpg
IP 112.213.86.143:0
GET /thumbs/600x600x1/upload/baiviet/sanphamhoanthanhhelios-4488.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 14:06:12 GMT
etag: "2e46c-5ee6024087370"
accept-ranges: bytes
content-length: 189548
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/3-4392.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/3-4392.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/3-4392.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 14:06:04 GMT
etag: "2e11c-5ee602392e5b0"
accept-ranges: bytes
content-length: 188700
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/600x600x1/upload/baiviet/datdagiaconghelios-9527.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/600x600x1/upload/baiviet/datdagiaconghelios-9527.jpg
IP 112.213.86.143:0
GET /thumbs/600x600x1/upload/baiviet/datdagiaconghelios-9527.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Fri, 25 Nov 2022 07:25:45 GMT
etag: "3d249-5ee466e13bcf0"
accept-ranges: bytes
content-length: 250441
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/1-3880.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/1-3880.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/1-3880.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 14:06:06 GMT
etag: "1d1d1-5ee6023b083b8"
accept-ranges: bytes
content-length: 119249
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/1-5243.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/1-5243.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/1-5243.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 14:06:05 GMT
etag: "1ebed-5ee6023a16888"
accept-ranges: bytes
content-length: 125933
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/5-8950.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/5-8950.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/5-8950.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 14:06:08 GMT
etag: "1e3f8-5ee6023ccc230"
accept-ranges: bytes
content-length: 123896
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/2-165.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/2-165.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/2-165.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 08:21:13 GMT
etag: "146fd-5ee5b524ddb30"
accept-ranges: bytes
content-length: 83709
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/r124977sa3-9006.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/r124977sa3-9006.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/r124977sa3-9006.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 01:18:44 GMT
etag: "13de0-5ee556b6446f0"
accept-ranges: bytes
content-length: 81376
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/r136837sa3-8625.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/r136837sa3-8625.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/r136837sa3-8625.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 02:55:30 GMT
etag: "151c0-5ee56c56c4ea8"
accept-ranges: bytes
content-length: 86464
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/il794xn-8207.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/il794xn-8207.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/il794xn-8207.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 14:06:07 GMT
etag: "1c799-5ee6023bf21e8"
accept-ranges: bytes
content-length: 116633
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/img64412-6151.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/img64412-6151.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/img64412-6151.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sun, 27 Nov 2022 09:15:40 GMT
etag: "1bdb0-5ee7032e032d8"
accept-ranges: bytes
content-length: 114096
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/il794xn-6316.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/il794xn-6316.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/il794xn-6316.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 14:06:19 GMT
etag: "1c1af-5ee60247b8090"
accept-ranges: bytes
content-length: 115119
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/il794xn-9712.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/il794xn-9712.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/il794xn-9712.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 14:06:22 GMT
etag: "153b7-5ee6024a6ce80"
accept-ranges: bytes
content-length: 86967
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/pearshapedgarnetweddingsetnaturalgarnetshapedbandbridalringset18kwhitegoldredgarnetengagementringsettwopieces1471053-9548.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/pearshapedgarnetweddingsetnaturalgarnetshapedbandbridalringset18kwhitegoldredgarnetengagementringsettwopieces1471053-9548.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/pearshapedgarnetweddingsetnaturalgarnetshapedbandbridalringset18kwhitegoldredgarnetengagementringsettwopieces1471053-9548.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sun, 27 Nov 2022 11:56:20 GMT
etag: "1aa39-5ee727178cd50"
accept-ranges: bytes
content-length: 109113
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/380x380x1/upload/baiviet/untitleddesign145690-9293.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/380x380x1/upload/baiviet/untitleddesign145690-9293.jpg
IP 112.213.86.143:0
GET /thumbs/380x380x1/upload/baiviet/untitleddesign145690-9293.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 14:06:01 GMT
etag: "1e9b0-5ee6023661120"
accept-ranges: bytes
content-length: 125360
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/5-9354.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/5-9354.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/5-9354.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 14:06:14 GMT
etag: "1dcfb-5ee6024257538"
accept-ranges: bytes
content-length: 122107
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/il794xn-8577.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/il794xn-8577.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/il794xn-8577.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 01:20:59 GMT
etag: "1b327-5ee557369c640"
accept-ranges: bytes
content-length: 111399
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/il794xn-9703.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/il794xn-9703.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/il794xn-9703.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Thu, 24 Nov 2022 23:36:03 GMT
etag: "1908c-5ee3fde516988"
accept-ranges: bytes
content-length: 102540
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/98jh6d5/89hg56fd.exe
112.213.86.143404 Not Found 0 B URL HTTP/2 helios.vn/98jh6d5/89hg56fd.exe
IP 112.213.86.143:0
Analyzer Verdict Alert fortinet Malware
GET /98jh6d5/89hg56fd.exe HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
date: Sun, 27 Nov 2022 11:56:47 GMT
server: Apache/2
x-powered-by: PHP/5.6.40
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
set-cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0; path=/
vary: Accept-Encoding,User-Agent
content-encoding: gzip
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=604800, private, proxy-revalidate
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/5-1122.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/5-1122.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/5-1122.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Fri, 25 Nov 2022 07:26:10 GMT
etag: "28969-5ee466f96bb40"
accept-ranges: bytes
content-length: 166249
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/il794xn-7965.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/il794xn-7965.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/il794xn-7965.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 14:06:15 GMT
etag: "29263-5ee60243451e8"
accept-ranges: bytes
content-length: 168547
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/il794xn-9989.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/il794xn-9989.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/il794xn-9989.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sun, 27 Nov 2022 11:56:13 GMT
etag: "20b4d-5ee7271041668"
accept-ranges: bytes
content-length: 133965
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/800x0-9276.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/800x0-9276.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/800x0-9276.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sun, 27 Nov 2022 09:15:46 GMT
etag: "16ed3-5ee7033317788"
accept-ranges: bytes
content-length: 93907
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Mulish:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Mulish:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
IP 142.250.74.10:0
GET /css2?family=Mulish:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 27 Nov 2022 11:55:49 GMT
date: Sun, 27 Nov 2022 11:55:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/2-1275.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/2-1275.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/2-1275.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 08:21:11 GMT
etag: "2468e-5ee5b522f23e8"
accept-ranges: bytes
content-length: 149134
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/limitedtimesale110caratpeachpinkmorganiteprincesscutmorganiteanddiamondengagementringin10krosegold-4124.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/limitedtimesale110caratpeachpinkmorganiteprincesscutmorganiteanddiamondengagementringin10krosegold-4124.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/limitedtimesale110caratpeachpinkmorganiteprincesscutmorganiteanddiamondengagementringin10krosegold-4124.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Thu, 24 Nov 2022 23:35:34 GMT
etag: "2e957-5ee3fdc8d85f0"
accept-ranges: bytes
content-length: 190807
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/600x600x1/upload/baiviet/phacthaotrangsuchelios-7900.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/600x600x1/upload/baiviet/phacthaotrangsuchelios-7900.jpg
IP 112.213.86.143:0
GET /thumbs/600x600x1/upload/baiviet/phacthaotrangsuchelios-7900.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Thu, 24 Nov 2022 23:35:16 GMT
etag: "22891-5ee3fdb830f18"
accept-ranges: bytes
content-length: 141457
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/il794xn-7555.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/il794xn-7555.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/il794xn-7555.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Thu, 24 Nov 2022 23:36:39 GMT
etag: "261e8-5ee3fe06fd100"
accept-ranges: bytes
content-length: 156136
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/artemerartemeraquamarineringwithdiamondfrill-489.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/artemerartemeraquamarineringwithdiamondfrill-489.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/artemerartemeraquamarineringwithdiamondfrill-489.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sun, 27 Nov 2022 10:46:45 GMT
etag: "19919-5ee717896c840"
accept-ranges: bytes
content-length: 104729
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/2-8245.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/2-8245.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/2-8245.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 14:06:10 GMT
etag: "1cacd-5ee6023e9c3f8"
accept-ranges: bytes
content-length: 117453
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/1-1609.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/1-1609.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/1-1609.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sun, 27 Nov 2022 09:15:39 GMT
etag: "19d13-5ee7032d286d8"
accept-ranges: bytes
content-length: 105747
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/2-80.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/2-80.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/2-80.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 07:28:02 GMT
etag: "d624-5ee5a9414b670"
accept-ranges: bytes
content-length: 54820
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/il794xn-866.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/il794xn-866.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/il794xn-866.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 14:06:13 GMT
etag: "13c0d-5ee602416c768"
accept-ranges: bytes
content-length: 80909
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/il794xn-1669.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/il794xn-1669.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/il794xn-1669.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 14:06:20 GMT
etag: "1e347-5ee60248a3630"
accept-ranges: bytes
content-length: 123719
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/4-2737.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/4-2737.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/4-2737.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sun, 27 Nov 2022 09:15:38 GMT
etag: "190d9-5ee7032c367c0"
accept-ranges: bytes
content-length: 102617
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/3-407.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/3-407.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/3-407.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Fri, 25 Nov 2022 11:21:43 GMT
etag: "2059b-5ee49b9f58178"
accept-ranges: bytes
content-length: 132507
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/1-7476.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/1-7476.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/1-7476.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sun, 27 Nov 2022 11:56:19 GMT
etag: "2c1d5-5ee7271642828"
accept-ranges: bytes
content-length: 180693
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/380x380x1/upload/baiviet/enginakyurt4iofzrbw6beunsplash3129-5893.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/380x380x1/upload/baiviet/enginakyurt4iofzrbw6beunsplash3129-5893.jpg
IP 112.213.86.143:0
GET /thumbs/380x380x1/upload/baiviet/enginakyurt4iofzrbw6beunsplash3129-5893.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Fri, 25 Nov 2022 07:25:44 GMT
etag: "1c7ed-5ee466e025fa0"
accept-ranges: bytes
content-length: 116717
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/380x380x1/upload/baiviet/ntav21060502h18756-5518.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/380x380x1/upload/baiviet/ntav21060502h18756-5518.jpg
IP 112.213.86.143:0
GET /thumbs/380x380x1/upload/baiviet/ntav21060502h18756-5518.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Fri, 25 Nov 2022 13:34:51 GMT
etag: "183e6-5ee4b961110e0"
accept-ranges: bytes
content-length: 99302
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/5-8104.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/5-8104.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/5-8104.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Thu, 24 Nov 2022 23:35:50 GMT
etag: "213dd-5ee3fdd8639e8"
accept-ranges: bytes
content-length: 136157
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/il794xn-6452.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/il794xn-6452.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/il794xn-6452.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 14:06:11 GMT
etag: "17e8e-5ee6023f8df28"
accept-ranges: bytes
content-length: 97934
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/380x380x1/upload/baiviet/pexelssaystraight27359818464-3365.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/380x380x1/upload/baiviet/pexelssaystraight27359818464-3365.jpg
IP 112.213.86.143:0
GET /thumbs/380x380x1/upload/baiviet/pexelssaystraight27359818464-3365.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 01:34:41 GMT
etag: "16643-5ee55a4647498"
accept-ranges: bytes
content-length: 91715
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/4-7654.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/4-7654.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/4-7654.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 07:27:57 GMT
etag: "10775-5ee5a93c634c8"
accept-ranges: bytes
content-length: 67445
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/fb-copy-7483.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/fb-copy-7483.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/fb-copy-7483.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Fri, 25 Nov 2022 11:21:42 GMT
etag: "cb0a-5ee49b9e37848"
accept-ranges: bytes
content-length: 51978
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/r136667sa3-4735.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/r136667sa3-4735.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/r136667sa3-4735.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 08:21:12 GMT
etag: "12ba6-5ee5b523f73b0"
accept-ranges: bytes
content-length: 76710
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
helios.vn/thumbs/500x500x1/upload/baiviet/fb-copy-6-1617.jpg
112.213.86.143200 OK 0 B URL HTTP/2 helios.vn/thumbs/500x500x1/upload/baiviet/fb-copy-6-1617.jpg
IP 112.213.86.143:0
GET /thumbs/500x500x1/upload/baiviet/fb-copy-6-1617.jpg HTTP/1.1
Host: helios.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sun, 27 Nov 2022 10:46:44 GMT
etag: "1bd14-5ee717885ebd8"
accept-ranges: bytes
content-length: 113940
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2